Common cybersecurity incidents

Phishing refers to the use of fake websites or deceptive messages sent via email, SMS, direct messaging through social media networks, or QR codes. Phishing messages and sites are designed to appear as if they are from individuals or organisations you know. The aim of phishing is to gain confidential and personal information, such as passwords, identifying information or credit card details.

The term ‘malware’, short for ‘malicious software’, refers broadly to any use of code or programs to cause harm. Possible results of a malware attack include the theft of confidential information, transfer of funds or the secret installation of files on a computer.

Ransomware is a form of malware that typically encrypts a computer’s files or locks access to the system, then demands payment in the form of cash or cryptocurrency for restoration. Ransomware can infect the device when the user clicks a link or opens an attachment on a deceptive email, visits a malicious website, or downloads a useful-looking file from an untrusted source or file sharing platform.

Changing the content of a website without authorisation is known as website defacement or website vandalism.  It can involve making obvious changes, like leaving ‘graffiti’, or tampering with code with the aim of infecting others’ computers with malware.