An algorithm is a set of instructions that tells a computer how to complete a task or solve a problem. Algorithms power everything from search engines deciding which results to show you first, to social media feeds choosing which posts appear at the top, to streaming services recommending what to watch next. In AI systems, algorithms analyse patterns in data to make predictions or decisions.

Antivirus software is a program that scans your devices to detect, block, and remove malicious software (malware) like viruses, ransomware, and spyware. Modern antivirus tools go beyond traditional virus detection to include phishing protection, web filtering, and real-time threat monitoring. Many comprehensive security suites now combine antivirus with additional protection features like VPNs and password managers.

Artificial Intelligence (AI) is technology that enables computers to perform tasks typically requiring human intelligence, such as understanding language, recognising images, making decisions, or solving problems. AI systems learn from data and improve over time. You encounter AI daily through voice assistants, recommendation algorithms, chatbots, and facial recognition. While AI offers powerful capabilities, it also introduces new challenges around privacy, misinformation, and deepfakes.

Biometric data is unique physical or behavioural characteristics used to identify individuals, such as fingerprints, facial features, iris patterns, or voice prints. Whilst biometric authentication (like Face ID or fingerprint scanners) provides convenient security for devices and accounts, this data is permanent and cannot be changed if compromised. Unlike passwords, you cannot reset your fingerprint. Understanding the privacy implications of biometric data collection is increasingly important as this technology becomes more widespread.

Blockchain is a shared digital ledger that stores records in blocks that are linked (or “chained”) together. Once a block is added, it’s very hard to change, which helps prove the history of a record without relying on a single owner. Blockchains power cryptocurrencies and NFTs, but they can also track other things like supply chains or certificates. Risks include scams, irreversible mistakes, and energy use depending on the design.

A bot is an automated program that performs repetitive tasks online without human intervention. Bots range from helpful (like search engine crawlers or customer service chatbots) to harmful (like bots that spread spam, scrape data, or launch DDoS attacks). Social media bots can manipulate discussions by posting fake comments or inflating engagement metrics. Whilst legitimate bots serve useful purposes, malicious bots pose security and misinformation risks across the internet.

Browser history is a record of websites visited through a web browser. Whilst useful for revisiting sites or tracking online activity, browser history can reveal sensitive information about interests, health searches, financial activity, or personal relationships. Most browsers allow you to view, delete, or automatically clear your history. Private or incognito mode prevents history from being saved locally, though it does not make you anonymous online or hide activity from your internet service provider.

A chatbot is an AI-powered program designed to simulate conversation with users through text or voice. Modern AI chatbots can answer questions, provide customer support, offer companionship, or even roleplay scenarios. Whilst these tools can be helpful, they raise concerns about emotional dependency, mental health impacts, data privacy, and the potential for manipulation. It's important to understand that chatbots are not human and their responses are generated based on patterns in training data, not genuine understanding or emotion.

Cloud security is the set of policies, controls, and technologies that protect data, applications, and infrastructure stored on remote servers accessed via the internet. When you save files to Google Drive, iCloud, or Dropbox, cloud security measures protect that information from unauthorised access, data breaches, and loss. Key aspects include encryption (both in transit and at rest), access controls, regular security updates, and backup systems. Understanding how cloud providers secure your data helps you make informed decisions about what to store online.

Cookies are small text files stored on your device by websites you visit. Cookies serve various purposes: remembering login details, keeping items in shopping baskets, or tracking your activity across sites for advertising. Whilst first-party cookies (from the site you're visiting) are often necessary for functionality, third-party tracking cookies follow you across the web to build detailed profiles of your browsing behaviour. Most browsers now allow you to block or limit cookies, though this may affect site functionality. Understanding cookie policies helps you balance convenience with privacy.

Cyberbullying is the use of digital technology to harass, threaten, embarrass, or target another person. This includes sending mean messages, spreading rumours online, sharing embarrassing photos, excluding someone from online groups, or impersonating someone to damage their reputation. Unlike traditional bullying, cyberbullying can follow targets anywhere, occur 24/7, reach wide audiences instantly, and persist permanently online. The anonymity and distance of digital communication can embolden bullies whilst making victims feel isolated. AI now enables new forms of cyberbullying through deepfakes or generated content.

The dark web is a hidden part of the internet requiring special software (like Tor) to access, designed to keep users and site operators anonymous. Whilst legitimate users access it for privacy in oppressive regimes, whistleblowing, or research, the dark web is also notorious for illegal marketplaces selling drugs, stolen data, hacking tools, and forged documents. Your personal information may appear on dark web forums following data breaches. Many identity theft protection services monitor dark web activity for your compromised credentials.

A data breach is an incident where unauthorised individuals gain access to sensitive, protected, or confidential information. Breaches can result from cyberattacks, insider threats, lost devices, or poor security practices. Compromised data might include passwords, credit card numbers, addresses, health records, or personal communications. Following a breach, affected individuals face risks of identity theft, fraud, or account takeovers. Companies typically notify affected users, but it's wise to monitor your accounts and consider changing passwords when breaches occur at services you use.

