| Term |
Description |
Example (if provided) |
| AFSL (Australian Financial Services Licence) |
A mandatory authorization for entities offering financial services in Australia. The license number serves as a verification tool in the ASIC Register. |
|
| ASIC (Australian Securities and Investments Commission) |
An autonomous Australian government entity established under the ASIC Act 2001, tasked with safeguarding Australian consumers against financial fraud. |
|
| ASIC Register |
A comprehensive database of all legitimate businesses registered with ASIC in Australia. The register is accessible for public search here. |
|
| Account takeover |
The illicit acquisition and control of a user's digital account, typically achieved through stolen login credentials or exploited authentication vulnerabilities. Once in control, malicious actors can exploit the account for various nefarious purposes, including financial fraud and data theft. |
A cybercriminal uses a sophisticated phishing email to acquire an employee's corporate credentials, then utilizes the account to distribute fraudulent invoices to the company's clientele, redirecting payments to their own bank account. |
| Advance Fee Fraud |
A deceptive scheme where victims are manipulated into making upfront payments for non-existent goods or services. This form of fraud, also known as Authorized Push Payment (APP) fraud, often involves elaborate stories or false promises to lure victims into transferring money. |
|
| Android Malware Command & Control Panel |
A sophisticated web-based control center employed by cybercriminals to orchestrate and manage a network of compromised Android devices. This centralized hub facilitates the transmission of malicious commands and the extraction of stolen data from infected mobile devices. |
A cybercrime syndicate utilizes an advanced control panel to covertly initiate cryptocurrency mining operations on a vast network of infected Android smartphones, exploiting their processing power for illicit financial gain. |
| Backdoor Web Shell |
A clandestine access point implanted by hackers on a compromised system, enabling repeated unauthorized entry even after the original security vulnerability has been addressed. It's analogous to possessing an invisible key to a secured building. |
A skilled hacker strategically embeds a discreet script within a website's infrastructure, allowing for persistent remote command execution capabilities that remain undetected long after the initial security breach has been identified and supposedly remediated. |
| Backtrace |
A detailed log of files and line numbers, specifically documenting the sequence of function calls that culminate in a particular computational context, such as the generation of a specific element or event. |
|
| Banking Command & Control Panel |
A sophisticated online interface utilized by cybercriminals to gather and manage stolen banking credentials harvested from computers infected with specialized financial malware. |
|
| Base 64 |
An encoding technique that transforms binary data into a sequence of text characters, enabling its seamless integration within email message bodies. This method is frequently employed to embed attachments or to obscure message content from less advanced anti-spam systems, as decoding is necessary to reveal the actual content. |
A cleverly disguised email attachment employs Base 64 encoding to masquerade as innocuous text, successfully evading rudimentary spam detection mechanisms before revealing its true, potentially malicious nature upon decoding. |
| Binary |
A computer-executable file format containing machine code instructions that can be directly processed and run by a computer's hardware. |
|
| Brand infringement |
The unauthorized and deceptive use of a company's brand identity, logo, or intellectual property without permission. This illicit practice is prevalent on websites and social media platforms, where fraudsters create convincing imitations or impersonations of legitimate brands to deceive unsuspecting users. |
|
| Brute-force Attack |
A relentless hacking method where attackers systematically attempt every possible password combination to gain unauthorized system access. These attacks often target website login portals and remote access services, potentially serving as entry points for more severe threats like ransomware infections. |
|
| Business email compromise |
A highly sophisticated form of cybercrime where attackers meticulously impersonate high-ranking executives or trusted business partners. The goal is to manipulate employees into divulging sensitive information or authorizing fraudulent financial transactions, often resulting in substantial monetary losses for the targeted organizations. |
|
| CFD (Contract for Difference) |
A complex and high-risk financial instrument that allows traders to speculate on price movements without owning the underlying asset. Due to its potential for significant losses, CFD trading is prohibited in certain jurisdictions, including the United States. |
|
| CFTC (Commodity Futures Trading Commission) |
An independent regulatory agency of the United States government, charged with overseeing and enforcing regulations in the country's derivatives markets, including futures, options, and swaps. |
|
| Citrix Gateway |
A comprehensive remote access solution deployed by organizations to provide secure and controlled access to internal applications, data resources, and services for remote users and branch offices. |
|
| Code Repository |
A centralized digital storage system where source code for software projects is archived, managed, and version-controlled in a structured and organized manner, facilitating collaborative development and code management. |
|
