^
          Link
   
線上續約與新購詢價系統
SEP-企業端點防護
SMG-郵件安全閘道
SESC-端點安全完整版
DCS SA-重要主機防護系統
PGP-企業加密解決方案
ETDR-電子郵件威脅偵測與回應
熱銷商品
  symantec Endpoint Protection 賽門鐵克端點防護方案
 
   

 
保安資訊整理的垃圾郵件常見名詞
1. 419 垃圾郵件 2. 地址整理(Address Munging) 3. 允許清單
4. Autoresponder 5. 攔截清單 6. 傀儡網路(Botnet) 7. 退回郵件
8. Captcha 9. 拒絕服務(簡稱DoS)攻擊
10. 電子郵件地址搜尋攻擊(Directory Harvest Attack,簡稱DHA)
11. 分散式拒絕服務(簡稱DDoS)攻擊
12. 網域名稱系統攔截清單(Domain Name System Block List,簡稱 DNSBL)
13. 網域名稱系統白名單(Domain Name System White List,簡稱 DNSWL)
14. 句點四等分格式的垃圾郵件(Dotted Quad Spam) 15. 漏報 16. 誤判
17. 免費網頁垃圾郵件 18. 列為灰名單 19. 駭客 20. Ham
21. 電子郵件地址搜尋 22. 標頭 23. 誘捕(Honeypot) 24. 影像式垃圾郵件
25. 惡意程式 26. MMF快速賺錢法 27. 變形(Morph) 28. Murk
29. 未送達報告 30. NDR 垃圾郵件 31. 開放式代理伺服器 32. 開放式轉遞伺服器
33. 選擇性接收 34. 選擇性取消接收 35. 網頁綁架 36. 網路釣魚
37. Pump-n-Dump 38. 老鼠軟體(Ratware) 39. 即時攔截清單(RBL) 40. 社交工程
41. 垃圾郵件 42. 垃圾郵件類別 43. 垃圾郵件內容類型 44. 魚叉式網路釣魚
45. SPIM 46. Sping 47. SPIT 48. SPLOG
49. 詐騙(Spoofing) 50. 間諜程式 51. 木馬程式 52. UCE
53. URL 54. 病毒 55. 網頁臭蟲 56. 病蟲
57. 殭屍電腦

 

 

1. 419 垃圾郵件

  419 垃圾郵件是以奈及利亞刑法中有關詐欺的第 419 條為命名依據,這些垃圾郵件通常會提醒使用者因為某個樂透彩、退休的政府官員,或是剛過世的有錢人的緣故而獲得了大筆財富。419 垃圾郵件會督促收件人公開個人資訊以便領取這些錢。有時候我們亦將此稱為預付金詐欺事件。419 Spam:419 spam is named after the section of the Nigerian penal code dealing with fraud, and refers to spam email that typically alerts an end-user that they are entitled to a sum of money, by way of lottery, a retired government official, or a wealthy person that has passed away. 419 spam urges the recipient to share personal information so that they may be entitled to the money. This is also sometimes referred to as advance fee fraud.
 
2. 地址整理(Address Munging)
  其中的「整理 (Munging)」是指修改電子郵件地址,一般是用來保護寄件者,使其免於受到垃圾郵件侵擾或是隱藏某人的身份。Address Munging:Munging refers to the act of modifying an email address typically to protect the sender from being spammed or as a means to hide one's identity.
 
3. 允許清單
  這份清單上包含了整個企業或個別使用者信任的外部電子郵件地址、IP 位址以及網域。Allow List:A list of external email addresses, IP addresses, and domains trusted by the entire organization or an individual user.
 
4. Autoresponder
  即「自動回覆機制 (automatic responder)」的簡稱,使用這種機制的機器或軟體程式一律針對所有內送的訊息發送自動回覆。Autoresponder:Short for "automatic responder," a machine or software program that indiscriminately sends automatic replies to all incoming messages.
 
5. 攔截清單
  這份公開的清單內含已知為垃圾郵件來源的 IP 位址,可用來建立網路攔截清單以便過濾來自這些位址的郵件。攔截清單有時亦稱為黑名單。請參閱 DNSBL 與 RBL。Block List:A publicized list of IP addresses known to be sources of spam which can be used to create a network block list to filter out mail originating from these addresses. Block lists are also sometimes referred to as blacklists. See also DNSBL and RBL.
 
