Online Safety, Etiquette and Security

Online Safety and Etiquette

You’re online and come across something that makes you feel uncomfortable or
worried. Maybe a friend from school is being bullied and you don’t know what to do.
Or maybe, someone’s messages go from friendly to threatening.

There are so many things to love about being connected, but the internet is also
being misused and abused every day, and young people are paying the price.

How do we make the internet a safer place for all of us? Here’s what you can do
today:

· Be kind online. Support your peers by sending positive messages, a smile

or a high-five.

· Share these videos to spread the word about online safety and get your
friends talking.

· Check your settings and your passwords: is your password 12345? Have you
shared it with a friend? Who can see what you post online? When’s the last time you
reviewed your privacy settings?

· And remember, it starts with you! Don’t spread rumors or share hurtful or
embarrassing stories or photos. What may seem like a harmless joke to one person
can be deeply hurtful to others.

Think before you accept

Before you accept a friend request you should have a look at their profile – and
try to see who they are. Remember: Sometimes people pretend to be someone they are
not, and it’s hard to know if they are telling the truth.

Do you have friends in common? Are you from the same town? Don’t feel pressured to
accept random friend requests. Check your privacy settings so that people you don’t
know don’t see any information that you don’t want them to see.

Think before you send

Don’t spread rumors or share hurtful or embarrassing stories or photos. What may
seem like a harmless joke to one person can be deeply hurtful to others.

Think twice before you click ‘send’, especially if you’re upset or angry. Once you
share a message, photo or video, it’s hard to control what happens to it. Taking it
down is nearly impossible.

And remember you have the right to privacy – and so do others. It is not okay to
log into other people’s accounts or to use their phones without their permission.

Think before you share

You can change the privacy settings on your social media platforms to help you
control who sees your information – and all the locations where you’ve checked in.
Think carefully about what you share with whom. Don’t share personal information
like your address, phone number or bank details. And definitely don’t share your
passwords!

If your privacy settings are not secure, anyone can see your information.

Report it!

If you’ve seen something on social media that made you upset or hurt you, you can
report it. On many social media platforms, you can report a specific post or photo
if it is against the community standards. Most social media platforms let you
‘block’ a person so that you don’t see their content and they cannot contact you or
send you messages.

Don’t keep your fears to yourself

If you are worried about your safety or something that has happened to you online,
urgently speak to an adult you trust. Visit Child Helpline International to find
help in your country. Many countries have a special helpline you can call for free
and talk to someone anonymously.

Online Security

The standard definition of online security calls it the mix of rules that are
followed and actions that are taken to make sure online user data and privacy
aren’t compromised by cybercriminals.

Online security can be something as complex as a system that’s designed to prevent

credit card theft, or something as simple as you using an antivirus software to
protect your device from malware and viruses.

The Biggest Threats to Your Online Security

There are dozens of online security threats on the Internet, so we decided to focus
on the most dangerous and common ones. In case you thought of an online threat that
should be on our list, feel free to get in touch with us and let us know.

With that out of the way, let’s get started:

1. Malware

Malware is malicious software that has been programmed to infect any device it
comes in contact with. The total number of malwares has been increasing
significantly over the past years, so malware is one of the biggest security
threats on the web right now.
The usual types of malwares that are used nowadays include:

· Viruses – A type of self-replicating malware.

· Adware – Exposes you to tons of unwanted ads.

· Spyware – Logs your personal data through keyloggers.

· Ransomware – Encrypts sensitive data or prevents you from accessing your

device until a ransom is paid.

· Trojan Horses – Malicious programs that are built (usually without the
manufacturer/programmer knowing) into legitimate applications.

· Computer worms – malware that doesn’t need to be attached to other files

or programs, lives in the computer memory, and infects other devices on the same
network.

Malware is normally used to steal sensitive information (credit card details, login
credentials, personal identifiable information, etc.) in order to steal money from
the victim, or as a way to make a profit by selling the data on the deep web.

Malware can also be used to steal someone’s identity, hold important information
hostage for ransom, or to simply damage somebody’s hard drive and/or device.

2. Phishing

Phishing generally involves cybercriminals trying to deceive you into revealing

personal and financial information by either pretending to be a legitimate business
or by trying to threaten you with legal repercussions if you don’t comply.