| Code repository sensitive data leak |
The unintended exposure of confidential information, such as proprietary source code, API keys, or user credentials, resulting from misconfigured or compromised code repositories. This type of breach can have severe security implications for affected organizations. |
|
| Command & Control Panel |
A sophisticated online interface serving as the nerve center for cybercriminals to orchestrate and manage various malicious activities. These panels are used to issue commands to compromised devices, coordinate cyberattacks, and harvest stolen data from infected systems across a network. |
|
| Companies House |
The official registrar and regulator of companies in the United Kingdom, responsible for incorporating and dissolving limited companies, as well as maintaining and making company information available to the public. They provide a user-friendly tool for searching the public register: https://find-and-update.company-information.service.gov.uk/ |
|
| Company Number |
A unique identifier assigned to each company registered with Companies House in the United Kingdom. This number serves as a key reference for official documentation and public record searches related to the registered entity. |
|
| Compromised Site |
A website that has been successfully infiltrated by an unauthorized party, granting the attacker the ability to modify, manipulate, or exploit the site's code, content, or functionality for malicious purposes. |
|
| Content-type |
An HTTP header field that specifies the media type of the resource being sent to the recipient. It informs the client about the nature and format of the document, allowing for proper interpretation and rendering. |
text/html, text/javascript, application/octet-stream |
| Conversational scams |
Sophisticated cyber threats where criminals engage in seemingly genuine interactions with potential victims, often through SMS or instant messaging platforms. The goal is to manipulate targets into participating in fraudulent activities, such as unauthorized push payments or other forms of financial fraud. |
|
| Credential Command & Control Panel |
A specialized online interface employed by cybercriminals to collect, manage, and exploit stolen login credentials harvested from computers infected with credential-stealing malware. |
|
| Cryptocurrency |
A form of digital or virtual currency that uses advanced cryptographic techniques to secure financial transactions, control the creation of additional units, and verify the transfer of assets. Unlike traditional currencies, cryptocurrencies operate on decentralized networks based on blockchain technology. |
Bitcoin, Litecoin, Monero |
| Cryptocurrency Investment Scam |
Fraudulent schemes that exploit the complexity and novelty of cryptocurrencies to deceive investors. These scams often involve fake websites impersonating reputable brands or celebrities, promoting high-yield investment opportunities or fictitious cryptocurrency projects. They typically promise unrealistic returns but fail to deliver on their commitments, resulting in financial losses for victims. |
|
| Dark web and dark markets |
Concealed sections of the internet that are not indexed by conventional search engines and require specialized software, such as Tor, for access. The dark web is often associated with illicit activities, including the operation of dark markets where illegal goods and services are traded anonymously. |
Silk Road |
| Deceptive domain |
A domain name strategically registered and utilized with the intent to mislead or deceive users. These domains often closely mimic legitimate websites or well-known brands, serving as a foundation for various fraudulent activities, including phishing attacks and brand impersonation. |
|
| Defaced website |
A website that has been maliciously altered or vandalized without authorization, typically by hackers. The extent of defacement can range from subtle modifications to complete replacement of the site's content with unauthorized messages, images, or propaganda. |
|
| Denial of service attack |
A cyber assault that aims to render a system, service, or network unavailable to legitimate users by overwhelming it with a flood of illegitimate requests or traffic. The primary objective is to disrupt the normal functioning and accessibility of the targeted resource. |
|
| Diff |
A comparative analysis that highlights the differences between two versions of a file or set of data, often used in software development to track changes in code over time. |
> eval(decodeURIComponent('...')); |
| DMARC |
Domain-based Message Authentication, Reporting, and Conformance (DMARC) is an email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. It builds on the widely deployed SPF and DKIM protocols to improve and monitor protection of the domain from fraudulent email. |
|
| Domain |
A unique, human-readable identifier registered within the Domain Name System (DNS) that represents an Internet Protocol (IP) resource, such as a website. Domains serve as easy-to-remember addresses for accessing online resources. |
antiphish.org, example.com |
| Domain monitoring |
The practice of continuously tracking and analyzing domain name registrations, modifications, and associated activities to detect potential security threats, brand infringement, or other malicious uses of domain names that may impact an organization or its customers. |
|
| Domain slamming |
An unethical practice employed by some domain registrars involving the sending of misleading or deceptive communications to domain owners. These messages are designed to trick domain holders into unknowingly transferring their domain registrations to another registrar, often under false pretenses of renewal or security updates. |
|
| Donation fraud |
