This module is intended to help class participants be more aware of how to protect themselves online while still enjoying and making full use of the Internet.
Backups, archives, data/content pushing all result in the ambiguity of deleting digital content. Digital content is easily forwarded and reposted. Sometimes this is a good thing and sometimes it is not. Regardless of how we view this phenomena, it is a reality. Private information is no longer, by default, private. If you want information to be private, you must take steps to make it so. For example, avoiding mentioning your address or even your neighborhood on social networks is a conscious act. Know who has direct access to your posts in your social networks and recognize that others may have indirect access. Heard any stories about someone making a mistake online resulting in negative impact offline?
Who uses Facebook? Who uses MySpace? Have you adjusted your privacy settings? Default privacy setting on most social networks – everything is public! Instructor – if majority of students have an account on a social network, have them log in and adjust the privacy settings during class. Review the privacy setting pages of Facebook and MySpace prior to class because they often change.
Social Engineering Tactics - Someone claiming to be doing research or survey for your bank, a new employee at a company you use, or a repair person that NEEDS your help. They may seem to ask round about or harmless questions that they then use against you. Verify they really are who they say they are before answering questions.
Why not trust this email? No such thing as free cash. Most likely they will ask for your bank account and password in order to supposedly deposit your check.
You learned about URLs in How to Use a Browser. What is a URL? Uniform Resource Identifier. More commonly called a web address. Most popular top level domains? .com, .org, .net
Phishing, and spyware attacks are occurring often on social networking sites, especially Facebook. Anyone received a message via email or a social network that was not sent by the person it appeared to have been sent by? Most likely Michelle has no idea this message went out in her name. What is the top level domain in this message? Do a search of .in domain. What do you find? It’s the country domain for India.
Use a combination of letters (capital and lower case), numbers and symbols if allowed. Example are: EmilyP05 – Emily Pietilia was my great grandmother and she was born in 1905 – However, don’t do this with a spouse or child that relationship is too close and too obvious. Or use a mnemonic i.e. – mbsfe530 – my brother sells fire extinguishers and his birthday. Don’t use names or words in a dictionary, names, addresses, or birthdates. Or use a full sentence - ilovecats If you must write them down, don’t keep it in a file labeled passwords or on your calendar.
If you are using public computers be alert to who is around you, if your password is too easy or too hard so you type it very slowly, it could be possible to watch what you type & learn your password. Why is your email account an important account? Because with access to your email account, someone could get access to your other accounts. Instructor – provide suggestions on how to create and keep track of passwords. Examples – use one string of letters and number but add a code to each one per application – such as having 135fox as a password and adding fb for Facebook to the beginning or end of 135fox, resulting in fb135fox. Your internet provider can access your account without your password – they would never contact you and ask for it. However, if you call them about a problem, they may ask for it so they can try and duplicate the problem you are having. If the incorrect password allows you to log into a site then you are on a spoofed site and not the company’s legitimate site. Most important – if you suspect someone is using your accounts, change the password and contact the company it is with immediately!
Who has shopped online? What did you purchase? You initiate with a known and trusted company. Don’t use sites from unsolicited websites or pop up ads. www.hoogle.com vs. www.google.com
MOST Credit cards have a maximum liability of $50.00 in the event of fraud, debit cards may have a higher or no limit check with your bank for information about the cards you have or read that little tiny print! One card lets you easily review online purchases and request a card with a lower limit Online transactions are said to be safer since there is no human interaction – you are not giving your card to a person.
Anyone been a victim of identity theft?
In addition to keeping your software up-to-date, keeping your anti-virus software up-to-date and doing weekly scans, and have a firewall you should: Laptops - Use a strong password, require a password log in and log off when you are finished using, that will at least make it difficult for a thief to access (not impossible) Wipe Utility or File Shredder - Files that have been deleted or moved to the trash or recycle bin can still be recovered using a recovery program. A wipe utility actually writes over old files on your hard drive so they can no longer be recovered. Privacy policies - should explain how they secure their site and what they do with the information they collect (do they share/sell it). If they sell information to others or there is no policy go somewhere else. Free Credit Reports – Reports can be requested annually online free but be very careful where you request it from. Use the FTC website. Do not go to a search engine!
