The malware security system provided by CCB Creative is the leading cyber security solution for WordPress.

It provides a complete anti-virus and firewall package for your website, including two factor authentication and a firewall incorporating machine learning. For a glossary of data protection terms, see below.

IMG_7496Your Malware Protection with CCB Creative provides real-time distributed protection as it learns from other sites that are attacked. If one WordPress site is attacked, the attacker is blocked and all other sites also running this malware protection.

*Note: Packaged with CCB Creative’s malware protection is web hosting. Together the services for Web Hosting/Malware Protection provide you with confidence that you website data files are secure. Please see the web hosting/malware protection page for pricing.

Malware Protection Features:

Website Malware Cleanup for the year,
should your site become attacked with malware

Advanced Comment Spam Filter
Spamvertized Check
Spam Generation Check (a check to see if your site IP address is generating spam)
Remote Website Scans
Country Blocking
Real-time Security Network
Scans of Core, Theme, and Plugin Files
Scan content for bad URLs
Real-time traffic
Scan for known malware
Scan for hundreds of backdoors
Includes a complete firewall
Rate limit rogue crawlers
Block IP’s & manage blocks
Intelligently block networks
Block fake Googlebots
(list of terminology below)
Block brute-force attacks
Monitor disk space
Enforce strong passwords
Check existing passwords
Scan for DNS changes
Get detailed IP info
Track IP’s to their source



Data-Threat Terminology

Advanced persistent threats (APTs)
A targeted cyberespionage or cybersabotage attack that is usually sponsored by a nation state with the goal of stealing information from an organization. The motivation behind an advanced persistent threat is to gain information for military, political, or economic advantage.

Software that displays advertising banners on Web browsers. While not always threatening, these programs create pop-ups and can cause sluggishness in network connectivity.

A type of application that defends against the threats that spam poses (such as viruses, phishing attempts, and denial-of-service attacks) and reduces the amount of spam entering an email system.

Antivirus software
A type of software that scans a computer’s memory and disk drives for viruses. If it finds a virus, the application informs the user and may clean, delete, or quarantine any files, directories, or disks affected by the virus. The term antimalware is preferred because it covers more threats.

Computer programmers often build backdoors into software applications so they can fix bugs. If hackers or others learn about a backdoor, the feature may pose a security risk. It can also be referred to as a trap door.

A backup is a duplicate copy of data made for archiving purposes or for protection against damage and loss. A backup is usually kept physically separate from the originals for recovery when originals are damaged or lost.

Black hat hackers
Hackers who gain unauthorized access into a computer system or network with malicious intent. They may use computers to attack systems for profit, for fun, for political motivations, or as part of a social cause. Such penetration often involves modification and/or destruction of data, as well as distribution of computer viruses, Internet worms, and delivery of spam through the use of botnets.

A list of known sources of unwanted email used for filtering spam. A blacklist can also be a list of websites that are considered to be dangerous because they exploit browser vulnerabilities or send spyware and other unwanted software to users.

Short for “robot,” a computer that has been infected with malicious software without the user’s knowledge. Once the computer has been affected, a cybercriminal can send commands to it and other infected machines over the Internet. Since the compromised computers blindly follow the commands of the cybercriminals, infected machines are also called zombies.

Botnet (bot network)
Short for “robot network,” a botnet is a network of hijacked computers controlled remotely by a hacker. The hacker can use the network to send spam and launch Denial of Service (DoS) attacks, and may rent the network to other cybercriminals. A single computer in a botnet can automatically send thousands of spam messages per day. The most common spam messages come from zombie computers.

Browser hijacker
A type of malware that alters your computer’s browser settings so that you are redirected to websites that you had no intention of visiting. Most browser hijackers alter browser home pages, search pages, search results, error message pages, or other browser content with unexpected or unwanted content.

Brute-force attack
A hacking method used to find passwords or encryption keys by trying every possible combination of characters until the correct one is found.

An unintentional fault, error, failure, or mistake in a software program that can produce an incorrect or unexpected result or cause a program to behave in unintended ways.

Pronounced like “cash,” a cache stores recently used information in a place where it can be accessed extremely fast. Computers have a disk cache; this stores information that the user has recently read from the hard disk. Web browsers also use a cache to store the pages, images, and URLs of recently visited websites on the user’s hard drive. When users visit web pages that they have been to recently, the pages and images don’t have to be downloaded again.