A deceptive scheme that exploits people's generosity by falsely claiming to collect donations for charitable causes or disaster relief efforts. In reality, the funds collected never reach the intended recipients and are instead pocketed by the fraudsters. |
|
| Dropsite |
A seemingly innocuous webpage that serves as a collection point for sensitive information obtained through phishing attacks or malware infections. These sites are designed to appear harmless while secretly harvesting victims' credentials and other valuable data. |
|
| E-Commerce Platform |
A comprehensive software solution designed to facilitate the creation, management, and operation of online retail stores. These platforms typically offer a range of features including inventory management, payment processing, and customer relationship tools. |
Magento, OpenCart |
| Evil JavaScript |
Malicious JavaScript code surreptitiously embedded within web pages or applications. This code is crafted to exploit vulnerabilities, steal sensitive information, or perform unauthorized actions on users' devices, often without their knowledge or consent. |
|
| FCA (Financial Conduct Authority) |
The primary financial regulatory body in the United Kingdom, established by the Financial Services Act 2012. The FCA is empowered to regulate financial firms providing services to consumers and maintain the integrity of the UK's financial markets. |
|
| FDIC (Federal Deposit Insurance Corporation) |
An independent agency of the United States government that provides deposit insurance to depositors in U.S. commercial banks and savings institutions. The FDIC was created in 1933 in response to the thousands of bank failures that occurred in the 1920s and early 1930s. |
|
| FDIC BankFind |
An online service provided by the FDIC that allows users to search for FDIC-insured banking institutions by name, FDIC certificate number, or website URL. This tool helps consumers verify the legitimacy and insurance status of financial institutions. The service can be accessed at: https://banks.data.fdic.gov/bankfind-suite/bankfind |
|
| Fake Bank |
A fraudulent entity that masquerades as a legitimate financial institution to deceive consumers. These fake banks often create convincing websites by copying content and details from genuine banks, aiming to trick users into divulging sensitive financial information or making deposits into non-existent accounts. |
|
| Fake Investment Platform |
A deceptive online platform that presents itself as a legitimate investment service to defraud unsuspecting individuals. These platforms typically offer fictitious investment products with unrealistically high returns, ultimately aiming to steal money from their victims. |
|
| Fake Pharmacy |
Fraudulent websites that pose as legitimate online pharmacies, often offering prescription medications at significantly reduced prices. These sites typically operate illegally, selling counterfeit or substandard drugs, and may steal customers' personal and financial information. |
|
| Fake Shop |
A fraudulent e-commerce website that purports to sell heavily discounted goods. These shops allow victims to enter their credit card details and typically charge them for purchases, but either send counterfeit goods or nothing at all, while potentially also stealing the victim's financial information. |
|
| Fake bond comparison site |
Deceptive websites that claim to offer objective comparisons of various bond investment options. In reality, these sites are designed to mislead users and promote fraudulent or non-existent investment opportunities, often targeting individuals seeking reliable financial information. |
|
| Fake mobile app |
Malicious or counterfeit mobile applications designed to mimic legitimate apps, deceiving users into installing them. These fake apps often contain malware, adware, or other malicious code that can compromise the user's device security and personal information. |
|
| Financial Services Register |
A comprehensive database maintained by the Financial Conduct Authority (FCA) in the UK, listing all firms, individuals, and other bodies that are regulated by the FCA. This register serves as a crucial tool for consumers to verify the legitimacy of financial service providers. It can be accessed at https://register.fca.org.uk/s/. |
|
| Firm Reference Number |
A unique identifier assigned by the Financial Conduct Authority (FCA) to each firm registered and authorized to provide financial services in the UK. This number can be used to look up detailed information about the firm in the Financial Services Register, helping consumers verify the legitimacy of financial service providers. |
|
| Forex (Foreign currency) |
The practice of trading one currency for another as a form of investment or speculation. While forex trading can be legitimate, the CFTC warns that the forex market is highly volatile and carries substantial risks, particularly for inexperienced traders. |
|
| Function call |
In programming, particularly JavaScript, a function call is the invocation or execution of a predefined set of instructions. It allows for the reuse of code and the performance of specific tasks within a program. |
document.write('Hello, world');
|
| GDPR |
The General Data Protection Regulation (GDPR) is a comprehensive data protection law in the EU that came into effect in 2018. It establishes strict guidelines for the collection, processing, and storage of personal data, granting individuals greater control over their information and imposing significant penalties for non-compliance. |
|
| HTML (Hyper-Text Markup Language) |
The standard markup language used for creating web pages and web applications. HTML provides a structure for content that can be interpreted by both humans and machines, defining the layout and formatting of information presented on the World Wide Web. |
