E-SA F E T Y A ND H E A LT H &

SAFETY i on a l A S a n d A L e v e l
Camb r id g e I n t e r n a t ANJAN MAHANTA
phuketipc.com
anjan_mahanta@satree
LEARNING OBJECTIVES
• EXPLAIN WHY E-SAFETY IS NECESSARY AND WHY DATA SHOULD BE KEPT
CONFIDENTIAL

• DESCRIBE HOW PERSONAL DATA CAN BE GATHERED BY UNAUTHORIZED PERSONS

AND HOW CAN PROTECT AGAINST THIS

• DESCRIBE A NUMBER OF MALWARE ISSUES

• DESCRIBE POTENTIAL HEALTH AND SAFETY ISSUES RELATING TO USING COMPUTERS

2
INTRODUCTION
▪ E-Safety is concerned with protecting personal
data to avoid online exploitation either by
bullying or identity theft.

▪ A person should be very careful about revealing

their personal data, such as their bank details,
medical records, their salary, and sometimes
sensitive data, such as their political opinions.

3
ONLINE RESOURCES
E-safety
• www.youtube.com/watch?v=HAY8uDBCd3k
• https://vimeo.com/esafetyoffice
• www.whoishostingthis.com/resources/e-safety/
• https://home.mcafee.com/advicecenter/?id=ad_itp_1ttpypiai&ctst=1
• www.theguardian.com/technology/2013/sep/16/10-ways-keep-personal-data-safe
• www.webopedia.com/TERM/P/pharming.html
• www.webopedia.com/TERM/P/phishing.html
• www.webopedia.com/TERM/S/smishing_scams.html
• www.webopedia.com/TERM/V/vishing.html
• https://security.intuit.com/index.php/protect-your-information/phishing-pharming-vishing-and-smishing

4
 MEASURES TO IMPROVE OUR E-SAFETY
▪ Only use websites that are recommended by a trusted source, for
example, a teacher or a parent
▪ Use a search engine that has a filter to remove inappropriate content
▪ Do not open any email attachments from a sender you do not
recognize
▪ Be very cautious when providing personal data
▪ Be cautious about any pictures or opinions that you post or send to
people
▪ Do not become friends on social networking sites with people you do
not know

5
MEASURES TO IMPROVE OUR E-SAFETY
▪ Never arrange face-to-face meetings with a person that you meet online
▪ Make sure you set all the privacy controls that are available on social media accounts
▪ Report and block any unwanted user
▪ Use a nickname or pseudonym when using the internet for entertainment, for example,
playing games

6
SAFETY MEASURES
▪ If another person posts anything abusive about you online ,you can report this behavior and they
could face criminal prosecution.
▪ Similarly, if you post anything online that is abusive about another person you could face criminal
proceedings. Even if the abuse is from an anonymous source, it is easy to trace from where the
messages or images have been sent.
▪ Make sure that the passwords you have set on your social networking accounts are strong. This
means they should be unusual and contain a mixture of numbers, punctuation and letters (both
lowercase and capitals) if possible.
▪ Think twice before you post anything online. Once you have posted it you cannot take it back
again.

7
PHISHING

8
PHISHING

9
 PHISHING
▪ Phishing is normally carried out via electronic communication, such as email.
▪ The email will look legitimate and will normally encourage a person to click on a
link in the email.
▪ When the link is clicked it will take the user to a website that will ask them for
their personal details.
▪ This will be a fake website and the personal details will then be stolen and used in
criminal activity.

10
 MEASURES TO PROTECT FROM PHISHING
▪ Users should make sure that they are cautious when clicking any links in an email.
▪ Users should question whether they know the sender of the email and only open
links from known senders.
▪ Users should check the URL that they are being linked to, to see if it is legitimate.
▪ This can be done by hovering over the link and looking to see if the address is the
real address of the site, for example www.paypal.com would be legitimate but
www.paipal.com would be identified as fake because of the spelling mistake.
▪ Another thing that should raise suspicion is any spelling or grammatical errors in
the email content.

11
 PHARMING
● Pharming is another method of collecting personal data.
● A hacker will install malicious code onto a person’s
computer or server.
● When a user types in a web address they will be
redirected to a fraudulent, but legitimate looking, replica
website, without their consent.
● The user will continue using the website as they normally
would, unaware of the redirection, and enter their
personal details that will then be stolen.

12
MEASURES TO PROTECT AGAINST PHARMING
● Users should check if the website looks the same as when they last visited it.
● Users should look for the padlock security symbol used to signify the HTTPS,
showing that the website is secure, before entering any personal and
financial details.
● Users should run regular scans of their computer with anti-virus software
that is designed to detect pharming programs.

13
SMISHING
• Smishing is short for SMS phishing.

• It is similar to phishing, but it is carried out using SMS text messaging rather than email.

• An SMS text message is sent to a user that will ask them to telephone a number or click on a
link. When that number is telephoned, the person receiving the call will attempt to get
personal details from the caller.
• The caller could also be charged a great deal of money for the call. When a link is clicked
malware is downloaded onto the user’s phone.
• The malware can be used to collect the user’s data to commit identity fraud and theft.

14
MEASURES TO PROTECT AGAINST SMISHING
• Users should be very cautious in telephoning any numbers they are sent in
an SMS message.
• Users should be very cautious when clicking on any links in messages.
• Users should not install any applications from senders they do not know.
• If a user receives a suspicious message from someone they do know,they
should check with the person that they have actually sent that message.
• Users should be wary of numbers that do not look like usual mobile
numbers, such as '5000’.
• Users can add security software to their mobile to help detect any
malware.

15
VISHING
• Vishing is short for voice phishing. It is the act of using a telephone call to try and scam a
user into giving their personal data. The scammer will usually pretend that they are a
legitimate business calling the person.

• The person who is vishing will either say they are alerting the victim to an issue with their
account, or advising the victim of a profitable gain. They will often ask the victim subtle
questions to get the personal data they want.

16
VISHING

17
VISHING

18
MEASURES TO PROTECT AGAINST VISHING
• People should exercise caution when any institution contacts them, especially when they
ask for personal details. If in doubt hang up and call them back on a number that is
known.

• People should never give out any personal details regarding a security issue with their
account. A bank will prevent any kind of attack on an account without needing assistance
from the account holder.

19
DISCUSSION

20
MALWARE

21
MALWARE

• Malware is a computer program that is designed to damage or disrupt a

computer system and the files that are stored on it.

• Malware can take many forms and we are going to look at a number of
them.

22
ONLINE RESOURCES
Malware
• www.totalbank.com/what-is-malware--spyware
• https://ist.mit.edu/security/malware
• https://redshift.autodesk.com/10-tips-on-how-to-prevent-malware-from
-infecting-your-computer/
• www.pcworld.com/article/210891/malware.html

23
TROJAN HORSE

• A Trojan horse is a malicious computer program that disguises itself as another

application, such as a game or a utility program.

• When the application is run, the Trojan horse will act as a computer virus would, deleting
and corrupting files in the computer system.

• It looks harmless, like an application that would be desirable, but it hides a malicious
program.

24
TROJAN HORSE

25
WORMS

• A computer worm is a small computer program that uses computer networks and finds
security holes to replicate itself.

• They can exploit a security hole in a piece of software or operating system. While
replicating they will often clog up network bandwidth and can make things run slowly.

26
SPYWARE

• Spyware covers quite a broad range of malware.

• The term refers to any technology that is used to gather data about a person without
their knowledge. It is most commonly used to track the movements of people online.
• A common type of spyware is a keylogger. This is a piece of software that records the key
presses from a keyboard and will allow the person who installed it to gather personal
data about the victim.

27
SPYWARE

28
ADWARE
• Adware is short for advertising-supported software.
• In its most basic form,it is simply a software program that is used to display adverts that
are targeted at the user.
• It can analyse the websites the user visits and will target them with advertising of a
similar nature.
• Many program developers will justify the inclusion of adware in their product by claiming
that it will generate revenue for them, keeping the cost of the product lower.

29
ADWARE

• Adware as malware will present adverts when a user is browsing the web that are often
shown constantly. They are normally in the form of popups or windows that cannot be
closed. They will mostly just be irritating.

• In certain circumstances, adware can be bundled in with legitimate software

downloads.This means that you may end up with the software on your computer without
actually asking to download it.

30
ROOTKIT

31
ROOTKIT
• A rootkit is a computer program that enables a person to gain administrator access to a
victim’s computer.
• It normally gets installed because a victim’s password is cracked.
• The person installing it can then use the access to stop the computer recognising that the
rootkit is there, so the victim will not know that someone else has complete access to
their computer system.
• Other malware can then be concealed on the computer to cause harm.

32
MALICIOUS BOTS
• A bot is an application that is automated and used to carry out simple and repetitive tasks.
• These are normally tasks that a human would find mundane and time-consuming. Bots can
be used for very productive reasons, but they can also be used as a form of malware.
• Malicious bots are used by cybercriminals in a variety of ways:
• SPAM bots are used to bombard people’s email inbox with SPAM emails.
• Zombie bots are used to create a bot network.The bot will lay dormant on a computer until an
attack is launched. The computer will then be connected with lots of other computers that have
been compromised by zombie bots to launch a large-scale attack on an organisation.
• Chatter bots will pretend to be humans on sites such as social networking and dating sites.

