Essential cybersecurity concepts for protecting yourself online
25 cards · security
Sign up to start studying this deck
| Front | Back |
|---|---|
| Phishing | Deceptive messages that trick you into revealing sensitive data Check the sender, hover over links, and go directly to the site; report suspicious messages. |
| Spear phishing | Targeted phishing tailored to a specific person or organization Uses personal details to appear legitimate; verify via a separate, trusted channel. |
| Smishing | Phishing attempts delivered via text messages Don’t tap links in unexpected texts; contact the company using a known number. |
| Vishing | Phishing attempts made over voice calls Hang up and call back using a verified number; never share one-time codes. |
| Social engineering | Manipulating people to bypass security and gain access Slow down, verify requests, and follow need-to-know when sharing information. |
| Malicious attachments | Files that deliver malware when opened Don’t open unexpected attachments; use a viewer or scanner before downloading. |
| Malicious links | URLs that lead to credential theft or malware Hover to preview, check the domain, and use bookmarks to reach important sites. |
| Virus | Malware that attaches to files and spreads when those files run Avoid untrusted downloads; keep antivirus and automatic updates enabled. |
| Worm | Self-replicating malware that spreads across networks automatically Patch systems promptly and use firewalls to block network-based spread. |
| Trojan | Malware disguised as legitimate software to execute harmful actions Download only from official stores; avoid cracked or pirated software. |
| Ransomware | Malware that encrypts files and demands payment to restore access Keep offline backups and patch quickly; be cautious with email attachments. |
| Spyware | Malware that secretly collects and transmits your data Review app permissions and run reputable security scans regularly. |
| Keylogger | Software or hardware that records keystrokes to steal secrets Use 2FA to limit impact and watch for unfamiliar logins or device behavior. |
| End-to-end encryption | Encryption where only sender and recipient can read messages Prefer E2EE apps for sensitive chats; verify security codes when possible. |
| Strong passwords | Long, unique secrets resistant to guessing and cracking Aim for 12+ characters; avoid personal info, common patterns, and sequences. |
| Passphrases | Multi-word passwords that are long and memorable Use three random words with separators; avoid quotes, lyrics, or reuse. |
| Password reuse | Using the same password across sites increases breach risk One leak can unlock many accounts; make every password unique. |
| Password manager | Software that creates and stores unique passwords securely Protect it with a strong master passphrase and enable 2FA for the vault. |
| Two-factor authentication | Login requires a password plus a second independent factor Turn on 2FA everywhere; it blocks most automated and credential-stuffing attacks. |
| Authenticator apps | App-generated one-time codes used as a second factor Prefer an authenticator app or security key over SMS for stronger security. |
| Backup codes | One-time recovery codes to access accounts when 2FA isn't available Store offline in a safe place; never keep them in email or cloud notes. |
| Account recovery | Verified methods to regain access if you’re locked out Add a recovery email and phone; keep them current and protect them with 2FA. |
| HTTPS | Encrypted HTTP that secures data in transit on the web Look for https:// and the padlock; avoid entering data on insecure pages. |
| VPN | Encrypted tunnel that protects your traffic on untrusted networks Use a reputable VPN on public Wi‑Fi; it doesn’t make you anonymous online. |
| Public Wi‑Fi | Shared networks that attackers can monitor or spoof Avoid sensitive logins; use HTTPS and a VPN; prefer a personal hotspot when possible. |