Definitions
- Account Takeover (ATO) is an attack whereby cybercriminals take ownership of online accounts using stolen passwords and usernames. Cybercriminals generally purchase a list of credentials via the dark web – typically gained from social engineering, data breaches and email phishing attacks.
- Business Email Compromise (BEC - also known as the man-in-the-email scam) is an email scam in which financially motivated adversaries trick unsuspecting executives and employees into making payments or sending sensitive data to fraudulent accounts. Attackers accomplish this by using a variety of techniques that manipulate users into sending money or data.
- Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss.
- Email archiving is a system for preserving email communications in a format that can be digitally stored, indexed, searched and retrieved.
- eDiscovery, or electronic discovery, is the process of obtaining and exchanging evidence in a legal case or investigation. E-discovery is used in the initial phases of litigation when involved parties are required to provide relevant records and evidence related to a case.
- Legal Hold, also known as a litigation hold, is the process by which organizations preserve potentially relevant information when litigation is pending or reasonably anticipated. By issuing a legal hold, organizations notify custodians about their duty not to delete Electrons Stored Information such as emails or physical documents relevant to a case.