UMMI SYAFIQAH BINTI RADZMAN

ANSWER
1. How do social media users become victims to their online attackers?

Social media platforms are like honey to a wasp where cybercrime is concerned. It has a
deep pool of easily accessible personal and sensitive information which are the perfect
ingredients for online attacks.

The first point is oversharing. Social media users tend to create a detailed profile of
themselves which is extremely valuable to the attackers. For an example, cybercriminals
would routinely trawl through social networks to identify high-potential targets, before learning
more about them by scouring their public profiles for details history of their job, activities and
interest. In addition, by the help of social media, the easier they make things for criminals to
create a phishing persona for their target.

Next, online attackers tend to bait their target by using false promise to pique a victim’s greed
or curiosity. They lure users into a trap that steals their personal information or inflicts their
systems with malware. For an example, online form of baiting consists of enticing ads on their
social media sites that lead to malicious sites or that encourage users to download a malware-
infected application.

Besides that, social media users usually forgot to maintain good digital hygiene of their social
media accounts. This is very important to protect users from cybercrime such as cyber
harassment, cyberbullying and cyberstalking. Digital hygiene can be maintained by adjusting
privacy setting to clean up your accounts from suspicious person in your contact. Plus, it’s
also a good idea to keep things like your feed, timeline and message threads free from
negative comments that can give you a significant impact when you re-read them.

Furthermore, many social media application and services reveal our IP address to the person
with whom we’re communicating. This is very important because it is directly related to your
personal data. For an example, your IP address is linked to the photo you shared in your feed
or to your friends in the chat box. This gives cyberstalkers opportunities to find your physical
address and your current whereabouts.

Lastly, information leaks can be one of the reasons for cyberattacks to happen. Users
normally refuse or forgot to update their software as it seems to be trivial and unnecessary.
However, regular software updates are crucial as it helps patch security vulnerabilities and
help ensure your information remains safe.

2021125989
 UMMI SYAFIQAH BINTI RADZMAN

2. In your opinion, why are shortened URLs claimed to be a security issue?

Shortened URLs are usually seen in emails, resumes and cover letter, and in text
messages. A shortened URLs is used to make it convenient for users to share the web
pages. Basically, URL is shorted using URL shortener, which “remembers” the full
address. When other users go to the shortened URL, they will be automatically redirected
to the full address. The webpage will still exist at the longer URL, the shortened URL is
simply a shortcut to make the link easier to manage.

In my opinion shortened URLs claimed to be a security issue because we don’t know

where the web browser will actually take us. Shortened URLs, such as from bit.ly and
goo.gl make it easy to type in a web address quickly, but the drawback of it could lead you
to be a victim of cybercrime. This is because criminals will use shortened URLs to direct
victims to phishing sites or initiate a download of malicious software on to your device.

Besides that, some URL shorteners allow the user who shortening the URL to log the
target’s IP address, even if the reader is not visiting their sites. This is dangerous as it
involves our physical location which can lead to cyberstalking.

Furthermore, when URL shortener condense a link, the actual domain name of the site
recipient will be directed will be directed to becomes obscured with random letters and
numbers. It will be hard for us to figure out we are clicking a malware link or being directed
to a spoofing page where credentials can be stolen. Pisher usually use emails and social
post to their targeted victim as they do not know better or cannot resist the temptation.

2021125989
 UMMI SYAFIQAH BINTI RADZMAN

3. Suggest FOUR ways to protect your social media activities from major security and
privacy attacks.

The first important ways to protect your social media activities by stop oversharing.
Providing too much information on your social networking sites such as Facebook, Twitter,
and Instagram could make it easier for the cybercriminals to gain personal and sensitive
information about yourself. This will allow them to steal your identity or to access your
financial information.

For an example, identity thief determines your school’s name or birth date from digging
through your social media account such as Facebook. This information is sometimes used
as security questions to change password on financial accounts.

Second, use a virtual private network. A virtual private network (VPN) gives you online
privacy and anonymity by creating a private network from a public internet connection.
VPNs will hide your IP address so your online activities are virtually untraceable.

A VPN can be used especially when you’re on public Wi-Fi at a library, coffee shop, or
other public location. A VPN will make it more difficult for cyber criminals to breach your
online privacy and access your personal information.

Third, be careful where you click. One of the ways in which hackers meddle your online
privacy is through phishing attempts. In phishing, scammers will try to trick their victim to
provide their valuable financial or personal information. For an example, the scammers
will send fake emails that appears to be from banks, credit card providers, or other financial
institution, where the victim need to click on a link and verify your financial information to
keep your account from being frozen or closed.

Before clicking on suspicious links, we should hover your cursor over the link to view the
destination URL. If it did not match the financial website we use, do not click it.

Last but not least, always install antivirus software on all of your devices. This can keep
hackers from remotely taking over our computer, accessing our personal and financial
information, and tracking our location. Moreover, manufacturers frequently update their
virus protection software as a defense against the latest malware, spyware, and other
viruses. Install updates as soon as it become available or set up an automatic update on
all your devices.

2021125989