A DDoS (Distributed Denial of Service) attack is a cyberattack that floods a website or online service with overwhelming traffic from multiple sources, making it unavailable to legitimate users. Attackers typically use networks of compromised computers (botnets) to launch these attacks. Whilst DDoS attacks don't usually steal data, they can shut down businesses, disrupt services, or serve as distractions whilst other attacks occur. High-profile websites and online services occasionally face DDoS attacks from hacktivists, competitors, or criminals demanding ransom.

A deepfake is synthetic media created using AI to realistically manipulate or generate visual and audio content, typically making someone appear to say or do something they never did. Deepfake technology can swap faces in videos, clone voices, or generate entirely fabricated footage. Whilst some applications are harmless entertainment, deepfakes pose serious risks for misinformation, fraud, defamation, and non-consensual explicit content. Businesses face deepfake scams where criminals impersonate executives to authorise fraudulent transactions.

Doxxing is the malicious practice of researching and publicly broadcasting private or identifying information about an individual without consent. This might include home addresses, phone numbers, workplace details, family information, or financial records. Doxxing is often used for harassment, intimidation, or revenge, and can lead to swatting (false emergency calls), stalking, or physical threats. Information is typically gathered from social media, public records, data breaches, or through social engineering. Protecting against doxxing requires careful management of personal information shared online.

Encryption is the process of converting information into a coded format that cannot be read without the correct decryption key. Think of it as putting your message in a locked box that only the intended recipient has the key to open. End-to-end encryption means only you and your recipient can read messages, not even the service provider. Encryption protects sensitive data during transmission (like online shopping) and storage (like files on your device). It's fundamental to secure communication, online banking, password protection, and VPN technology.

A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Think of it as a security guard checking credentials at a building entrance. Firewalls block unauthorised access whilst allowing legitimate communication. Most operating systems include built-in software firewalls, and routers typically have hardware firewalls. Firewalls form a crucial first line of defence against hackers, malware, and unauthorised access attempts. Properly configured firewalls are essential for both personal device security and business network protection.

GPS tracking is technology that uses satellite signals to determine and monitor the real-time location of a device. GPS tracking apps and devices serve various purposes: locating lost phones, coordinating with family members, monitoring vehicle fleets, or keeping track of vulnerable individuals. Whilst GPS tracking offers safety and convenience benefits, it also raises privacy concerns. Location data reveals sensitive patterns about daily routines, relationships, and personal activities. Apps often collect and share location data, sometimes without clear disclosure. Understanding GPS tracking capabilities and settings helps balance safety with privacy.

A hacker is someone who uses technical knowledge to gain unauthorised access to systems, networks, or data. The term encompasses a spectrum: ‘white hat' hackers work legally to find and fix security vulnerabilities, ‘black hat' hackers engage in criminal activity, and ‘grey hat' hackers fall somewhere between. Malicious hackers exploit weaknesses to steal data, install malware, commit fraud, or cause disruption. Common hacking methods include phishing, exploiting software vulnerabilities, credential stuffing, and social engineering. Protecting against hacking requires strong passwords, regular updates, and security awareness.

Identity theft is a crime where someone fraudulently obtains and uses another person's personal information (such as name, date of birth, address, National Insurance number, or financial details) without permission, typically for financial gain. Thieves might open bank accounts, apply for credit, file tax returns, receive medical treatment, or commit crimes in the victim's name. Identity theft can occur through data breaches, phishing, mail theft, or lost documents. Identity theft protection services monitor for unauthorised use of your information and assist with recovery. Prevention includes secure document handling, monitoring credit reports, and using strong, unique passwords.

Incognito mode (also called private browsing or InPrivate mode) is a browser feature that doesn't save your browsing history, cookies, or site data after you close the window. However, it's not truly private: your internet service provider, employer, school, and the websites you visit can still see your activity. Incognito mode doesn't hide your IP address, prevent tracking, or make you anonymous. It's useful for preventing others who share your device from seeing your browsing, or for logging into multiple accounts simultaneously, but for genuine privacy you need additional tools like a VPN.

A keylogger is software or hardware that records every keystroke made on a device, capturing passwords, messages, search queries, and any other typed information. Malicious keyloggers are installed secretly through malware, phishing, or physical access to devices. Whilst legitimate uses exist (like parental monitoring or corporate security), criminal keyloggers steal credentials for identity theft, financial fraud, or espionage. Protection includes using antivirus software, being cautious about downloads, avoiding public computers for sensitive tasks, and enabling on-screen keyboards for password entry when security is uncertain.

Machine learning is a subset of artificial intelligence where systems learn and improve from experience without being explicitly programmed. Instead of following predetermined rules, machine learning algorithms analyse patterns in large datasets to make predictions or decisions. You encounter machine learning in spam filters, recommendation systems, voice assistants, and facial recognition. The quality of machine learning depends heavily on training data, which can inadvertently encode biases.

Malware is malicious software designed to damage, disrupt, or gain unauthorised access to computer systems. The term includes viruses, trojans, worms, spyware, ransomware, and adware. Malware spreads through infected downloads, email attachments, compromised websites, or removable media. Signs of infection include slow performance, unexpected pop-ups, or unusual system behaviour. Protection requires up-to-date antivirus software, cautious downloading habits, and regular system updates.