6. 傀儡網路(Botnet)
  傀儡網路指的是一群遭到有心人設計的殭屍電腦網路,用來轉送垃圾郵件及 (或) 病毒。請參閱殭屍電腦。Botnet:A botnet is a network of zombie computers that have been setup to forward spam and/or viruses. See also Zombie.
 
7. 退回郵件
  退回郵件是一種未送達報告(NDR),它會針對原始郵件的遞送問題向宣稱的電子郵件寄件者寄送一封回覆的電子郵件。Bounce :A bounce is a non-delivery report (NDR) sent in an email response to the purported sender of an email message regarding an issue with the delivery of an original email message.
 
8. Captcha
  全自動區分電腦和人類的圖靈測試(Completely Automated Public Turing Test to Tell Computers and Humans Apart 的縮寫) 是一種可產生只有人類能夠通過其測試的程式。我們通常使用這項機制來保護網站安全。Captcha:Completely Automated Public Turing Test to Tell Computers and Humans Apart, Captcha is a program that generates a test that only humans can pass. This is typically employed as a means to secure a website.
 
9. 拒絕服務(簡稱DoS)攻擊
  這項攻擊會傳送大量的電子郵件流量,試圖降低電腦的資源使用效率,進而讓電腦無法繼續執行合法郵件的遞送服務。Denial of Service (DoS) Attack:An attempt to bring down a computer's resources by sending it excessive email traffic so that it is no longer able to deliver legitimate mail.
 
10. 電子郵件地址搜尋攻擊(Directory Harvest Attack,簡稱DHA)
  垃圾郵件寄件者會透過此攻擊行為產生成千上萬封來自特定網域或組織之可能郵件地址的電子郵件,並利用垃圾郵件攻擊以便專門「驗證」有效收件者地址。此攻擊行為有時候亦稱為 Chaff。Directory Harvest Attack (DHA):A spammer technique to find valid addresses by generating thousands of emails with possible email addresses from a specific domain or organization for the sole purpose of "harvesting" valid recipients for a spam attack at another time. This is also sometimes referred to as Chaff.
 
11. 分散式拒絕服務(簡稱DDoS)攻擊
  這項攻擊會利用多個受到破壞的系統來瞄準單一系統發動攻擊,達到其拒絕服務 (DoS) 的攻擊目的。Distributed Denial of Service (DDoS):Multiple compromised systems are used to target a single system causing a Denial of Service (DoS) attack.
 
12. 網域名稱系統攔截清單(Domain Name System Block List,簡稱 DNSBL)
  這份公開的清單內含已知為垃圾郵件來源的 IP 位址,可用來建立網路攔截清單以便過濾來自這些位址的郵件。請參閱攔截清單與 RBL。Domain Name System Block Lists (DNSBL):A publicized list of IP addresses known to be sources of spam which can be used to create a network block list to filter out mail originating from these addresses. See also Block List and RBL.
 
13. 網域名稱系統白名單(Domain Name System White List,簡稱 DNSWL)
  這份清單內含的 IP 位址或 IP 空間會與良好的電子郵件行為產生關聯,並因此獲得特定過濾系統的允許通過權限。Domain Name System White List (DNSWL):A list of IP addresses or IP space that has been associated with good email behavior and is thereby given a pass through certain filtering systems.
 
14. 句點四等分格式的垃圾郵件(Dotted Quad Spam)
  當垃圾郵件網址連結的句點四等分格式位址在郵件內容中使用而不是在垃圾郵件網址的網域名稱中使用時,會出現句點四等分格式的垃圾郵件。句點四等分位址是指用四個由點分隔的十進位數字序列表示 4 位元組(32 位元) IP 位址的表示法。Dotted Quad Spam:Dotted quad spam occurs when the dotted quad address of the spam URL link is used in the spam message body rather than the domain name of the spam URL. A dotted quad address refers to the notation that expresses the four-byte (32-bit) IP address as a sequence of four decimal numbers separated by dots.
 
