Software which performs activities on a user’s computer without first notifying the user as to exactly what the software will do on the computer, or asking the user for consent to these actions.
- EXAMPLE 1 A program that hijacks user configurations.
- EXAMPLE 2 A program that causes endless popup advertisements which cannot be easily stopped by the user.
- EXAMPLE 3 Adware and spyware.
Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards