CYBER SAFETY

CLASS-XI
[email protected]

2020

1
Page
 Cyber Safety
Cyber Safety refers to the safe and responsible use of Internet so as to ensure safety and
security of personal information and not posing threat to anyone else’s information. I t
involves gaining knowledge about possible threats to personal safety and security risks for
the information along with measures to prevent and counter them.

Safely browsing the web:

Viruses and malware spread, easily and quickly through websites/web
browsing. Through clicking over the links found on web pages or in email mistakenly
our computer may be infected. An infected computer can run slow, barrage us
with pop-ups, download other programs without our permission, or allow our
sensitive personal information to others.

By using a combination of preventative measures and making good choices online you
can stay safe when browsing the web.

Before you start –Update your software:

(Stay updated- Update O.S.,Applications & Anti-virus.)
Exploiting email and web browsing applications is the most common way hackers and
malware try to gain access to devices and your information. Protect yourself before you
start browsing the web by making sure that your operating system, web browser, security
software, browser plugins (like Java or Adobe products) and other applications are up-to-
date.

Protect your web browser: You can adjust the settings in your web browser to work in
a more or less secure way. Some functionality might be limited when using the most secure
settings, but they can provide the best protection from malicious content. Most web
browsers will give you warnings when they detect you visiting a malicious website or
possibly being exposed to malicious content. Pay attention to these warnings – they can
help protect you from malware, phishing and identity theft.

Use safe behaviour:

2
Page
 Use the following advice when browsing the web to significantly reduce your risk of
being a victim of cybercrime:
 Use strong unique passwords online.
Mind your downloads -Be sure to review all pre-checked boxes prompted at download
& un-check any extra applications which we don’t want to install.
 Pause and think carefully before clicking on links in email, messages or on social
networking sites. Don’t click on links in messages if you don’t know the sender or
if the message is unexpected.
 If you think a link looks suspicious or you can’t tell where it leads to, before you click
hover over that link to see the actual web address it will take you to (usually shown at
the bottom of the browser window). If you do not recognize or trust the address, try
searching for relevant key terms in a web browser. This way you can find the article,
video, or webpage without directly clicking on the suspicious link.
 Expand shortened URLS to check if they are safe. Short URLs are often used in
social media. There are a number of services that create short links - such as goo.gl,
bit.ly, tinyurl.com, ow.ly and youtu.be. To check if these links are safe you can use
an ‘expand link’ facility to get the original URL from a shortened link without
having to click through to the destination. Look for a short URL expander that is
recommended by your anti-virus software or a reputable software company.
 Be wary of offers that seem too good to be true. Leave websites that ask for your
personal or banking details in return for money – these are scams.
 Don’t agree to friend requests from people you don’t know on social media networks -
people are not always who they say they are.
Identity protection: Your personal identity is important as it defines who you are.
Your identity includes your personal information; information such as name, address,
contact information, bank account, credit card numbers, and social security numbers
should all be kept private.

Protection against theft of personal information over Cyber Space without consent,
usually for financial gain is known as Identity Protection.

Most common solutions to this is : Private Browsing and Anonymous Browsing on Internet.
3
Page
Tips to Prevent Identity Theft

 Use strong passwords and PINs & Keep passwords and PINs safe.
 Create log-in passwords for all devices.
 Beware of phishing scams.
 Restore old computers to factory settings.
 Encrypt your hard drive
 Check security when shopping online-check links authenticity which are received
from an unsolicited email.
 Take care when posting on social media-Check security settings on social media
accounts, and avoid posting personal information publicly, or publicly "checking in".
 Secure your home Wi-Fi network& Avoid using insecure public Wi-Fi networks

Confidentiality: Confidentiality is roughly equivalent to privacy. Confidentialty of

information ensures that only authorized users get access to sensitive and protected data.

Measures undertaken to ensure confidentiality are designed to prevent sensitive information

from reaching the wrong people, while making sure that the right people can in fact get it

Tips to Protect Information Confidential

 Use Firewall wherever possible.

 Build strong passwords.
 Private Browsing & Safe Browsing-Purpose of pvt browsing is to avoid leaving a
history of one's browsing in the browser history on the computer we are using.
Use updated brower for safe browsing & browse privately.
 Control browser settings to block tracking:
You can turn your default browser settings to exclude cookies especially third party
cookies, since they can be used to build up detailed profiles of your surfing patterns
over time.
 Use multifactor authentication- a computer user is granted access only after
successfully presenting 2 or more pieces of evidence.
 Encryption-Use https based sites, as HTTPS ensures data security over the network -
mainly public networks like Wi-Fi. HTTP is not encrypted and is vulnerable to
attackers.
 Be careful while posting on Internet. Never post your crucial information like your
personal details such as address, bank details credit card details etc.
 Avoid using public Wi-Fi and public computers.
 While using public computers don’t forget to delete history and cookies.
 Use Virtual keyboards to input login and Passwords.
 Don’t save your personal information.
4

 Don’t leave your computer unattended.

Page

 Disable the feature that stores passwords.

 Many ways Websites track you
• Whenever you visit a website, your web browser may reveal your location via your
device’s IP address.

• It can also provide your search and browsing history etc. which may be used by third
parties, like advertisers or criminals.

• This way website track you. Tracking is generally used by advertising networks to build
up details profiles for pinpoint ad-targeting.

• This information is compiled through your web usage patterns, and which websites
generally use for tracking you. This generally includes-

a) IP Address: IP address is a unique address of your device when you connect to the
internet. From your IP address, a website can determine your rough geographical location.

b) Cookies and Tracking Scripts: cookies are small pieces of information websites can store in
your browser. Cookies can be-

1. First Party Cookies- These are the cookies that store your own login id, password, auto
fill information etc.

2. Third Party Cookies: These are the cookies that websites store to know about your
search history and web browsing history so as to place advertisements as per your interests.

(c) HTTP Referrer : when you click a link, your browser loads the web page linked to it and
tells the website here you came from, it is called HTTP referrer.

(d) Super Cookies : these are also cookies but these are persistent cookies. i.e. they come back
even after you delete them. They store data in multiple places like in flash cookies, Silverlight
storage, your browsing history and HTML local storage etc.

(e) User Agent : your browser also sends a user agent every time you connect to a website.
This tells websites your browser and operating system, providing another piece of data that
can be stored and used to target ads.

All the above things leak your identity information to websites and it may be used against
5
Page

you. Solution to this is Private browsing and Anonymous browsing.

 Private browsing and anonymous browsing:

• Anonymous browsers allow users to view websites without revealing personal

information of user.

• It can be used as a tool for governments, journalists and every security conscious
surfers.

• A popular solution to this is- Private Browsing.

• Incognito browsing opens up a version of the browser that will not track your activity.it is
particularly useful if you are entering sensitive data like bank details into your browser.
You may also use private browsers and search engines like DuckDuckgo.

• Proxy works as a middleman between your computer and the website you want to
access. Now the tracking website will get the IP address of proxy site.

• Virtual Private Network (VPN) this is a method to add security and privacy to private and
public networks, like WiFi hotspots and Internet. It is originally meant for business employees
working offsite to gain access to shared drives or networks.

CYBERCRIME
• Any criminal offense that is facilitated by, or involves the use of, electronic communication
or information systems, including any electronic device, computer, or the internet is
referred to as Cybercrime.

• Some common Cybercrimes are-

1. Cyber Trolls and Bullying:

2. Cyber Bullying

3. Cyber Stalking (Online Harassment)

4. Spreading Rumours Online

Cyber Trolling is internet slang for a person who intentionally starts arguments
or upsets others by posting inflammatory remarks. The sole purpose of trolling is
6
Page

angering people.
Purpose – to entertain, to argument, to upset victim, to get attention.

Cyber Bulling: Saying and/or doing mean things to the person online. It is a harm inflicted
through using the Internet,ICT devices,or mobile phones.
Purpose – to get revenge,to harass & threat, to humiliate.

Cyber Stalking: Doing research on every aspect of the person’s life.

This is a kind of online harassment i.e continuously contacting the person online, even though
they don’t want you to.

• Reporting Cybercrime: One must report it firstly to parents, school authorities and then to
police.

• The procedure for reporting cybercrime is more or less the same as for reporting any other
kind of offence.

• The local police stations can be approached for filling complaints.

• Most of the states have facility of E-FIR.

• Ministry of Home Affairs is also launching a website for registering crime against women
and children online including Cybercrime.

• COMMON SOCIAL NETWORKING SITES

A Social networking site is a web application or online platform where people can setup their
public profile and make connections with other online people called online friends.

• Some popular social networking sites are-

• Facebook: it is a platform where you can share your ideas in the form of posts,
photos, videos etc.

• Twitter: it is a micro blogging site which allows to post very small messages.
Earlier limit was 140 characters now extended to 280 characters.

• LinkedIn: it is a social networking site for professional. It provides features to make profiles
like resumes.

• Instagram: it is one of the most popular site for online photo sharing.
7
Page
APPROPRIATE USAGE OF SOCIAL NETWORKING SITES

• Social media is everywhere these days, from personal to professional front. Social media
has made it too difficult to remain entirely anonymous these days.

• Whatever you do online, leaves a permanent foot print, called digital foot print.

• Once posted these becomes part of public domain and hence are visible to anyone who
looks for it.

• Thus appropriate usage of Social media is very important and you must be aware that it
may pose problems later if not used appropriately.

Digital Footprint-

Digital Footprint are the records and traces individual’s activities as they
use the Internet. Digital footprints are permanently stored.
The history of a person's usage of digital devices, movie search, programs watched,
flight searched, websites surfed, credit card transaction, cell phone calls, social
media messages sent, links clicked and Facebook pages liked etc. Such information is
being used to target ads to consumers as these are digital footprint of such
consumers.

