Account Takeover Fraud (ATO)

Account Takeover Fraud (ATO) is a severe form of cybercrime in which attackers gain unauthorized access to a legitimate user’s online account, most commonly by exploiting stolen, leaked, or otherwise compromised credentials. Once control is obtained, threat actors can conduct fraudulent transactions, withdraw funds, steal personally identifiable information (PII), change account details, or impersonate the victim to target additional individuals or organizations. ATO attacks frequently originate from phishing campaigns, malware infections, credential‑stuffing operations, or credentials purchased on the dark web. Because ATO directly impacts customers, revenue, and brand trust, it is one of the most damaging and fast‑growing digital fraud threats facing organizations today.

active content

Active content refers to executable elements embedded within digital files such as documents, spreadsheets, presentations, PDFs, and emails, including macros, scripts, and embedded code objects. While active content is often used to enhance productivity and automation, it is commonly exploited by attackers to deliver malware, initiate exploit chains, or execute unauthorized actions when a file is opened. Malicious active content is a frequent entry point for ransomware, credential theft, and lateral movement attacks. As a result, many organizations implement strict controls, inspection, or sanitization of active content to reduce the risk of document‑based cyber threats.

adaptive data loss prevention (A-DLP)

Solutions that automatically apply the optimal security treatment based on data’s content, context, and required regulation policies. This includes real-time redaction, encryption, blocking, or deleting. Fortra’s Digital Guardian and Clearswift product lines deliver adaptive data loss prevention solutions.

Adaptive Redaction

A process involving the identification of critical or confidential information and cyber threats which are either redacted or sanitized to allow the ongoing flow of communication with no disruption.

advanced persistent threat (APT)

A cybercrime category directed at business and political targets. APTs require a high degree of stealth over a prolonged duration of operation to be successful.

Anti-steganography

A sanitization feature operating at the appliance level that detects and cleans exploited images containing nearly undetectable malicious text, hidden code, or malware that flow in and out of the network that are typically not noticed.

antivirus (AV)

A program that searches, detects, prevents, and removes software viruses from a computer or server.

artificial intelligence (AI)

A branch of computer science dealing with the simulation of intelligent behavior in computers; also the capability of a machine to imitate intelligent human behavior.

Automated Remediation

After attack or threat incidents are reported, an automated workflow takes place, including investigative analysis and triage, minimizing manual efforts to accelerate time-to-containment.

Brand Abuse

Unauthorized use of an organization’s brand to delude customers with counterfeiting, social media spoofing, look-alike domain registrations, and other trademark infringements.

brand indicators for message identification (BIMI)

A standardized method for businesses to showcase their brand logo next to the subject line of their authenticated emails so they stand out in crowded inboxes, with built-in protections against brand spoofing.

Brand Protection

Technology that actively monitors and defends a company's reputation, digital assets, and revenue against threats like fraud, counterfeiting, and misuse across the internet, dark web, and digital platforms.

Browser-Blocking

A method of threat mitigation designed to block access to a website determined to be a security threat to web browsers and site visitors.

business email compromise (BEC)

A type of targeted phishing attack where the sender tricks email recipients into believing someone they know and trust (usually an executive) is asking them to carry out a specific financial task. Fortra’s Agari product line delivers BEC solutions. 

Business Intelligence (BI)

Real-time data that enables executives and users to make informed business decisions while easing the burden on IT. Fortra’s Sequel product line delivers business intelligence solutions. 

business process automation (BPA)

The automation of complex business processes and functions beyond conventional data manipulation and record-keeping activities, usually through advanced technologies. Fortra’s Automate and Robot product lines deliver BPA solutions. 

California Consumer Privacy Act of 2018 (CCPA)

A law that gives California consumers more control over the personal information businesses collect about them.

capacity management

Capacity management's goal is to ensure that information technology resources are sufficient to meet upcoming business requirements cost-effectively. Fortra’s Vityl product line delivers capacity management solutions.

Claw-back

An automated process in Fortra's Global Inbox Threat Intelligence feeds by which indicators of compromise are utilized to detect and proactively remove, or claw-back, threats that make it into multiple inboxes across an organization and suspends them.

cloud access security broker (CASB)

A layer of security policy enforcement between enterprise users and cloud service providers. CASBs provide security for devices and applications. Fortra doesn’t offer a CASB but some of our products are used with them. 

cloud computing

This refers to applications and services offered over the internet. They are essentially data centers, collectively referred to as “the cloud.” Cloud computing uses a network of remote servers hosted on the internet to store, manage, and process data, rather than a local server or a personal computer.

Cloud Email

An email communication and storage system that is hosted or migrated to the cloud and is separate from an enterprise's private communication infrastructure.

command and control (C2)

Used in context of red teaming security.

Common Vulnerabilities and Exposures (CVE)

A list of publicly known security vulnerabilities and exposures.

Compromised Credentials / Leaked Credentials

Credentials obtained by someone other than the owner. These compromised credentials could be usernames, passwords, and any other authentic credentials exposed from a cybersecurity breach and sold on the dark web for nefarious purposes.

Computer Vision

A subset of artificial intelligence that centers on the ability to perceive and understand objects and data in images and video in order to perform and automate tasks that replicate human capabilities.

confidentiality, integrity, availability (CIA)

At the core of information security is data assurance, also known as the CIA triad or the three pillars of data security - the balanced protection of confidentiality, integrity, and availability of data without hampering organizational productivity.

Configuration Management Database (CMDB)

A file that contains all relevant information about the hardware and software components used in an organization's IT services and the relationships between those components.

content management system (CMS)

Software used to manage the creation and modification of digital content.

content security policy (CSP)

A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context.

continuous integration & continuous delivery (CI/CD)

Redhat definition - CI/CD is a method to frequently deliver apps to customers by introducing automation into the stage of app development

controlled unclassified information (CUI)

A term that applies to U.S. federal agencies that routinely generate, use, store, and share information that, while not classified, still requires some level of protection from unauthorized access and release.

Counterfeit Fraud

Imitating legitimate brands to steal or deceive customers into giving them money.

Credential Theft

Illegally obtaining usernames and passwords to get access to networks, systems, or other online accounts.

Crimeware

A subgroup of malware designed to carry out or facilitate illegal online activity, including account access, theft, fraud, social engineering, and more.

critical infrastructure protection (CIP)

A concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or nation.