Cybercriminals who run phishing attacks will use various methods to trick online
users:

· Fake emails and SMS messages

· Fake websites

· Website forgery (different from fake websites, as they involve JavaScript

commands that change the address bar)

· Link manipulation

· Social engineering

· Phlashing (a phishing method that relies on Flash)

· Covert redirects (basically, legitimate websites that get hacked to

redirect visitors to fake websites)

Phishing attacks are a serious threat. Since 2017, they have gone up by 65%. What’s
more, there are reportedly around 1.5 million phishing websites on the Internet.
3. Pharming

Pharming is a method cybercriminal might use to improve their odds of tricking

online users with phishing websites. Unlike phishing, pharming doesn’t rely so much
on fake messages. Instead, cybercriminals attempt to directly redirect user
connection requests to malicious websites.

Generally, DNS cache poisoning will be used to take control of your browser’s URL
address bar. Even if you will type in the correct email address or IP address of
the website you want to access, you will still be redirected to a phishing website.

4. Application Vulnerabilities

Application vulnerabilities are usually bugs and errors found in the code of a
specific program which can be taken advantage of by cybercriminals to access and
steal user data. These issues are normally solved with an update.

Facebook’s vulnerability that allowed hackers to take over user accounts

(endangering up to 50 million accounts) is a good example of this.

5. DoS and DDoS Attacks

DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks are used
to overwhelm network servers in an attempt to take a website or an online service
down – either for a few minutes, hours, or even days. DoS attacks originate from a
single computer, while DDoS attacks come from a whole network of infected computers
(called a botnet).

These kinds of attacks can be used by experienced hackers, but also by anyone who
has the money to pay for DoS attacks or to rent botnets.

DoS and DDoS attacks are not particularly dangerous to your online security as an
individual Internet user. They’re more of a source of annoyance, and normally
become a serious threat if you run an online business or a website. Why? Because
DoS and DDoS attacks can cause you unnecessary downtime, and cost you the trust of
your customers.

Of course, there’s always a chance that DoS and DDoS attacks could be used by
cybercriminals as a smokescreen to keep security teams from noticing that they are
trying to breach user data. In that case, DoS and DDoS attacks become a concern for
everyone.

6. Scams

Scammers have been preying on people before the Internet was a thing. Now, they’re
more active and successful than ever since scamming people out of their money and
personal information is much easier.

Usually, scammers will employ all sorts of tactics to deceive online users and
trick them into revealing sensitive information (like their Social Security Number,
credit card details, bank account details, email login credentials, etc.) so that
they can either steal their money or their identity.

Online scams will usually involve phishing attempts, but they can also involve
other methods:

· Classified ads

· Employment scams

· Ponzi schemes

· Pyramid schemes

· Advance-fee scams

· Betting’s scams

· Catfishing

7. Rootkits

A rootkit is a collection of programs or tools that give cybercriminals complete

control over a computer or a network of Internet-connected devices. Some rootkits
will even install keyloggers and disable antivirus programs once they get into a
computer.

Hackers won’t be able to install rootkits directly on a device, though (unless they
somehow have access to it). Instead, they will rely on phishing tactics, fake
links, fake software, and malicious websites to get the job done.

It’s pretty obvious why rootkits are dangerous – they can be used to steal money
and sensitive information from both individual online users and large businesses.

8. SQL Injection Attacks

Basically, SQL (Structured Query Language) is used by servers to store website

data. So, an SQL injection attack is something that can endanger all user data on a
website.

In terms of how these attacks work, SQL injections use malicious code to exploit
security vulnerabilities in web applications. These kinds of attacks can result in
website data being stolen, deleted, and can even void website transactions.

Unfortunately, there’s not much the average online user can do against SQL
injection attacks. The best thing they can do is stick with a service provider that
is known to use reliable and secure servers, and who doesn’t ask for too much
personal information.

9. Man-in-the-Middle Attacks

Man-in-the-Middle (MITM) attacks involve a cybercriminal intercepting or altering

communications between two parties.
A good example of that is a hacker who intercepts the communications between your
device and a website. The cybercriminal could intercept your connection request,
alter it to suit their needs, forward it to the website, and then intercept the
response. This way, they could steal valuable information from you, such as your
login details, credit card info, or bank account credentials.

MITM attacks can rely on malware for their success, but there are also multiple
other ways a MITM attack can occur, with these being the most common methods:

· DNS spoofing

· HTTPS spoofing

· Wi-Fi hacking

· IP spoofing

· SSL hijacking

10. Spamming

Spamming can be defined as the mass distribution of unsolicited messages on the

Internet. The messages can contain anything from simple ads to pornography. The
messages can be sent through email, on social media, blog comments, or messaging
apps.

Spam is usually just annoying, but it can also be detrimental to your online
security if the messages you receive are phishing attempts, come with malicious
links, or contain malware-infected attachments.