15. 漏報
  未被正確判別為垃圾郵件的垃圾郵件,就是沒有攔截到的垃圾郵件。False Negative:A spam message that was not detected as spam.
 
16. 誤判
  被錯誤判別為垃圾郵件的合法郵件,就是把正常的信判定為垃圾郵件。False Positive:A legitimate message that was incorrectly identified as spam.
 
17. 免費網頁垃圾郵件
  使用免費網頁託管連結散佈的垃圾郵件。Freeweb Spam:A spam message using free webhosting links.
 
18. 列為灰名單
  此垃圾郵件攔截方法可在一段時間內暫時拒絕來自某個不明寄件者的郵件。Greylisting:A method of blocking spam by temporarily rejecting mail from an unknown sender for a period of time.
 
19. 駭客
  故意破壞電腦安全性的個人,此行為通常會造成干擾或是取得諸如金融詳細資料的機密資訊。Hacker:A person who intentionally breaches computer security, usually to cause disruption or to gain confidential information such as financial details.
 
20. Ham
  被判別為合法郵件的電子郵件。Ham Email that has been identified as legitimate.
 
21. 電子郵件地址搜尋
  用來收集合法電子郵件地址,以便日後用來遞送垃圾郵件的任何流程。請參閱 DHA。Harvesting:Any process employed to gather valid email addresses for the purposes of delivering spam at a later date. See also DHA.
 
22. 標頭
  出現在郵件或是新聞訊息上方的資訊行區塊。Header:The block of information lines which appear at the top of a mail or news message.
 
23. 誘捕(Honeypot)
  用來吸引垃圾郵件的任何機制,例如經過設定後看起來就像是開放式轉遞伺服器或是公佈在網站上的某個電子郵件地址的郵件伺服器。Honeypot:Any mechanism utilized to attract spam, such as a mail server set up to appear to be an open relay or an email address posted on a website.
 
24. 影像式垃圾郵件
  不請自來的電子郵件,內含的影像帶有少許或是根本不含任何文字或 HTML 內容。此影像可包含各種不同的混淆技巧,例如針對某些背景雜訊的色彩或字型套用細微的變更以便迴避垃圾郵件過濾機制的偵測。Image Spam:Unsolicited email containing an image with little or no text or HTML in the body. The image will contain various obfuscation techniques such as subtle changes to the color or font to additional background noise in order to avoid antispam detection.
 
25. 惡意程式
  惡意程式是一種惡意程式碼類別,包括病毒、病蟲及木馬程式。Malware:Malware is a category of malicious code that includes viruses, worms, and Trojan horses.
 
26. MMF快速賺錢法
  (Make Money Fast 的縮寫),是一種熱門的多層式傳銷手法名稱。MMF:Make Money Fast, the title of a popular pyramid scheme.
 
27. 變形(Morph)
  垃圾郵件寄件者會利用這種方法,藉由修改郵件訊息標頭或內容的任何一部份,達到規避偵測的目的。Morph :A method that a spammer uses to avoid detection by modifying any part of the message header or content.
 
28. Murk
  (n.)這項免責聲明會出現在垃圾郵件結尾,向收件者保證該郵件符合 Bill S.1618 的規定,因此是合法的郵件。此種聲明亦稱為「Murkogram」。當作動詞用時指傳送內含 Murkogram 之垃圾郵件的行為。Murk(n.) :A disclaimer at the end of an email spam assuring you that the spam complies with Bill S.1618 which makes the spam legal. Also known as a "Murkogram." (v.) The act of sending spam containing a Murkogram.
 
29. 未送達報告
  它會針對原始郵件的遞送問題向宣稱的電子郵件寄件者寄送一封回覆的電子郵件。Non-Delivery Report:A report sent in an email response to the purported sender of an email message regarding an issue with the delivery of an original email message.
 
30. NDR 垃圾郵件
  這種垃圾郵件會使用假造的標準電子郵件未送達報告 (NDR) 讓收件者誤以為該郵件是有效的,進而誘使收件者開啟實際上為垃圾郵件的附件。垃圾郵件寄件者可直接傳送 NDR 報告,或是讓某個合法的伺服器為其傳送,以增加其可信度。也稱為 Backscatter 垃圾郵件。NDR Spam:Spam that uses a faked standard email non-delivery report (NDR) that a recipient will think is genuine, tricking them into opening an attachment that is spam. Spammers can send a NDR directly or make a legitimate server send it for them, adding to its credibility. Also known as backscatter spam.
 