Digital footprints are also referred to as “digital tattoos”.

What you should do on SOCIAL NETWORKING SITES-

Usage rules

• You should conduct yourself in a responsible way so that you can enjoy using it.

• Be Authentic.

• Use a Disclaimer.

• Don’t pick fights Online.

8
Page

• Don’t use fake names or pseudonyms.

• Protect your identity.

• Always take publicity test when post something.

• Respect your audience.

• Respect other's sentiments.

• Monitor comments.

9
Page
 Safely Communicating Data
One should always stay safe while making online payments or transferring the data. Let’s
see possible measures you can take to keep yourself secure.

Secure connections: A secure connection is a connection that is encrypted by one or more

security protocols to ensure the security of data flowing between two or more nodes. When a
connection is not encrypted, it can be easily listened to by anyone with the knowledge on how
to do it, or even prone to threats by malicious software and rogue and unexpected events.

Anyone who wants to get information from a non-secured connection can do so since they
can easily go through, in and out of the computer’s network taking with them important
data such as login, passwords and other private information.

Secure connections, as they supposed to protect the data being transferred from
one computer to another, must be able to do three main things.

1. Prevent third parties from getting hold of confidential data

2. It must first validate the identification of the person who wishes to access and
exchange the data

3. It must protect information from being viewed or altered by unknown parties

There are many methods to be able to establish a secure connection, but most of them
involve data encryption. Data encryption is a method which hides information from other
unauthorized parties. This method usually needs an appropriate program installed on both
computers involved in the connection that will encrypt and decrypt the information.
Among these are our basic security protocols embedded in main communication protocols
like TCP/IP, HTTPS, POP3 or IMAP.

Firewalls and anti-virus software may also serve in creating secure connections in
some form.

Eavesdropping: Eavesdropping is as an electronic attack where digital

10

communications are intercepted by an individual whom they are not intended.

Page
This is done in two main ways: Directly listening to digital or analog voice
communication or the interception or sniffing of data relating to any form of
communication.

Eavesdropping is the act of intercepting communications between two points.

In the digital world, eavesdropping takes the form of sniffing for data in what is called
network eavesdropping. A specialized program is used to sniff and record packets of
data communications from a network and then subsequently listened to or read using
cryptographic tools for analysis and decryption.

For example, Voice over IP (VoIP) calls made using IP-based communication can be
picked up and recorded using protocol analyzers and then converted to audio files using
other specialized software.

Data sniffing is easily done on a local network that uses a HUB since all communications
are sent to all the ports (non-recipients just drop the data) and a sniffer will simply accept
all of the incoming data.

This goes the same for wireless networking where data is broadcast so even non-
recipients can receive the data if they have the proper tools.

Actual eavesdropping, that is the simple act of listening to other people talk without
them knowing it, can be done using current technology such as hidden microphones and
recorders.

Hacking into devices such as IP phones is also done in order to eavesdrop on the owner
of the phone by remotely activating the speaker phone function.

Devices with microphones including laptops and cell phones also can be hacked to
remotely activate their microphones and discretely send data to the attacker.

Phishing: Phishing is the act of sending an email to a user falsely claiming to be an

11

established legitimate enterprise in an attempt to scam the user into surrendering private
Page

information that will be used for identity theft. Phishing email will typically direct the user
to visit a website where they are asked to update personal information, such as a password,
credit card, social security, or bank account numbers, that the legitimate organization
already has. The website, however, is bogus and will capture and steal any information the
user enters on the page.

Identity verification: As services and socialising shifted online, identifying each other
digitally has become increasingly important.

How can we do this securely, without impacting users’ experience? Let us explore the
trends in online identity verification, looking at the key solutions and implications for
businesses and users.

Exposing more personal information about ourselves and revealing our true identities
online opens up great opportunities and risks. Organisations must navigate (and mitigate)
these for their users.

Consequently, a number of solutions have emerged to validate who we are online.

Two-Step Verification

Creating a username and password to access specific websites is the most familiar
online identity system. But, we’ve known it’s a broken process for years.

It’s too difficult to create and manage unique, elaborate passwords for each online
account we have. And even the idea that a ‘strong password’ can protect us is now a
fantasy, with hackers regularly breaking into computer systems and releasing username
and password data.

Worse than this, plenty of us daisy-chain accounts to our main email address; creating
a single point of failure for hackers to exploit, gaining entry to countless more with
ease.

The most common solution is two-factor authentication: requesting knowledge (such as

an alphanumerical ‘secret’) and possession (adding a physical level) for a user to verify
12
Page
themselves. Cash machines were the original implementation of this idea, requiring
possession of a physical card and remembering a secret PIN.

The trick is establishing a second, physical authenticator that is secure, but

doesn’t inconvenience the user.

For example, many companies have avoided the delay and cost of issuing unique physical
tokens (such as a key fob, or card reader); instead, asking users to add a mobile contact
number and enter unique codes sent via SMS

13
Page