Metadata is data about data. It's the information describing when, where, and how content was created, separate from the content itself. Photos contain metadata showing camera settings, GPS coordinates, and timestamps. Documents include author names, edit history, and creation dates. Emails carry sender details, routing information, and timestamps. Many privacy incidents occur because people don't realise how much metadata reveals. Tools can strip metadata from files before sharing them online.

An NFT (Non-Fungible Token) is a unique digital asset stored on a blockchain that represents ownership or authenticity of specific content, typically digital art, collectibles, or media. Unlike cryptocurrency, each NFT is distinct and cannot be exchanged one-to-one. The market faces challenges including scams, copyright issues, environmental concerns, and volatility. Verify legitimacy and understand the risks.

Parental controls allow adults to monitor and limit children's device usage and online activity. Capabilities include screen time limits, app restrictions, website filtering, location tracking, and activity monitoring. Built-in options exist in most operating systems and social platforms, whilst dedicated apps offer more comprehensive features. Effective use requires balancing safety with privacy and trust.

A password manager securely stores and generates passwords for your online accounts, protected behind a single master password. Modern managers work across devices, alert you to compromised passwords, and often include secure notes and 2FA codes. Using one is a high-impact security improvement.

A patch (or software update) fixes security vulnerabilities, bugs, or improves functionality in existing software. Enable automatic updates where possible, or install security patches promptly across operating systems, apps, browsers, and connected devices.

Phishing is a cyberattack where criminals impersonate trusted entities to trick people into revealing sensitive information like passwords or card numbers. Attacks arrive via email, SMS (smishing), calls (vishing), fake sites, or social media. Watch for urgency, suspicious links, requests for personal info, and sender anomalies.

A privacy policy explains how an organisation collects, uses, stores, and shares your personal information. Key things to check: what data is collected, whether data is sold to third parties, how long it's retained, and what happens if the company is sold.

Ransomware encrypts files on infected devices and demands payment for decryption, often with threats to leak data. It spreads via phishing, malicious downloads, or unpatched vulnerabilities. Protection includes offline backups, security software, cautious email habits, and prompt updates.

A scam is a fraudulent scheme designed to deceive people into providing money or personal information. Examples include fake shops, romance scams, investment fraud, tech support scams, or impersonation scams. Red flags include unsolicited contact, urgency, unusual payment methods, and offers that seem too good to be true.

Screen time is the amount of time spent using devices with screens. Excessive time links to concerns like disrupted sleep, reduced activity, and mental health impacts. Most devices now include built-in tracking and controls. Focus on the quality of activities, not just duration.

Sextortion is blackmail where criminals threaten to share intimate images or videos unless the victim pays money or provides more content. Some claims are fabricated. Do not pay or comply, save communications as evidence, report to police, and seek support.

Social engineering manipulates people into performing actions or divulging confidential information using trust, fear, urgency, or curiosity. Examples include phishing, fake tech support calls, and pretexting. Defence requires scepticism and verification.

Spoofing disguises communication or identity to appear as though it comes from a trusted source. Email, caller ID, website, and IP spoofing are common. Verify identities through independent channels and use tools that detect spoofing attempts.

Spyware secretly monitors and collects information about a user's activities without their knowledge or consent. It may track browsing, record keystrokes, access files, activate cameras or microphones, or steal passwords. Some monitoring tools are marketed as legitimate, but consent is key.

SSL/TLS secures connections between browsers and servers. The padlock and “https://” indicate an encrypted connection, but do not guarantee a site is legitimate. Use additional checks when assessing website safety.

Training data is the information used to teach AI systems how to perform tasks. The quality, diversity, and representativeness of the data strongly affect performance. Biased training data produces biased systems, and privacy concerns arise when personal information is included without consent.

Two-factor authentication (2FA) requires two different forms of identification before granting access. Typically, this combines something you know (password) with something you have (code) or something you are (biometric). Authenticator apps are generally more secure than SMS.

A VPN creates an encrypted connection between your device and the internet, routing traffic through a secure server. It masks your IP address and protects data on public Wi-Fi, but you are shifting trust to the VPN provider. Choose reputable services with clear privacy policies.

Whitelists allow only approved entities, blocking everything else. Blacklists block known bad entities while allowing others. Whitelists are more secure but restrictive; blacklists are flexible but reactive. Many systems combine both. Modern terminology often uses allowlist and blocklist.

Wi-Fi security protects wireless networks from unauthorised access and eavesdropping. Use WPA3 or WPA2 encryption, strong router passwords, change default credentials, keep firmware updated, and use guest networks. On public Wi-Fi, use a VPN and avoid sensitive accounts.

A zero-day exploit takes advantage of a vulnerability unknown to the vendor, so no patch exists yet. These are dangerous and valuable to attackers. Mitigate risk with updates, behaviour-based security, and good security hygiene.

Zero trust security assumes no user or device should be automatically trusted, even inside the network. Verify explicitly, use least-privilege access, and assume breach to limit damage. This aligns with modern work across cloud and mobile.