A Bot, short for "robot," is a software program that performs some function over the Internet, often intended to mimic the behavior of a human, and a Botnet is a collection of Internet-connected devices running bots. Cyber criminals organize hijacked user computers into expansive botnets to launch malicious campaigns, such as denial of service (DoS), phishing and ransomware attacks.

In this website exploit, the attacker creates an invisible overlay of a legitimate web page or element, such that when the visitor clicks on what appears to be a legitimate action, the click activates a function in the overlay page. New options exist to help website developers guard against these attacks..

Credential stuffing attacks exploit the unfortunate fact that many people use the same credentials, typically one’s email address and password, at multiple sites. Attackers capitalize on this practice by using credentials stolen from one site to compromise a person’s other accounts, too. For example, hackers will use credentials stolen from a retail site to try to login to a large number of financial institutions in hopes of finding a match. Of course, this tactic only works if you use the same credentials for multiple sites, but unfortunately this is quite a common practice. ManyMe helps you avoid this exploit by making it very easy for you to always use a different email address whenever you create a new account.

The Dark Web refers to internet sites that are not indexed by search engines and can only be accessed using the Tor browser, which makes visitors unidentifiable and untraceable. Despite legitimate uses, the anonymity of the Dark Web attracts scammers of all descriptions, and it is indeed a marketplace for criminal, fraudulent activity, such as buying credit card numbers and contraband of all descriptions. Purchases are typically made using bitcoin, which is a cryptocurrency that also anonymizes buyers and sellers. Despite its criminal uses, the Tor network is also used by people living in authoritarian countries to circumvent eavesdropping and bans on internet access.

A data breach refers to unauthorized access to information, which is then said to be "compromised." Data breaches occur when an attacker finds a technical means of accessing information on a server that is inadequately protected, but also when online data is left unprotected, or when a laptop containing information is lost or stolen. The information acquired from a breach is often posted for sale on the Dark Web, and used to compromise the online accounts of the individuals whose personal information has been exposed.

This attack attempts to prevent the operation of a target web site by overloading it with data, ultimately rendering the site unreachable by legitimate visitors. Large scale attacks are called Distributed Denial of Service (DDoS) attacks, and typically exploit criminal botnets.

The display name in an email is the name that appears at the top of the screen, often the name of the sender or the sender’s organization, e.g., Jane Doe or Home Depot. In this type of attack, a malicious sender uses a different sender’s name, making it appear that the email is from someone you know or trust. The hope, of course, is that by forging, or spoofing, the sender’s name, the odds go up that you'll open the message and activate a dangerous payload.

In this form of malvertising, malicious scripts run as soon as a compromised ad is displayed, downloading code through a flaw in the browser to the viewer's device. You can avoid this exploit by making sure that your browser and any extensions (plug-ins) are up-to-date.

Doxing refers to the collection and publication by one party of another party’s private or personally identifying information on the Internet, often for malicious purposes, for example, to harass or intimidate someone with whom one disagrees.

In this exploit, attackers seed legitimate online advertising networks with malicious code; viewers who click on an ad may be redirected to a malicious website, and even the simple act of viewing the infected page may be sufficient to download malicious code to the visitor's device.

Malware is short-hand for malicious software, often called the “payload,” that attackers seek to deliver to the user’s computer devices and network.

Phishing attacks use expertly crafted and targeted emails to dupe an individual into providing sensitive information or taking a specific action, such as issuing a check, transferring money, buying a gift card, or divulging sensitive information that can perhaps be used to launch an even more personally-directed attack. Such emails can be very convincing, and may even include information gleaned from the recipient’s social media postings. An attack that targets a specific individual is often referred to as "spear phishing," while an attack on a senior executive in a company or a major influencer is called "whaling." The use of ManyMe aliases, and their presentation in ManyMe ’s unique control strip, make it easier for one to identify and avoid such attacks.

Pixel tracking is a tactic used by marketers to determine if you visit their website or open their emails. This is accomplished in email by seeding the message with a tiny, generally unnoticeable image that includes an embedded link to an external server. When the email is opened, one’s browser activates the link, which indicates that the email has been opened and may communicate other information about the recipient, such as one’s operating system, device type, and IP address. All of this information can be useful for online marketing and retargeting purposes, but also by spammers to confirm that an email address is active. Measures to avoid pixel tracking include configuring your browser to block the display of images in your email and using browser extensions (plug-ins) that block these pixels.

In these despicable attacks, malicious software encrypts one’s files, on a local device or across an entire network, and holds them hostage until a ransom is paid. When the ransom is paid, often in bitcoin, the attacker (hopefully) provides the key to decrypt the files. In an alternative to encrypting files, attackers may threaten to reveal sensitive personal information if the ransom isn’t paid. These attacks have become very common, often targeting hospitals and municipal services.

In this ruse, attackers attempt to convince your mobile phone carrier to switch your mobile number over to a SIM card (Subscriber Identification Module) that they own. By diverting messages to their phone, it becomes easy for them to complete the text-based two-factor authentication (2FA) process that may protect your most sensitive accounts.

Sextortion is a form of online blackmail in which the scammer threatens to release intimate information, perhaps photos, videos or browser search history, to your family and friends unless you pay a ransom or provide other private information. Some instances may be empty threats, with the attacker claiming to have taken control of your webcam to photograph you in compromising activity; other instances may be genuine if the attacker has indeed compromised your device or gleaned sensitive information from a data breach. To give the threat credibility, scammers will sometimes include a stolen username or password for one of your accounts.

This term refers to the trickery that hackers use to convince their prey to take an ill-advised action. In this ploy, bad actors use carefully crafted, authentic looking emails, often containing content gleaned from social media sites or data breaches, to create an air of trustworthiness. Mixing in an element of urgency and playing to our human emotions, the attacker seeks to trick us into revealing sensitive personal information, clicking on a harmful link, or taking an action, such as buying gift cards or wiring funds. Social engineering is a standard tactic in phishing attacks.