A

Adware #: Software that bombards you with unwanted ads, often bundled with free programs. It is usually more annoying than dangerous, but some adware also tracks what you do.
Antivirus #: A program that detects, blocks, and removes malware. On Windows, the built-in Microsoft Defender is a solid free option for most people. Learn more →

B

Botnet #: A network of infected devices controlled remotely by an attacker, often used to send spam or launch large-scale attacks - usually without the owners knowing.
Brute-force attack #: An attack that tries huge numbers of password guesses until one works. Long, unique passwords and a limit on login attempts make it impractical.

Cookie #: A small file a website stores in your browser to remember you - for example, to keep you logged in. Most are harmless; some are used to track you across sites.
Credential stuffing #: When attackers take username-password pairs leaked from one site and try them on many others, banking on people reusing passwords. Unique passwords stop it.

Data breach #: An incident where data - such as emails, passwords, or card numbers - is stolen or exposed. If your password was in one, change it everywhere you used it. Learn more →
Deepfake #: A fake image, video, or audio clip generated by AI to imitate a real person. Scammers use deepfaked voices and videos to impersonate family or executives. Learn more →

Encryption #: Scrambling data so only someone with the right key can read it. It protects your messages and web traffic from anyone listening in.

Firewall #: A barrier - software or hardware - that controls which network traffic is allowed in or out of your device or network, blocking unwanted connections.

HTTPS #: The secure version of the web protocol, shown by the padlock in your browser. It encrypts the connection so others cannot read or alter it - but it does not prove a site is honest. Learn more →

Identity theft #: When someone uses your personal information - name, SIN, banking details - to commit fraud in your name. Acting fast and alerting credit bureaus limits the damage. Learn more →

Malware #: Short for "malicious software" - any program designed to harm or spy on you, including viruses, ransomware, and spyware.
Multi-factor authentication (MFA) #: A login that requires two or more proofs of identity - such as a password plus a code - so a stolen password alone is not enough to get in. Learn more →

Passphrase #: A password made of several words, like "copper-violin-cloud-rain". Longer and easier to remember than a short complex password - and much harder to crack. Learn more →
Password manager #: An app that creates and stores a strong, unique password for every account, locked behind one master passphrase, so you do not have to remember them all. Learn more →
Phishing #: A scam message that pretends to be from someone you trust to trick you into clicking a link, opening an attachment, or handing over a password. Learn more →

Quishing (QR phishing) #: Phishing that hides a malicious link inside a QR code, so you cannot see where it leads until you scan it. Learn more →

Ransomware #: Malware that locks or encrypts your files and demands payment to unlock them. Regular backups are the best defence.

SIM swapping #: A scam where a criminal convinces your mobile carrier to move your number to their SIM, letting them intercept your texts and 2FA codes. Prefer an authenticator app over SMS where you can.
Smishing (SMS phishing) #: Phishing carried out by text message (SMS) - fake delivery notices, bank alerts, or prize messages with a malicious link. Learn more →
Social engineering #: Manipulating people into giving up information or access, rather than hacking technology - by posing as IT support, a boss, or a trusted company.
Spoofing #: Faking the source of a message or call - such as a forged sender address or caller ID - to make it look like it comes from someone you trust.
Spyware #: Malware that secretly watches what you do - keystrokes, passwords, browsing - and sends it to an attacker.

Two-factor authentication (2FA) #: A login step that asks for a second proof beyond your password - usually a code from an app or text - so a stolen password is not enough. Learn more →

Vishing (voice phishing) #: Voice phishing - a scam phone call that pressures you into sharing information or money, sometimes using an AI-cloned voice. Learn more →
VPN #: A virtual private network encrypts all your internet traffic and hides your IP address, useful on untrusted networks like public Wi-Fi. Learn more →

Zero-day #: A security flaw that attackers exploit before the software maker has released a fix. Keeping software updated closes them as soon as patches arrive.