Caller ID spoofing
This is the practice of causing the telephone network to display a false number on the recipient’s caller ID. A number of companies provide tools that facilitate caller ID spoofing. Voice over Internet Protocol (VoIP) has known flaws that allow for caller ID spoofing. These tools are typically used to populate the caller ID with a specific bank or credit union, or just with the words “Bank” or “Credit Union.”

A technique used by thieves to verify the validity of stolen card data. The thief will use the card information on a website that has real-time transaction processing. If the transaction is processed successfully then the thief knows the card is still good. The purchase is usually for a small amount to avoid using the card’s limit and to avoid attracting the attention of the card owner.

Small amounts of data generated by a website and saved by your web browser. Websites use cookies to identify users who revisit their sites, and are most commonly used to store login information for a specific site. When a server receives a browser request that includes a cookie, the server can use the information stored in the cookie to customize the website for the user. Whenever a user checks the box “Remember me on this computer,” the website will generate a login cookie once the user successfully logs in. Each time users revisit the site, they may only need to enter their password or may not need to login at all. Cookies can be used to gather more information about a user than would be possible without them.

Content Leeching (computing)
1) Often leecher is synonymous with downloader simply describing a peer or any client that does not have 100% of the data.

2) The term leech also refers to a peer (or peers) that has a negative effect on the swarm by having a very poor share ratio, downloading much more than they upload. Leeches may be on asymmetric Internet connections or do not leave their BitTorrent client open to seed the file after their download has completed. However, some leeches intentionally avoid uploading by using modified clients or excessively limiting their upload speed.

Malicious software such as viruses, Trojan horses, spyware, and other programs used to commit crimes on the Internet including identity theft and fraud.

Criminal identity theft
When a criminal fraudulently identifies himself to police as another individual at the point of arrest. In some cases criminals have previously obtained state-issued identity documents using credentials stolen from others, or have simply presented fake identification.

Registering, trafficking in, or using a domain name with malicious intent to profit from the goodwill of a trademark or brand name belonging to someone else. The cybersquatter then offers to sell the domain to the person or company who owns a trademark contained within the name at an inflated price. Cybersquatters also sometimes register variations of popular trademarked names as a way of distributing their malware.

DAT files
Also known as a data file, these files are used to update software programs, sent to users via the Internet. .DAT files contain up-to-date virus signatures and other information antivirus products use to protect your computer against virus attacks. .DAT files are also known as detection definition files and signatures.

Drive-by download
A program that is automatically downloaded to your computer without your consent or even your knowledge. It can install malware or potentially unwanted programs merely by your viewing an email or website.

This is an executable file, created specifically to introduce a virus, worm, or Trojan on a computer system.

Encryption is a security method of coding or scrambling data so that it can be decoded or read only by authorized users. This is commonly used to secure websites, online purchases, and other transactions.

Executable file (.exe)
A type of computer file that when opened runs a program or series of instructions contained in the file. These types of files have the potential to be dangerous since they run code when opened, and are often used by cybercriminals to distribute viruses, malware, and spyware.

A piece of software that takes advantage of a bug, glitch, or design flaw in software in order to cause unintended or unanticipated behavior on computer software. This can include gaining control of a computer system, changing access privileges, or denying access or resources to users.

A piece of hardware or software that is designed to block unauthorized access while permitting authorized communications. It is configured to permit or deny network transmissions based upon a set of rules. They are designed to protect the network’s resources from users on other networks.

Gray hat hackers
Skilled hackers who sometimes act legally, sometimes in good will and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

Programs that are undesirable but less serious or troublesome as malware.  Grayware includes some spyware, adware, and joke programs.

In the early days of computing, hacker was a term used to describe a programmer who had a curiosity and appreciation of programs and systems and how they worked. Over time, however, the term gained a negative connotation and began to refer to someone who uses the knowledge to break into other people’s systems to steal information and cause havoc. We also call programmers who use their skills for harm “crackers.”

Hackers can be motivated by a number of reasons both positive and negative, such as profit, protest, or challenge. Criminal hackers create malware in order to commit crimes. Similar terms: cybercriminals, cybergangs.

A vulnerability in the design software and/or hardware that allows the circumvention of security measures.

A term often used to describe the computer file to which a virus attaches itself. Most viruses run when the computer or user tries to use the host file.

In the wild (ITW)
A virus is “in the wild” (ITW) if it is verified as having caused an infection outside a laboratory situation. Most viruses are in the wild and differ only in prevalence.

This term refers to the condition of a file after a virus, spyware, or malware has inserted malicious code into it. Computer systems are infected if a virus or Trojan is installed and running on that system. Static malware, such as viruses and Trojans with entirely malicious code, is also said to be infected. If a potentially unwanted program is installed on a system, the system is not considered infected, even though there may be other consequences.

Infection is the action a virus carries out when it enters a computer system or storage device.

Information harvesters
People who supply stolen data but do not necessarily use it to commit fraud. The information obtained by harvesters is sold to criminal networks that trade the information in Internet back alleys.

Keylogger (keystroke logging)
Software that tracks or logs the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. This is usually done with malicious intent to collect information including instant messages, email text, email addresses, passwords, credit card and account numbers, addresses, and other private data.

Mail bomb
An excessively large email (typically many thousands of messages) or one large message sent to a user’s email account. This is done to crash the system and prevent genuine messages from being received.

Malicious app
A mobile application (app) disguised as a legitimate app that can contain viruses, worms, Trojan horses, malware, spyware, or any other items that may harm user devices or personal data. Once a malicious app is downloaded, it can wreak havoc in multiple ways including sending text messages to premium-rate numbers, taking control of the infected device, and downloading the user’s contact lists. Cybercriminals distribute malicious apps through legitimate app stores like Google Play by masquerading as a legitimate app.

Malicious code
A piece of code designed to damage a system and the data it contains, gather sensitive information, gain unauthorized access, or to prevent the system from being used in its normal manner.

This is usually executed by hiding malicious code within relatively safe-looking online advertisements. These ads can lead a victim to unreliable content or directly infect a victim’s computer with malware, which may damage a system, access sensitive information, or even control the computer through remote access.

A generic term used to describe any type of software or code specifically designed to exploit a computer or the data it contains, without consent. Malware includes viruses, Trojan horses, spyware, adware, most rootkits, and other malicious programs.

Mobile malware
Software with a malicious purpose that commonly performs actions without a user’s knowledge. It may be designed to disable your phone, remotely control your device, send unsolicited messages to the user’s contact list, make charges to the user’s phone bill, or steal valuable information. Mobile malware uses the same techniques as PC malware to infect mobile devices.

Mobile phone spam
Also known as SMS spam, text spam, or mobile spamming. Mobile phone spam is unsolicited and generally unwanted commercial advertisements that are sent to a user’s mobile phone by way of text messaging.

Password attack
An attempt to obtain or decrypt a user’s password for illegal use. Hackers can use cracking programs, dictionary attacks, and password sniffers in password attacks. Defense against password attacks is rather limited but usually consists of a password policy including a minimum length, unrecognizable words, and frequent changes.

Password cracker
Software designed to enable a user or administrator to recover lost or forgotten passwords from accounts or data files. In the hands of an attacker, these tools offer access to confidential information and are a security and privacy threat.

Password sniffing
The use of a sniffer (software or a device that monitors a network and makes a copy of data sent over a network) to capture passwords as they cross a network. The network could be a local area network, or the Internet itself.

Password stealer (PWS)
Malware specifically used to transmit personal information, such as usernames and passwords.

The process of redirecting traffic to a fake website, often through the use of malware or spyware. A hacker sets up a fraudulent website that looks like a legitimate website in order to capture confidential information from users.

A form of criminal activity using social engineering techniques through email or instant messaging. Phishers attempt to fraudulently acquire other people’s personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication. Typically, phishing emails request that recipients click on the link in the email to verify or update contact details or credit card information. Like spam, phishing emails are sent to a large number of email addresses, with the expectation that someone will act on the information in the email and disclose their personal information. Phishing can also happen via text messaging or phone.

The practice of gaining unauthorized access to a system by exploiting an authorized user’s legitimate connection without their explicit permission or knowledge.

Potentially unwanted program (PUP)
Often legitimate software (nonmalware) that may alter the security state or the privacy of the system on which they are installed. This software can, but not necessarily, include spyware, adware, keyloggers, password crackers, hacker tools, and dialer applications and could be downloaded in conjunction with a program that the user wants.

