Advanced evasion techniques

Symantec uses the term security risks to refer to a number of programs, such as adware, spyware, misleading applications, and other programs, that users may not want on their systems. These programs often use social engineering to trick users into downloading and installing them and employ a variety of advanced evasion techniques to resist detection and removal.

Authentication fraud

Phishing sites use “zombie” networks of hijacked computers to constantly shift their host address, evading blacklists of known phishing sites.


Bots are programs that are covertly installed on a targeted system, allowing an unauthorized user to remotely control the computer for a wide variety of purposes.


The software tools used in cybercrime are sometimes referred to as crimeware. Crimeware is software that is used to commit a criminal act. Like cybercrime, crimeware covers a wide range of malicious or potentially malicious software.


Any crime that is committed using a computer, network, or hardware device. The computer or device may be the agent of the crime, the facilitator of the crime, or the target of the crime.


A problem-solving technique that looks for malicious processes (e.g. worms, mass mailer viruses, Trojans, keyloggers, etc.) in real time.

Identity Theft

The act of stealing and assuming another person’s identity in order to commit fraud or other crimes.

Mutual authentication

A security method requiring both parties in a transaction to prove their identities. On the Web, this would require both the Web browser and Web server to prove their identities to one another, thus ensuring both the Web page and the page’s user are legitimate. Used on financial and commerce sites, mutual authentication can help prevent phishing and other kinds of fraud.

Online Fraud

Refers to any type of fraud that uses email, Web sites, chat rooms or message boards. These vehicles are used to present fraudulent solicitations to potential victims, to conduct fraudulent transactions or to transmit stolen money to financial institutions or to others connected with the crime.

Online Transaction Security

Refers to the security measures available to protect consumers at the time they are most vulnerable to criminals and hackers — when browsing, shopping, or banking online, and about to submit passwords, account numbers, or other confidential information.


An attempt to defraud Internet surfers by hijacking a Web site’s domain name, or URL, and redirecting users to an imposter Web site where fraudulent requests for information are made.


An attempt to mislead people into divulging confidential information, such as social security numbers and passwords. Typically uses legitimate looking email or instant messages in combination with imposter Web sites to make fraudulent requests for information (i.e., to go “fishing” for data).


A polymorphic virus can change its byte pattern when it replicates and is able to avoid detection from simple string-scanning antivirus techniques.


Rootkits are a system tool meant to hide legitimately running processes and applications from users. Attackers can exploit these tools to conceal their presence and actions on a system. Actions performed by a rootkit, such as installation and code execution, are done without end-user consent or knowledge. “User mode rootkits” intercept system calls. “Kernel mode rootkits” plant themselves at the deepest level of system memory and are the most robust method of system hooking—and the hardest to detect.


Software that collects information about your computer and how you use it and relays that information to someone else over the Internet. Spyware ordinarily runs in the background and, in some cases, installs itself on your computer without your knowledge or permission.


A virus is a program or code that replicates itself onto other files with which it comes in contact; that is, a virus can infect another program, boot sector, partition sector, or a document that supports macros by inserting itself or attaching itself to that medium. Most viruses only replicate, though many can do damage to a computer system or a user's data as well.


A (universal) vulnerability is a state in a computing system (or set of systems) that allows an attacker to execute commands as another user, access data that is contrary to the specified access restrictions for that data, pose as another entity, or conduct a denial of service attack.


A worm is a program that makes and facilitates the distribution of copies of itself, for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or by clicking on an infected email.