31. 開放式代理伺服器
  網際網路上的任何人都可以存取這些伺服器,垃圾郵件寄件者特別喜歡透過它們來寄送匿名的郵件。Open Proxies:These are servers that are accessible by anyone on the Internet and are typically used by spammers to anonymously deliver their payload.
 
32. 開放式轉遞伺服器
  遭到有心人士設定的郵件伺服器會代替寄件者接收郵件或是將之轉寄給任何一位收件者,而不是只代替受信任的寄件者轉遞郵件,或是將郵件轉遞給本地端的收件者。Open Relay:A misconfigured mail server that will accept and forward mail to any recipient on behalf of the sender, as opposed to only relaying mail from trusted senders, or for local recipients.
 
33. 選擇性接收
  接受來自特定來源的資訊 (例如接收電子報即是一例)。Opt-in :Acceptance to receive information from specific sources (opting into a newsletter is one example).
 
34. 選擇性取消接收
  取消訂閱某一項服務。Opt-out: Unsubscribing from a service.
 
35. 網頁綁架
  指的是盜取某個網站的內容以便讓垃圾郵件寄件者的網站看起來更加可信,進而提升其在搜尋引擎的搜尋排名。請參閱 SPLOG。Page-jacking:The process of stealing content from a website in order to make a spammer's site appear more legitimate and boost search engine rankings. See also SPLOG.
 
36. 網路釣魚
  網路釣魚本質上就是網路詐欺遊戲,而網路釣客只是技術比較精良的網路詐欺犯及身份竊賊而已。他們會使用垃圾郵件、惡意網站、電子郵件及即時通訊來誘騙人們洩漏機密資訊,例如銀行與信用卡帳號。Phishing :Phishing is essentially an online con game and phishers are nothing more than tech-savvy con artists and identify thieves. They use SPAM, malicious Web sites, email messages and instant messages to trick people into divulging sensitive information, such as bank and credit card accounts.
 
37. Pump-n-Dump
  將一檔便宜的股票用力拉抬 (「加以充氣」) 使其股價開始膨脹,並在特定時間點拋售手中持股來獲利了結的手法。Pump-n-Dump :The practice of promoting a cheap stock ("pumping" it) in order to inflate its price - at which point, the persons pumping the stock dump their own shares at a profit.
 
38. 老鼠軟體(Ratware)
  任何用來使垃圾郵件寄件達到個人目的的軟體。Ratware: Any software a spammer utilizes to achieve their objective.
 
39. 即時攔截清單(RBL)
  這份公開的清單內含已知為垃圾郵件來源的 IP 位址,可用來建立網路攔截清單以便過濾來自這些位址的郵件。請參閱攔截清單與 DNSBL。Real-time Block List (RBL): A publicized list of IP addresses known to be sources of spam which can be used to create a network block list to filter out mail originating from these addresses. See also Block List and DNSBL.
 
40. 社交工程
  用來取得收件者信任,使其願意揭露個人資訊或是取得其電腦存取控制權的任何方法。Social Engineering :Any method utilized to gain the confidence of the recipient to disclose personal information or gain access to their computer.
 
41. 垃圾郵件
  不請自來的大宗郵件。Spam: Unsolicited bulk email.
 
42. 垃圾郵件類別
  由電子郵件安全團體 (ESG) 所提出,以垃圾電子郵件的內容做為分類基礎的類別。Spam category: Identified category based on the content of the spam email message, as identified by the Email Security Group (ESG).
 
43. 垃圾郵件內容類型
  垃圾郵件內容類型是指垃圾郵件中出現的 MIME 標頭類型。Spam content types :Spam content types are the mime-header types that appear in spam.
 
44. 魚叉式網路釣魚
  特定、個別性與針對性的網路釣魚版本。Spear Phishing A specific, individual, targeted version of phishing.
 