The isolation of files that are suspected of containing a virus, spam, suspicious content, or PUPs. Quarantined files cannot be opened or executed.

Malicious software created by a hacker to restrict access to the computer system that it infects and demand a ransom paid to the creator of the malicious software for the restriction to be removed. Some forms of ransomware may encrypt files on the system’s hard drive, while others may simply lock the system and display messages to coax the user into paying.

The process by which a virus makes copies of itself to carry out subsequent infections. Replication is one of the major criteria separating viruses from other computer programs.

Rogue program
Any program intended to damage programs or data, or to breach a system’s security. It includes Trojan horse programs, logic bombs, and viruses.

A way that users of mobile devices (mobile phones, tablet PCs, and other devices running the Android operating system) hack their devices to gain privileged access to the operating system. This gives the user the ability to alter or replace system applications and settings, run apps that require administrator permissions, or perform operations that otherwise would have not been possible.

A stealthy type of malware that is designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. Rootkits are the hardest type of invasive software to detect and nearly impossible to remove. As eluded to in the name, they dig into the root of a hard drive. They are designed to steal passwords and identifying information.

A common trick cybercriminals use to make users think that their computer has become infected with malware to get them to purchase a fake application. Often the fake application that the user is tricked into purchasing is actually a malicious program which can disable real antivirus software and wreak havoc on a user’s machine.

Signature files
Data files containing detection and/or remediation code that antivirus or antispyware products use to identify malicious code.

SIM (subscriber identity module) card
A small electronic card, approximately the size of a postage stamp, that is placed underneath a mobile phone’s battery. The SIM card stores data such as user identity, location phone number, network authorization data, personal security keys, contact lists, and stored text messages.

A mobile device that combines the functions of a wireless phone and functions typically associated with a computer. These functions include email access, the ability to browse the Internet, access to online banking, synchronization between the device and a computer, as well as many more functions.

The act of using social engineering techniques similar to phishing but via text messaging. The name is derived from “SMS (Short Message Service) phishing.” SMS is the technology used for text messages on mobile phones. SMiShing uses text messages to try and get you to divulge your personal information. The text message may link to a website or a phone number that connects to automated voice response system.

Software or device that monitors network traffic. Hackers use sniffers to capture data transmitted over a network.

Social engineering
The act of manipulating people into performing actions or divulging confidential information. It relies on human interactions, such as trying to gain the confidence of someone through trickery or deception for the purpose of information gathering, fraud, or computer system access. This can take many forms, both online and offline.

An unwanted electronic message, most commonly unsolicited bulk email. Typically, spam is sent to multiple recipients who did not ask to receive it. Types include email spam, instant messaging spam, web search-engine spam, spam in blogs, and mobile phone-messaging spam. Spam includes legitimate advertisements, misleading advertisements, and phishing messages designed to trick recipients into giving up personal and financial information. Email messages are not considered spam if a user has signed up to receive them.

Spear phishing
The act of sending an email that appears to come from a legitimate source, such as a bank, a company’s internal IT department, an internal employee, or a business partner. While phishing uses mass email, spear phishing targets a very small number of recipients. The email sender information may be spoofed so the email appears to originate from a trusted source. Messages typically request username and password details, provide a link to a website where visitors can enter personal information, or have an attachment containing a virus, Trojan, or spyware.

A type of spam specific to instant messaging. The messages can be simple unsolicited ads or fraudulent phishing mail.

A combination of the words spam and blog that has been created for the purpose of distributing spam. Splogs contain fake articles created for search engine spamming. Splogs are created to attract people to spam sites, primarily via search engines.

Spoofed website
A website that mimics a real company’s site—mainly financial services sites—in order to steal private information (passwords, account numbers) from people tricked into visiting it. Phishing emails contain links to the counterfeit site, which looks exactly like the real company’s site, down to the logo, graphics, and detailed information.

Spoof means to hoax, trick, or deceive. Spoofing can take many forms on the Internet, like faking the email address of another user. A spoofed website is one that mimics a real company’s site—mainly financial services sites—to steal private information (passwords, account numbers) from people tricked into visiting it.

Spyware spies on a user’s computer. Spyware can capture information like web browsing habits, email messages, usernames and passwords, and credit card information. Just like viruses, spyware can be installed on a computer through an email attachment containing malicious software.