|
| HTTP (Hyper-Text Transfer Protocol) |
The foundational protocol of the World Wide Web, designed to facilitate communication between web browsers and servers. HTTP defines a set of request methods that specify desired actions to be performed on identified resources. |
|
| Header |
In the context of email messages or HTTP responses, headers are supplementary metadata that provide additional information about the content of the document or the nature of the communication. |
Subject: Hello World |
| Health product scams |
Fraudulent schemes that exploit people's health concerns by promoting and selling ineffective or potentially harmful health products, treatments, or supplements. These scams often make false promises of miraculous cures or rapid results to deceive consumers and profit from their vulnerabilities. |
|
| Hosting provider |
A business that provides the technologies and services needed for websites or web applications to be viewed on the Internet. They offer server space, web services, and maintenance for clients ranging from individuals to large corporations. |
|
| ICO (Information Commissioner's Office) |
The UK's independent authority established to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO is responsible for enforcing various data protection laws, including GDPR in the UK. |
|
| IP Address |
A unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: identifying the host or network interface, and providing the location of the device in the network. |
198.51.100.0 |
| ISP (Internet Service Provider) |
A company that provides Internet access to subscribers, along with related services such as web hosting, email, and domain registration. ISPs act as the gateway between end-users and the global Internet infrastructure. |
|
| Invalid/Banned Site Key |
A site key that has either been incorrectly configured or has been revoked by the service provider due to violations of their Terms of Service. An invalid or banned key no longer provides the intended benefits or access to the associated service. |
|
| JavaScript |
A high-level, interpreted programming language that conforms to the ECMAScript specification. JavaScript is primarily used to create interactive effects within web browsers, allowing for dynamic content updates, animated graphics, and complex user interactions. |
let num = 10;
num -= 5;
window.location.href = 'https://www.antiphish.org/';
setTimeout("run()", 1000);
while (num > 0) num--;
|
| Mailer Web Shell |
A sophisticated type of web shell designed specifically for launching large-scale phishing campaigns. These malicious tools are covertly installed on compromised systems and provide attackers with a web-based interface to orchestrate mass email distributions, often targeting specific groups with tailored phishing content. |
|
| Malicious JavaScript |
JavaScript code embedded within a website with the intent to cause harm or unauthorized actions. This can range from data theft and system manipulation to more complex attacks like cross-site scripting (XSS). |
|
| Malicious email address |
An email address created or used by cybercriminals for nefarious purposes such as distributing spam, phishing emails, or malware-laden attachments. These addresses are often disposable and difficult to trace, making them ideal tools for cyberattacks. |
|
| Malware |
Short for 'malicious software,' malware refers to any program or file that is intentionally designed to cause damage to a computer, server, client, or computer network. Malware can take various forms, including viruses, trojans, spyware, and ransomware. |
|
| Message-ID (Email Header) |
A unique identifier automatically generated by the email sender's system for each email message. This ID helps in tracking and referencing specific emails within mail systems and can be crucial in forensic analysis of email-based threats. |
Message-ID: [email protected] |
| Method |
In the context of HTTP, a method is a command sent by the client to indicate the desired action to be performed on the identified resource. Common HTTP methods include GET, POST, PUT, and DELETE. |
GET, HEAD, POST |
| Microsoft Exchange Server |
A robust email server and calendaring system developed by Microsoft for Windows Server operating systems. It provides businesses with a platform for managing email, calendars, contacts, and other collaboration tools. |
|
| Mining |
In the context of cryptocurrencies, mining refers to the computationally intensive process of validating and recording transactions on the blockchain. Miners use powerful hardware to solve complex mathematical problems, securing the network and potentially earning cryptocurrency rewards. |
|
| Mule recruitment |
The practice of luring individuals, often through seemingly legitimate job offers or online advertisements, to act as intermediaries in money laundering schemes. These 'mules' unknowingly assist criminals in transferring illegally obtained funds, often across international borders. |
|
| National CERT (Computer Emergency Response Team) |
A government-designated organization responsible for coordinating cybersecurity efforts at a national level. These teams are tasked with responding to major cyber incidents, providing technical advice, and enhancing the overall cybersecurity posture of the country. |
|
| Netblock |
A contiguous range of IP addresses under the ownership or management of a specific entity, such as an Internet Service Provider or a large organization. Netblocks are used to efficiently allocate and manage IP address space. |
|
| Online Shop |
A digital platform that facilitates the buying and selling of goods or services over the internet. These virtual storefronts are typically powered by e-commerce software and offer features like product catalogs, shopping carts, and secure payment processing. |
|
| PCAP file |
Short for Packet Capture, a PCAP file contains data intercepted from a network, capturing the contents of each packet as well as metadata about the transmission. These files are crucial for network analysis and cybersecurity investigations. |
|
| Package Scam |
A deceptive scheme where fraudsters inform victims of a fictitious package awaiting delivery, often requesting personal information or payment of fake fees to 'release' the non-existent package. These scams may also involve signing up victims for unwanted subscription services. |
|
| Phishing |
A cybercrime tactic using deceptive communications, typically emails or websites, to trick individuals into revealing sensitive information such as login credentials or financial details. Phishing attempts often mimic trusted entities to exploit the victim's trust. |
|
| Phishing Command & Control Panel |
A centralized interface used by cybercriminals to manage and coordinate phishing campaigns. These panels typically allow attackers to create and distribute phishing emails, collect stolen information, and monitor the success rates of their operations. |
|
| Plugin |
A software component that adds specific features or functionality to an existing computer program. In the context of web applications, plugins often extend the capabilities of content management systems or e-commerce platforms. |
Disqus Comment System |
| Port |
In network communications, a port is a virtual endpoint for data transmission. It's represented by a numerical value and helps distinguish different services or processes running on the same device. |
80 |
| Processing Power |
The computational capacity of a computer system, representing its ability to execute instructions and perform calculations. In cybersecurity contexts, high processing power can be exploited for malicious purposes such as cryptojacking. |
|
| Protected Web Shell |
An advanced form of web shell that incorporates authentication mechanisms or obfuscation techniques to restrict access to the attacker who deployed it. These protective measures make the web shell more difficult to detect and remove. |
|
| Proxy |
An intermediary server that acts as a gateway between a client and other servers. Proxies can serve various purposes, including enhancing privacy, bypassing geo-restrictions, or caching content to improve performance. |
|
| RAT Command & Control Panel |
A sophisticated interface used by attackers to manage and control computers infected with Remote Access Trojans (RATs). These panels allow cybercriminals to issue commands, exfiltrate data, and monitor the activities of compromised systems. |
|
| RDP (Remote Desktop Protocol) |
A proprietary protocol developed by Microsoft that provides users with a graphical interface to connect to another computer over a network connection. While RDP is a legitimate tool for remote system administration, it can also be exploited by attackers if not properly secured. |
|
| Received (Email Header) |
A series of timestamp entries in an email's metadata, added by each server that handles the message as it travels from the sender to the recipient. These headers can be valuable for tracing the path of an email and identifying potential security issues. |
|
| Registrar |
An organization accredited by ICANN to process domain name registrations. Registrars serve as the primary point of contact for domain owners, managing various aspects of domain administration including renewals and transfers. |
GoDaddy.com, LLC |
| Registry |
In the context of domain names, a registry is an organization that maintains the central database for a particular Top-Level Domain (TLD). Registries coordinate with registrars to ensure the proper functioning of the domain name system. |
VeriSign, Inc. |
| Reply-To (Email Header) |
An optional email header field that specifies the address to which replies should be sent. This can be different from the 'From' address and is sometimes exploited in phishing attempts to misdirect responses. |
Reply-To: [email protected] |
| Resource |
In web development, a resource refers to any content that can be accessed via an HTTP request. This includes static files, dynamically generated content, or even abstract services provided by a web server. |
|
| Romance Scam |
A form of social engineering where scammers create fake online identities to form romantic relationships with victims. The ultimate goal is to exploit the emotional connection for financial gain, often through requests for money or personal information. |
|
| SSL/TLS Certificate |
A digital certificate that authenticates a website's identity and enables an encrypted connection. SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security) are cryptographic protocols designed to secure communications over computer networks. |
|
| Script Tag |
An HTML element used to embed or reference executable code, typically JavaScript, within a web page. While essential for dynamic web functionality, script tags can also be exploited to inject malicious code into otherwise benign websites. |
<script src='https://www.example.com/example.js'>
|
| Secure Shell |
Commonly known as SSH, it's a cryptographic network protocol that allows users to securely access and manage network devices and servers over an unsecured network. SSH provides a secure channel for data communication and remote command execution. |
|
| Sensitive Information |
Data that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization. This may include personally identifiable information, financial data, or proprietary business information. |
|
| Sextortion |
