Cybercrime Cheat Sheet

The core ideas of Cybercrime distilled into a single, scannable reference — perfect for review or quick lookup.

PiqCue — piqcue.com/cybercrime/cheatsheet

Quick Reference

Phishing

A social engineering attack in which an attacker impersonates a trusted entity through email, text messages, or fraudulent websites to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.

Ransomware

A type of malicious software that encrypts a victim's files or locks them out of their system, then demands a ransom payment, typically in cryptocurrency, in exchange for the decryption key or restored access.

Social Engineering

The psychological manipulation of people into performing actions or divulging confidential information. It exploits human trust, fear, urgency, and helpfulness rather than technical software vulnerabilities.

Advanced Persistent Threat (APT)

A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period, typically carried out by well-funded nation-state or organized criminal groups pursuing strategic objectives.

Digital Forensics

The scientific process of identifying, preserving, analyzing, and presenting digital evidence from computers, networks, and storage devices in a manner that is legally admissible in court proceedings.

Zero-Day Vulnerability

A previously unknown software security flaw that is exploited by attackers before the vendor becomes aware of it or has released a patch. The term 'zero-day' refers to the fact that developers have had zero days to fix the vulnerability.

Distributed Denial of Service (DDoS)

An attack in which multiple compromised computer systems, often forming a botnet, flood a target server, service, or network with overwhelming traffic to exhaust its resources and render it unavailable to legitimate users.

Identity Theft

The fraudulent acquisition and use of another person's private identifying information, typically for financial gain. Cybercriminals steal personal data through breaches, phishing, or malware and use it to open accounts, make purchases, or commit further fraud.

Dark Web

A portion of the internet that is intentionally hidden and requires special software such as the Tor browser to access. It hosts anonymous communication channels and marketplaces where illegal goods and services, including stolen data, malware, and hacking tools, are bought and sold.

Incident Response

The organized approach to addressing and managing the aftermath of a security breach or cyberattack. A structured incident response plan aims to limit damage, reduce recovery time and costs, and preserve evidence for investigation and potential prosecution.

Key Terms at a Glance

Advanced Persistent Threat (APT):A prolonged, targeted cyberattack typically conducted by nation-state actors or sophisticated criminal groups.

Botnet:A network of compromised computers controlled remotely by an attacker, used for DDoS, spam, or cryptomining.

Brute Force Attack:A trial-and-error method of guessing passwords or encryption keys by systematically trying every possible combination.

Chain of Custody:The documented chronological history of the handling of digital evidence to ensure its integrity.

Computer Fraud and Abuse Act (CFAA):The primary U.S. federal law criminalizing unauthorized access to computer systems, enacted in 1986.

Cryptocurrency:A digital or virtual currency that uses cryptography for security and operates on decentralized blockchain networks.

Cyber Kill Chain:A seven-stage framework by Lockheed Martin describing the phases of a cyberattack from reconnaissance to objective completion.

Dark Web:A hidden portion of the internet accessible through special software like Tor, often used for anonymous and illegal activities.

DDoS (Distributed Denial of Service):An attack that floods a target with traffic from multiple sources to render it unavailable to legitimate users.

Digital Forensics:The practice of collecting, preserving, and analyzing digital evidence for use in legal proceedings.

Encryption:The process of converting readable data into an unreadable format using a cryptographic algorithm and key.

Exploit:A piece of software, data, or command sequence that takes advantage of a vulnerability to cause unintended behavior.

Firewall:A network security device that monitors and filters incoming and outgoing traffic based on predefined security rules.

Identity Theft:The fraudulent use of another person's personal identifying information for financial gain.

Incident Response:The structured approach to managing and mitigating the aftermath of a cybersecurity breach or attack.

Get study tips in your inbox

We'll send you evidence-based study strategies and new cheat sheets as they're published.

We'll notify you about updates. No spam, unsubscribe anytime.