Fraud, espionage, and hacktivism terms

A threat actor is an organization or an individual with malicious intent who wants to take advantage of weaknesses in a computer system to access data, devices, systems, and networks without users’ consent.

Software piracy is using, distributing, or reproducing computer software without respecting copyright laws or license restrictions.

Softlifting is the act of installing or sharing a legally obtained copy of software in a way that goes against its license agreement.

Second party fraud refers to a type of fraud where the perpetrator has a pre-existing relationship with the target or is an insider in an organization with legitimate access to the systems and accounts, but they misuse that access for malicious purposes such as enriching themselves.

Script kiddie refers to amateur hackers who use existing software for malicious purposes.

RedHack is a computer hacker group from Turkey founded in 1997.

A red hat hacker is a hacker who acts as a digital activist or a vigilante and uses their hacking knowledge to convey a message.

An initial fraud alert can be described as a measure used to protect individual users from potential fraud and identity theft.

Initial access brokers (IABs) are individuals or groups who specialize in breaking into business networks.

Hacktivism refers to hacking into a system for political or social purposes, such as human rights, free speech, and freedom of information.

A green hat hacker is a hacker who is focused on learning and developing their skills.

A grey hat hacker is hacker who falls somewhere between black and white hackers.

Fraud as a Service is a business model where people sell services to cybercriminals.

A false flag is a cyberattack tactic where attackers try to pin the blame on someone else.

Exploit-as-a-service (EaaS) refers to a model where cyber attackers provide ready-to-use exploits or hacking tools as a service such as zero-day vulnerabilities.

Enterprise Fraud Management (EFM) is a system for detecting and preventing fraud to protect an organization's assets, customers, and reputation.

Electronic intelligence (ELINT) refers to collecting and analyzing electronic signals from radar systems and communication networks.

Digital piracy refers to the illegal act of copying, distributing, or using digital content without authorization or payment.

A cyberwarrior refers to an individual who participates in cyberwarfare, motivated either by personal, patriotic, or religious reasons.

Cyberterrorism refers to the use of computer technology to attack and terrorize people, companies, and countries.

Cyberlibel is the act of spreading false information about another person, group, or organization through a computer network.

A cybercriminal is an individual who commits cybercrimes — criminal acts that involve information technologies (IT) either as a means or as a target.

Cyber vigilantism refers to the actions of individuals or groups to combat and expose perceived online wrongdoing or cybercrimes outside the traditional legal system.

Cyber privateering refers to cyber attacks that involve state-sponsored cyber operations carried out by non-state actors.

Cyber operations encompass a range of actions executed within the digital realm to safeguard, secure, or target computer networks, systems, or information.

Cyber harassment is a tactic used to repeatedly offend, annoy, attack, threaten, or verbally abuse a victim using digital means with the intention to cause distress and harm.

Cyber espionage is the practice of using digital means to access and obtain secrets and information without authorization.

A cracker is a person who breaks into computer systems, often with malicious intent.

Code monkey is a slang term for a programmer or developer who is seen as someone who writes code quickly and without much thought or creativity.

Clicktivism is using social media and the internet in general to advocate for social causes.

Clean fraud, also called “friendly fraud,” happens when someone buys something with their real credit card, then says they didn't buy it to get the money back.

Card purchase authorization is a security process during which a card-issuing bank approves or declines a transaction initiated by the cardholder.

A blue hat hacker is someone from a sub-group of white hat hackers who are hired externally by companies to perform penetration testing and sniff out bugs and vulnerabilities before a big launch.

A black hat hacker is someone who uses their hacking knowledge to perform illegal or criminal activities.

Online auction fraud is any type of fraud that takes place on online marketplaces or auction sites.

An anti-fraud system is a system to find, prevent, and deal with fraud.

In cybersecurity, adversary group naming is the practice of assigning specific names (or labels) to organized groups of cybercriminals or malicious hackers.

Abandonware is software that has been abandoned by its copyright holders, typically because the latter ceased to exist or shifted their focus to other titles.