Do you have feedback on the definitions or the terms? Send us an email to: firstname.lastname@example.org
Any software that, when installed, performs unwanted or malicious activity, often for the benefit of a third party. Adware, spyware, and viruses are some well-known forms of malware.
A scheme in which cyberattackers conceal malicious software files (malware) on a website to infect computers that visit the site. Often, the attackers place these files on legitimate websites without the site owner’s knowledge. When victims click a link that leads to the malicious software files, their computers are infected. In some cases, attackers distribute links to the malicious files through spam, adware, or mobile in-app advertising. In other cases, they rely on the site’s popularity to attract victims.
Any attack in which the attacker secretly interposes software or a computer system to intercept, capture, alter, or replay messages between two parties. Attackers use MITM attacks to capture information that one party transmits to another. Installing malware to record a computer user’s keystrokes is one form of MITM attack. In more elaborate schemes, an attacker impersonates one or both parties in an email exchange. During the email exchange, the attacker aims to dupe one of the parties into divulging sensitive information or authorizing a financial transaction.
Any subcontracting arrangement that relates to one or more of the critical functions identified in the Registry Agreement for generic top-level domains. A subcontractor that participates in an MSA is often referred to as a back-end service provider or a registry service provider.
An association of global stakeholders that work cooperatively to target abusive messaging, malware, and other new forms of online abuse. The M3AAWG publishes best practices and provides training and educational materials on fighting abuse. Its membership includes Internet service providers, telecom companies, email service providers, and social networking companies.