45. SPIM
  透過即時通訊網路傳送的不請自來訊息。SPIM :Unsolicited messages sent over an Instant Messaging network.
 
46. Sping
  部落格或是其他某些社交網路個人資料通常會寄送通知 (ping),用以通知收件者其個人資料或是部落格上已經新增一些內容。Sping 指的是使用這項技巧的垃圾郵件。Sping Notifications (pings): are typically sent from blogs or some other social network profile meant to notify the recipient of new content added to their profile or blog. A sping is a spam ping employing this tactic.
 
47. SPIT
  透過網路電話 (或VoIP 垃圾郵件) 傳送的垃圾郵件,或是透過 VoIP (Voice over Internet Protocol) 廣播,傳送至網路電話之不請自來的大量訊息。SPIT: Spam sent over Internet telephony (or VoIP spam) or unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet.
 
48. SPLOG
  假造的部落格網站,其用途皆為針對垃圾郵件寄件者的目的,提升其部落格之關聯網站在搜尋引擎上的排名。SPLOG: A fake blog site created for the purpose of boosting search engine rankings of associated websites (typically promoting whatever the spammer's objectives are).
 
49. 詐騙(Spoofing)
  假造電子郵件標頭,使其看起來像是一封來自合法來源 (而不是垃圾郵件來源) 的電子郵件。Spoofing :The act of forging an email header to make it appear as though the email is coming from a legitimate origin rather than a spam source.
 
50. 間諜程式
  可透過網站、電子郵件、即時通訊以及直接檔案共用連線等下載的獨立程式。間諜程式經常試圖不受到注意,不管是主動的隱藏或是不出現在使用者知道的系統上。Spyware :Stand-alone programs that can be downloaded from Web sites, email messages, instant messages, and from direct file-sharing connections. Spyware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user.
 
51. 木馬程式
  木馬程式屬於詐騙程式或檔案,會聲稱是值得擁有的程式,但事實上卻是惡意程式。它們會以電子郵件附件形式進行散播,或是透過網際網路下載的檔案,經過使用者開啟或是允許其執行之後進行散播。木馬程式包含了惡意程式碼,在觸發時會導致資料流失或甚至遭竊。Trojan:Trojan horses are impostors - files that claim to be something desirable but, in fact, are malicious. They spread as email attachments or files downloaded from the Internet that are opened or allowed to run. Trojan horses contain malicious code that when triggered cause loss, or even theft, of data.
 
52. UCE
  不請自來的商業電子郵件(Unsolicited Commercial Email,簡稱 UCE)。UCE: Unsolicited Commercial Email.
 
53. URL
  用以定義網際網路上某項資源之實體位置的通用資源定位器 (uniform resource locator,簡稱 URL)。URL:A uniform resource locator (URL) defines the physical location of a resource on the Internet.
 
54. 病毒
  電腦病毒是在使用者未授權或不知曉的情況下,所撰寫之改變電腦運作方式的小程式。Virus: A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user.
 
55. 網頁臭蟲
  任何內嵌在網站上的物件,此物件可追蹤並提醒垃圾郵件寄件者有人造訪其網站。網頁臭蟲也可能以少許的 javascript 或 CSS 程式片段形式植入網頁,或是置於 HTML 框架中。Web Bug: Any object embedded in a website utilized to track and alert spammers of visitors to their websites. Web Bugs can also be implemented as little bits of javascript or CSS, as well as placed within an HTML frame.
 
56. 病蟲
  病蟲則是不需要使用主機檔就可在系統間自行複製的程式。Worm:Worms are programs that replicate themselves from system to system without the use of a host file.
 
57. 殭屍電腦
  殭屍電腦指的是遭到破壞,並被利用在各種不同的犯罪用途上的電腦,例如寄送垃圾郵件、裝載散播垃圾郵件廣告訊息的網站,以及當作殭屍電腦主機之 DNS 伺服器來使用的電腦。Zombie: A zombie is a computer that has been compromised and is being used for various criminal related interests such as sending spam, hosting web sites that advertise spam, and acting as DNS servers for zombie hosts.
 
本產品快速支援/資源窗口:
 
其它有用資訊:
 
賽門鐵克的其它第一名解決方案: