Antivirus jargon buster: online security terms explained from A-Z

Confused by some of the most-used terms used in the antivirus world? There are certainly some odd sounding abbreviations or bits of jargon which can prompt a bout of head-scratching.

In this article, we’re going to highlight some of the most common offenders, giving you clear and concise definitions of these terms. On with the jargon busting…


OK, so you probably don’t need this one explaining. Consider it an easy start to this jargon buster!

It’s software that you install on to your computer or phone to prevent cyber attacks from stealing your data or infecting your hardware. It can vary from very basic free virus prevention software and malware detection, to all-singing all-dancing internet security suites that pack every defence you can imagine but cost a little bit more.


An army of hacked computers (each device being known as a ‘bot’) which can be controlled to act in unison for malicious ends, such as spamming other PCs or engaging in a DDoS attack (as defined below).


This is the name for the process of malware hijacking your PC and using its system resources to engage in mining cryptocurrencies (like Bitcoin) for the eventual profit of the author. This kind of attack can slow down your PC considerably.


Stands for Distributed Denial of Service, and refers to the practice of bombarding a target network using multiple devices (sometimes via a large botnet), flooding the target so it’s overwhelmed. In this way, malicious actors can take down websites or services so that you won’t be able to use them while the DDoS attack persists – and where DDoS protection becomes so useful.

READ MORE  Follow-up to WannaCry malware shaping up to be a real tear-jerker

False positive

When an antivirus app flags up something as malicious, and it turns out that the file (or web page, or whatever) in question is actually legitimate, and not dangerous at all, this event is referred to as a false positive, or in other words a false detection.


The process of detecting malware simply based on its behavior (as opposed to the antivirus engine recognizing a threat based on existing definitions). By looking for software or processes behaving suspiciously, in a similar way to already known malware, an antivirus can detect and negate a threat which it hasn’t seen before (such as a zero-day – see the separate definition below).

Malware can record what you type

(Image credit: Pixabay)


Although these can be legitimate (albeit niche) programs, in the antivirus world, they are malware which stealthily logs your keypresses, or in other words, spies on you and records everything you type, in an effort to discover sensitive details like your login credentials.


A contraction of ‘malicious’ and ‘software’, malware refers to any kind of software which is specifically designed to do bad things to your device or otherwise compromise your security or data.


Phishing is the act of baiting a user to click on a link or attachment in a message (usually an email) to compromise them in some way, often with a malware infection. The message in question usually looks like it comes from a reputable authority or company, to try and trick the user into being more likely to believe it because the content seems genuine.

READ MORE  Macs and malware: how real is the threat?


Slang for ‘owned’ (with its alleged origins in a mis-typing), meaning that you’ve fallen victim to an exploit or been compromised in some way. In other words, you have been ‘pwned’, and it’s such a common term online these days that a famous hacking contest, Pwn2Own, is built around ‘pwning’ systems and software.

Ransomware is one of the nastiest types of malware

(Image credit: Shutterstock)


This is malware which stealthily encrypts your files, effectively locking them away from you, and demands a payment for the digital key to unlock them. Even if you pay the ransom – usually in Bitcoin online – there’s no guarantee that the perpetrator will actually decrypt your data, so better to play things safe with antivirus software that includes ransomware protection.


Named after the Trojan horse, this simply refers to the practice of creating a piece of software which looks like a legitimate app, but really it’s a carrier for malware. When you run the application, you’ll be infected.


Antivirus apps themselves are named because they defend against viruses, which is one type of malware – but not the only type (and of course antivirus applications these days protect you from a broad range of malware).

A virus is placed into a file by its author, and when that file is run, it infects the system (potentially doing all manner of nasty things). It usually operates stealthily, in the background, and is designed to spread to other files on your system – the hope of the author being that if those files are subsequently transferred to another user, the virus will compromise them too. And it’ll continue to spread, just like a real-world virus.

READ MORE  Sophisticated malware could target your smart home in 2019


An abbreviation for ‘virtual private network’, VPNs consist of secure, encrypted tunnels via which all the data you receive and send online travel. The providers use their own servers based in different countries, meaning they can also serve a second function as a way to ‘geo-spoof’ your IP address. They often come included in more substantial internet security suites.

VPN stands for virtual private network

(Image credit: Shutterstock)

White hat hacker

An ethical hacker who attempts to compromise systems and find exploits with the intention of informing developers of any security flaws, allowing them to be fixed before malicious hackers can leverage them to nefarious ends. White hat hackers can sometimes be handsomely rewarded with bounties for discovering vulnerabilities that could otherwise have wreaked havoc on a company’s reputation.


A worm spreads itself in the same way a virus does (as we explain in the definition above), but it’s even more of a worry as it automatically propagates. In other words, the user doesn’t need to click on or run a file to be infected. Wannacry is a famous example of a supremely dangerous worm in action.


A zero-day (or 0-day) refers to a vulnerability which has freshly arrived on the scene. It’s dangerous because its existence has only just been uncovered, and therefore it hasn’t been patched against. The rush is then on to defend against the threat as quickly as possible, before attackers concoct exploits for the zero-day (which an antivirus could struggle to detect, because the threat is new and not seen before – although a good antivirus will hopefully detect it simply based on its suspicious behavior).

      Select your currency
      Register New Account