Jargon buster

0-10  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z


419 scam: A type of advance fee fraud, the victim is asked to help transfer money out of another country.


Account takeover: Happens when a fraudster poses as a genuine customer, gains control of an account and then makes unauthorised transactions.

Action Fraud: The UK's national fraud and internet crime reporting centre. 

Advance fee fraud: Any fraud that tricks victims into paying money up front on the false hope of receiving something significant later.

Adware: A type of software that often comes with free downloads. Some adware display ads on computers, while some monitor computer use (including websites visited) and display targeted ads based on user interests.

Application fraud: Fraudsters open an account using fake or stolen documents in someone else’s name.


Bank card fraud: Happens when criminals steal a victim’s cards and gain access to funds in their account. 

Boiler room: Fraudsters use hard sell tactics to persuade their victims to invest in worthless shares that are impossible to sell.

Bot: The name given to an individual computer in a larger botnet and which is more than likely a home PC running Windows. The name is an abbreviation of ‘robot’ to imply that it is under someone else's control.

Botnet (Robot network): A collection of otherwise unrelated PCs which have been infected by a virus and which are under the central control of criminals or hackers.

Browser: A programme that allows a user to find, view, hear, and interact with material on the internet.

Browser hijacker: A common spyware programme that changes a web browser's home page automatically, even if changed back.

Business directory fraud: When a business receives a form in the post, by email or fax, falsely appearing to offer a free listing in a business directory.

Business hijacking: A fraudster submits false documents to Companies House to change the registered address of a business and / or appoint ‘rogue’ directors. Goods and services are then purchased on credit, sometimes through a reactivated dormant supplier account, but are never paid for. 

Business impersonation: A fraudster impersonates a business (either a director or a key employee) to trick customers and suppliers into providing personal or sensitive information which is used to defraud the business.


Card-not-present fraud: The unauthorised use of a credit or debit card to purchase products or services in a non-face-to-face setting.

Chat room: The name given to a website or online service where people can type messages which are displayed almost instantly on the screens of others who are in the ‘chat room’.

Charity fraud: A fake charity is created or an existing charity is compromised to play on a victim’s sympathy by asking them to make a donation to a worthy cause.

Cheque fraud: Relates to any illegal use of cheques to acquire or borrow funds.

Cold callers: The process of approaching prospective victims - typically via telephone, email or a social network - who were not expecting such an interaction.

Companies House: The UK Registrar of Companies and is an Executive Agency of Her Majesty's Government, under the remit of the Department for Business, Innovation and Skills.

Computer hacking: When hackers break into computers and computer networks.

Cookies: A small text file that a website can place on a computer's hard drive to collect information about user activities on the site.

Corporate identity theft: The misappropriation of the identity of a business, without their knowledge or consent, usually in order to facilitate a fraud.

Counterfeiting: The fraudulent reproduction of original documents in a manner that allows the fraudster to pass them off as genuine / original items.

Courier scam: When fraudsters call and trick victims into handing their cards and PIN numbers to a courier on their own doorstep.

Cracking: Finding a password or PIN by trying many combinations of characters.

CryptoLocker ransomware: Targets all versions of Microsoft Windows. Once infected (usually by the victim opening an email attachment), CryptoLocker encrypts documents, photographs and spreadsheets then sends a ransom demand to decrypt the files.

Cybercrime: Criminal activity taking place through exploitation of electronic mechanisms.

Cyber security: Involves protecting information by preventing, detecting and responding to attacks.

Cyberspace: Used to distinguish the physical world from the digital or computer-based world.

Cyber stalking: Cyber stalking refers to an individual or a group tracking others online. Cyber stalking can cause the victim distress.


Data protection act (DPA): The Data Protection Act 1998 sets out the legal basis for handling, processing and protecting personal data in the UK.

Debit card fraud: Involves the compromise of any personal information from credit, debit or store cards.

Dial through fraud: Often achieved by dialling into a business’ internal telephone system and accessing their voicemail. They then set up a call divert to another number – usually an expensive, international destination. Also known as Phreaking.

Directory listing scam: A business receives a form offering free listing in a business directory. However, the small print states that by returning the form, the business is committing to an order and will pay for the ongoing entries in the directory.

Domain name: A website address, alternatively known as a URL.

Domain name scams: Fraudsters falsely offer businesses first refusal on a domain name, claiming someone else is just about to buy it.

Domain renewal notices: An invoice for the registration or renewal of a domain name is sent to a business. The domain name within the invoice may be similar to the business domain but with a different extension. The fraudster hopes the business does not notice the difference in domain name and pays the invoice.

Download: To obtain content from the internet, as an email attachment or from a remote computer, to your own hard drive.


E-commerce: Transactions that are conducted over an electronic network where the buyer and merchant are not at the same physical location e.g. plastic card transactions via the internet.

Email attachment: Files, such as documents or photographs, that are attached to an email.

Email filter: Software that scans incoming email for spam or viruses, or outgoing email for viruses – and filters it accordingly.

Employee fraud: Committed against the business a person is working for.

Encryption: The process of converting data into cipher text (a type of code) to prevent it from being understood by an unauthorised party.

.exe file (Executable file): Used by programmes to install and run on computers.


Facility takeover: Happens when a fraudster poses as a genuine customer, gains control of an account and then makes unauthorised transactions.

Filter: Software that screens information on the internet, classifies its content, and allows the user to block certain kinds of content.

Firewall: Hardware or software designed to prevent unauthorised access to a computer or network over the internet.

Fraud: A scam meant to cheat victims out of the fair settlement of an agreement by misleading and misrepresenting the facts, method or outcome, with no intent to fulfil the agreement.

Fraudster: A person who commits fraud, especially in business dealings.


Grooming: The process by which someone develops a relationship with someone else with illegal or immoral intent.


Hacker: A hacker is a person who violates computer security for malicious reasons or for personal gain.

Hacking: To gain unauthorised access to data in a system or computer.

Hoax: Something intended to deceive; deliberate trickery intended to gain an advantage.


Identity theft (Identity fraud): The crime of impersonating someone – by using their private information – for financial gain.

Insurance fraud: When false claims are made to insurance companies.

Intellectual property fraud: When fake goods are passed off as originals.

Invoice scams: Fraudsters send a fake invoice or bill to a business requesting payment for goods or services.


Junk: Unwanted post or email advertising material.



Lottery scams: Fraudsters contact a target and tell them they have won a large sum of money but the fraudsters need the targets personal details (used for identity theft) in order for the target to claim their winnings.


Malware (Malicious software): Software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

Mandate fraud: When someone convinces a business to change a direct debit, standing order or bank transfer mandate, by claiming to be an organisation they make regular payments to.

Mobile phone fraud: Involves a variety of scams that either persuade you to buy phone-related products / services that turn out to be non-existent; or to make phone calls or texts to premium services by accident; or to unknowingly sign up to expensive subscription services.

Money laundering: The "cleaning of money" with regard to appearances in law.



Office supply scams: Happen when telemarketers trick employees into ordering or paying for stationery.

Online profiling: Compiling information about consumers' preferences and interests by tracking their online movements and actions in order to create targeted advertisements.

Organised criminal network / group: A network or group engaged in continuing illegal activity whose primary purpose is financial gain. It can be national, regional or local in scale.


Pharming: Typing in a valid web address and being illegally redirected to a website that is not legitimate.

Phishing: To request confidential information over the internet under false pretences in order to fraudulently obtain credit card numbers, passwords, or other personal data.

Phreaking: The activity of a subculture of people who study, experiment with, hack into or exploit telephone systems, the equipment of telephone companies, and systems connected to public telephone networks to obtain communications services at no cost.

PIN entry devices: Fraudsters modify genuine PIN entry devices to record card details when entered.

Pop-ups: A form of web advertising that appears as a ‘pop-up’ on a computer screen, pop-ups are intended to increase web traffic or capture email addresses.

Premium rate phone line scams: See ‘dial through fraud’.



Receipt fraud: Often committed by a business’ employees. It could happen when incoming cash or cheques are stolen, or when the records of the amounts owed by customers are adjusted in return for cash rewards or other incentives.

Romance scams (Dating or romance fraud): Involves online relationships where people aren’t who they say they are. Once they gain the victims trust, they ask for money for a variety of personal reasons.

Royal Mail scam: Victims receive an email claiming to be from Royal Mail. The subject header reads ‘Mail – lost / missing package’. The email asks the recipient to open an attachment to complete a document – this document contains malware.


Scam: An attempt to intentionally mislead a person or persons usually with the goal of financial or other gain.

Scammer: Another term for fraudster.

Scareware: A type of malware that displays on-screen warnings of computer infections or generates constant pop-ups intended to trick victims into buying useless or potentially dangerous ‘protection’ software.

Skimming: The act of counterfeiting a bank card by using a device to capture the card and account information embedded on the card’s magnetic strip.

Social engineering: Use of deceit to gain access to secure systems or personal information, for example impersonating a technical support agent.

Social network: Social networks allow people to connect with each other online and share photographs and information. Social networking sites include Facebook, Twitter and LinkedIn.

Smishing: When fraudsters obtain personal details of a victim by SMS text messages.

SMS (Short message service): A system that enables mobile users to send and receive text messages.

Spam: Unsolicited commercial email. Also known as junk email.

Spyware: Software that secretly gathers information about a person or business.


Tech support phone scams: The caller will offer to help solve computer problems or claim that software licensing is out-of-date. Once they have access to the computer they install malware and direct the user to fraudulent websites.

Trojan: Software posing as an authentic application, which actually conceals an item of malware. Term derives from Trojan Horse in Greek mythology.


Upload: The transmission of a file from one computer system to another.

Username: A code name that, with a password, unlocks a user account.

Utility bill fraud: Cold-callers fraudulently offer discounted utility bills. Victims transfer their bill payment money to the caller’s account in order to receive the discount. The bill is paid by the criminal but later cancelled without the victim’s knowledge. The victim is left unaware that the bill now remains outstanding.


Virus: A file written with the sole intention of doing harm, or for criminal activity.

Virus signature: A virus’ 'fingerprint' which contains the characteristics of a virus or type of virus.  Internet security software uses a database of signatures to detect viruses.

Vishing: The practice of attempting to obtain personal or financial information via a telephone call in order to commit fraud or identity theft.

Vulnerability: Any product flaw, administrative process or act, or physical exposure that makes a computer susceptible to attack by a malicious user.


Whistle-blowing: The act of an employee revealing suspected fraud to a third party. Many organisations will set up a confidential help-line enabling employees to discuss fraud in absolute confidence and secrecy.

White collar crime: Generic description of a crime committed by a business or professional person usually connected to fraud or financial crime.

Worm: A type of virus which can spread itself across networks needing no human intervention to do so.




Zombie: A computer that is known to be infected with a worm or other malicious code and that has been observed attacking at least two distinct users.