33
MALICIOUS BOTS

34
MALICIOUS BOTS

35
RANSOMWARE

36
 RANSOMWARE
• Ransomware is a type of malware that restricts a user’s access to their
computer system and files. The ransomware will normally demand that
the user pays a ransom in order to regain access to their computer
system.
• Some ransomware programs will completely lock a user’s system and
some will encrypt all of the files on their system in a way that renders
them useless.
• Ransomware will normally try to enter a system in a similar way to a
Trojan horse.
• The message or ransom with which the user is presented will often
imitate a law enforcement agency. It will falsely claim that the system
has been used for illegal activity and that a ransom must be paid to
regain access to the system.

37
 How can malware be avoided?
• Malware can be very difficult to remove from a computer system. It can often take numerous scans from
anti-virus software, as well as the use of various malware removal programs, depending on the type of
malware infecting the system.
• A user should never open a program unless they know it is legitimate.
• A user should have a firewall in place that is monitoring their internet traffic.
• A user should regularly run an anti-virus check and malware detection software on their computer system, to
detect the presence of any malware. Any anti-virus or malware detection program should be kept up to date
in order to detect newly developed malware.
• A user should not open any attachments to emails from unknown users.
• A user should use open Wi-Fi points with extreme caution as anybody could be connected to them.

38
HEALTH & SAFETY

ONLINE RESOURCES

• https://msds.open.ac.uk/your-record/health.htm
• www.youtube.com/watch?v=T8qGO7XQ0Uw
• http://workplaceohs.com.au/hazards/office-safety/computers
• www.ncte.ie/documents/advicesheets/29Ergonomics(June07).pdf
• www.teach-ict.com/gcse_new/health_safety/miniweb/pg7.htm

39
HEALTH & SAFETY

40
HEALTH & SAFETY

41
42
43
44
REVIEW QUESTIONS

45
Answers
1. Explain the difference between Phishing and Pharming.

PHISHING PHARMING

● A legitimate-looking email is sent to the user. ● Malicious code is installed on the user’s hard
drive or server.

● The e-mail contain a link for the user to click. ● A user will type in a common web address,
The link will redirect the user to a legitimate but will be redirected to a fake website
looking website. instead.

● The website will request personal data that ● Unaware, the user enters their personal
will be stolen when entered. details in the fake website and the details are
stolen.

46
Answers
2. Describe the term ransomware.
It restricts a user’s access to the files on their computer.
It restricts the files access to the files either by locking the system or
encrypting the files.
A ransom message will appear when access is attempted requesting
payment of access.

47
Answers
3. Describe the term malicious bot.
It is a bot that is automated to carry out a simple or repetitive task.
The task it carries out will be party to criminal activity, such as bombarding
mail boxes with SPAM email.

48
Answers
4. Describe the need to keep personal data confidential.
Personal data is very valuable and for this reason people will put a lot of effort into stealing
it.
A perpetrator can steal a person’s identity through collecting the or personal data/identity
fraud.
A person could also suffer personal attacks such as blackmail or cyberbullying if they
reveal, or have stolen, certain personal information that could be used against them.
Even small amounts of data released on social media over a period of time can be pieced
together for criminal activity.

49
Answers
5. Describe two health issues relating to using a computer and suggest how each can be
prevented.
Injuries Prevention

Repetitive strain injury can occur from repetitive moments This can be prevented through the use of support devices
such as clicking a mouse. such as wrist rests.

Carpel tunnel syndrome can occur through repetitive or This can be prevented by taking regular breaks in work
continual movements. sessions/varying the position used for work.

Back ache can occur from poor posture. This can be prevented by sitting on an adjustable chair with
added support.

50
Answers
5. Describe two health issues relating to using a computer and suggest how each can be
prevented.
Injuries Prevention

Eye strain can occur as a result of looking at a monitor for This can be prevented by using any settings a monitor has
long periods of time. to aid prevention/focussing on points away from the
screen periodically.

Deep vein thrombosis can occur when pressure is put on This can be prevented by standing regularly and moving
the legs from sitting for long periods. around periodically.

51
 Answers
6. Describe two safety issues relating to using a computer and suggest how each can be
prevented.
Safety Issues Prevention Methods

Fire can occur from equipment This can be prevented by keeping the room well ventilated.
overheating/overloaded socket. This can be prevented by not plugging in too many devices to a socket,
especially those that require lots of power.

Trailing wire can cause injury to a person who This can be prevented by securing wires in a cable management system.
trips over them

Electric socket can occur from split This can be prevented by not eating or drinking at a computer.
drinks/touching wires together. This can be prevented by an inexperienced user not handling wires.
This can be prevented by having regular electrical safety checks carried
out.

52
 Check list
Are you able to:
• explain why personal data should be kept confidential
• describe how personal data can be gathered by unauthorised persons (including: by smishing,
vishing, phishing and pharming), and how this might be prevented
• discuss why eSafety is necessary
• describe malware issues (including: Trojan horse, worms, spyware, adware, rootkit, malicious bots,
ransomware)
• describe a range of potential health issues that could arise from using IT
• describe a range of safety issues relating to the use of IT

53