A form of online blackmail where criminals threaten to expose alleged intimate or compromising information about a victim unless a payment (often in cryptocurrency) is made. These scams exploit fear and embarrassment to coerce victims. |
|
| Shopping site skimmers |
Malicious code injected into legitimate e-commerce websites to capture customers' payment information during the checkout process. These skimmers secretly transmit stolen credit card details to attackers while the transaction appears normal to the victim. |
|
| Site Key |
A unique identifier associated with a specific service or account, often used in the context of cryptocurrency mining scripts or other web-based services. Site keys determine where the proceeds from activities like mining should be directed. |
var miner = new CoinHive.Anonymous('kspjB6LN9rONRIDWWpBpqtzW2qi9zpSJ');
|
| Smishing |
A form of phishing attack conducted via SMS text messages. Smishing attempts often contain malicious links or try to trick recipients into providing sensitive information through text message responses. |
|
| Software Packages |
Bundled collections of software components or applications distributed together for easy installation and use. In cybersecurity contexts, it's important to ensure that software packages are obtained from trusted sources to avoid potential security risks. |
Wordpress |
| Status |
In HTTP communications, the status code is a three-digit number sent by a server in response to a client's request. These codes provide information about the outcome of the request, such as success, redirection, or various error conditions. |
200 (OK), 301 (Moved Permanently), 403 (Forbidden), 404 (Not Found) |
| Stolen Credentials |
Authentication information, such as usernames, passwords, or other access tokens, that have been illicitly obtained by cybercriminals. These stolen credentials can be used to gain unauthorized access to accounts, systems, or sensitive information. |
|
| Support Scam |
Fraudulent schemes that deceive users by offering fake technical support services. These scams often involve impersonation of well-known technology companies and may use pop-up messages, fake websites, or unsolicited phone calls to trick victims. |
|
| Survey Scam |
Deceptive operations that lure victims with promises of exclusive rewards for completing simple surveys. In reality, these scams often lead to unwanted subscriptions or the theft of personal information, exploiting the allure of easy rewards. |
|
| TDS Command & Control Panel |
A sophisticated interface used by cybercriminals to manage and control Traffic Distribution Systems. These panels allow attackers to fine-tune the redirection of web traffic for malicious purposes, such as malware distribution or phishing campaigns. |
|
| Technical support scam |
Fraudulent schemes where criminals pose as technical support representatives, often from well-known companies. Using various tactics like pop-up alerts or cold calls, they try to convince victims that their devices have issues, aiming to gain remote access or extort money for fake services. |
|
| Traffic Distribution System |
A sophisticated web application used by cybercriminals to redirect unsuspecting users to different malicious destinations based on various criteria such as the user's operating system, browser type, or geographic location. These systems help attackers maximize the impact of their campaigns by targeting specific vulnerabilities. |
|
| URL (Uniform Resource Locator) |
A standardized address format used to locate and access resources on the internet. URLs typically include the protocol (e.g., http, https), domain name, and specific resource path, providing a unique identifier for web pages and other online content. |
https://www.antiphish.org/ |
| Unzipper Web Shell |
A type of malicious web shell designed to extract compressed files on an already compromised host. These tools allow attackers to unpack and deploy additional malware or stolen data on the target system. |
|
| Uploader Web Shell |
A variant of web shell specifically crafted to facilitate the upload of additional malicious payloads onto a compromised web server. These tools expand the attacker's capabilities on the infected system. |
|
| Web Shell |
A malicious script uploaded to a compromised web server that provides an attacker with a persistent backdoor to the server's file system. Web shells can be used for remote administration, file manipulation, and further system exploitation. |
|
| Web-inject malware |
Sophisticated malware that injects malicious code into web pages as they are rendered in a user's browser. This technique can be used to modify the content users see, potentially leading to the theft of sensitive information like login credentials or financial data. |
|
| Webmaster |
An individual or team responsible for maintaining and managing a website or web server. Webmasters handle tasks such as content updates, performance optimization, and security maintenance. |
|
| Website Defacement |
An attack where a malicious actor compromises a website and alters its visual appearance or content. Often used as a form of hacktivism or to spread propaganda, defacement can also indicate more severe security vulnerabilities in the targeted site. |
|
| Websocket Connection |
A communication protocol that enables full-duplex, real-time communication between a client (typically a web browser) and a server. Websockets maintain an open connection, allowing for efficient, low-latency data exchange. |
|
| Windows Event Viewer |
A component of Microsoft Windows that allows administrators and users to view the event logs on a local or remote machine. While a legitimate system tool, it's sometimes exploited in technical support scams to falsely indicate system problems. |
|