Time bomb
A malicious action triggered at a specific date or time.

Triggered event
An action built into a virus that is set off by a specific condition. Examples include a message displayed on a specific date or reformatting a hard drive after the 10th execution of a program.

Trojan (Trojan horse)
Malicious programs disguised as legitimate software. Users are typically tricked into loading and executing it on their systems. One key factor that distinguishes a Trojan from viruses and worms is that Trojans don’t replicate.

A virus technique designed to prevent antivirus applications from working correctly. Antivirus programs work by intercepting the operating system before it can execute a virus. Tunneling viruses try to intercept the actions before the antivirus software can detect the malicious code. New antivirus programs can recognize many viruses with tunneling behavior.

Two-Factor Authentication (2FA)
Two-factor authentication adds a second level of authentication to an account log-in. When you have to enter only your username and one password, that’s considered a single-factor authentication. 2FA requires the user to have two out of three types of credentials before being able to access an account. The three types are:

– Something you know, such as a Personal Identification Number (PIN), password, or pattern
– Something you have, such as an ATM card, phone, or fob
– Something you are, such as a biometric like a fingerprint or voice print

Also known as URL hijacking, it relies on mistakes such as typographical errors made by Internet users when inputting a website address into a browser. If the user accidentally enters the incorrect website address, they are lead to an alternative website that usually is designed for malicious purposes.

A computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission. Some viruses attach to files so when the infected file executes, the virus also executes. Other viruses sit in a computer’s memory and infect files as the computer opens, modifies, or creates the files. Some viruses display symptoms, and others damage files and computer systems, but neither is essential in the definition of a virus.

The criminal practice of posing as a legitimate source to obtain information over the telephone system (phishing via phone/ voicemail). It is facilitated by Voice over IP because it can spoof (fake) caller ID to gain access to personal and financial information.

An exploitable defect in a software application or operating system that allows hackers to crash systems, access information on systems, or use systems for their own purposes.

War dialing
Process in which a computer is used to automatically call a list of telephone numbers, usually dialing every number in a local area code to search for computers and fax machines that can successfully make a connection with the computer. When each call is made, the program makes a list of which numbers made a successful connection with a computer and a fax machine. That list can be later used by hackers for various reasons, including hacking a wireless access point with an unprotected login or an easily cracked password to gain access to a network.

War driving
The act of stealing personal information by driving around looking for unsecured wireless connections (networks) using a portable computer or a personal digital assistant (PDA). If your home wireless connection is not secured, thieves can access data on all the computers you have connected to your wireless router, as well as see information you type into your banking and credit card sites.

A type of scam in which phishers find the name and email address of a company’s top executive or team of executives (information often freely available on the web), and craft an email specific to those people and their role at the company. The email attempts to lure the executives into clicking on a link that will take them to a website where malware is downloaded onto their machines to copy keystrokes or ferret out sensitive information or corporate secrets.

White hat hackers
Also known as “ethical hackers,” white hat hackers are computer security experts who specialize in penetration testing and other testing methodologies to ensure that a company’s information systems are secure. These security experts may utilize a variety of methods to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to evade security to gain entry into secured areas.

A list of legitimate email addresses or domain names that is used for filtering spam. Messages from whitelisted addresses or domains are automatically passed to the intended recipient.

A virus that spreads by creating duplicates of itself on other drives, systems, or networks. A mass-mailing worm is one that requires a user’s intervention to spread, (e.g., opening an attachment or executing a downloaded file). Unlike viruses, worms do not infect other files. Most of today’s email viruses are worms. A self-propagating worm does not require user intervention to spread.

Zero-day threats, zero-day vulnerabilities
Also known as zero-hour threats and vulnerabilities, they include threats that take advantage of a security hole before the vulnerability is known. The security hole is usually discovered the same day the computer attack is released. In other words, software developers have zero days to prepare for the security breach and must work as quickly as possible to fix the problem.

A computer that has been compromised by a virus or Trojan horse that puts it under the remote control of an online hijacker. The hijacker uses it to generate spam or makes the computer unusable to the owner, and the user is usually unaware that their computer has been compromised. Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks under remote direction.

A collection of viruses used for testing by researchers.

Zoo virus
A virus found only in virus laboratories that has not moved into general circulation.