5 a module online privacy
Online Privacy A Module of the CYC Course – Personal Security 8-9-10
The Realities of Digital Communications: <ul><li>Deleting a digital post is not as permanent as setting fire to a handwritten note. </li></ul><ul><li>Digital content is easily forwarded and reposted. </li></ul><ul><li>Private information is no longer, by default, private. If you want information to be private, you must take steps to make it so. </li></ul><ul><li>Your online reputation has offline implications. </li></ul>
Privacy Levels on Social Networking Sites <ul><li>What is the default privacy setting on most social networks? </li></ul><ul><li>You control who sees what content. </li></ul><ul><li>BUT, even though you are restricting access, remember content can be forwarded. </li></ul>
Social Engineering <ul><li>Manipulating people into providing personal information. Often uses human interaction/emotions to obtain information. </li></ul><ul><li>Phishing - Tries to attack you personally. Looks to be from a trusted company asking you to for your personal information. </li></ul><ul><li>Occurs via email, websites and social networks. </li></ul>
Understanding URLs <ul><li>Top level domains </li></ul><ul><li>Domain names </li></ul><ul><li>Text before the domain name </li></ul><ul><li>/ after the top level domain </li></ul><ul><li>Common tactic – URLs that look legitimate but are not. Example – citybank.com.jumbleofletters.com/jumbleofletters </li></ul>
Passwords <ul><li>Choose a password that can’t be easily guessed. </li></ul><ul><li>Don’t write your password down in any easily findable place. </li></ul><ul><li>Don’t send your password to anyone through e-mail. </li></ul>
Passwords <ul><li>Don’t allow public computers to remember your password. </li></ul><ul><li>Don’t tell anyone your passwords. </li></ul><ul><li>Don’t use the same password for all your accounts, especially the important accounts such as email, banks, credit cards. </li></ul><ul><li>Create a system for remembering your passwords. </li></ul><ul><li>Check the strength of your password - http://www.passwordmeter.com/ </li></ul>
Shopping Online <ul><li>Make sure YOU initiated the contact. </li></ul><ul><li>Don’t follow an email link. </li></ul><ul><li>Type web addresses carefully. </li></ul><ul><li>Don’t give out SSN, DOB, or your Mother’s Maiden name. </li></ul><ul><li>Do not accept free trial offers. </li></ul><ul><li>Don’t rely on a site “looking” professional. </li></ul>
Credit Card Security <ul><li>When possible, choose a credit card NOT a debit card. </li></ul><ul><li>Best choice - choose one card for online use only or a prepaid credit card. </li></ul><ul><li>Paypal.com - Most companies online accept payments from PayPal. Paypal acts as an intermediary for payment. If you don’t have a credit card you can set it up to take payment out of a checking/savings account. </li></ul>
Identity Theft <ul><li>Someone uses your personal information without your knowledge to commit fraud or theft. </li></ul>
Identity Theft Prevention Tips <ul><li>Do not store personal financial information on laptop computers. </li></ul><ul><li>Before disposing of a computer delete all personal information. </li></ul><ul><li>Review websites’ privacy policies. </li></ul><ul><li>Request free credit report - https://www.annualcreditreport.com/ </li></ul><ul><li>A company or organization that initiated contact with you will not request your password via email or phone. </li></ul>
Identity Theft - Public Computer Safety Tips <ul><li>Beware of “Shoulder Surfers” </li></ul><ul><li>Do NOT allow public computers to remember your log in and password. </li></ul><ul><li>ALWAYS Sign Out or Log Off. </li></ul><ul><li>Clear browser history. </li></ul><ul><li>Close the browser window. </li></ul>
Sources <ul><li>This curriculum was adapted from a workshop created by N. Riesgraf for the Hibbing Public Library (MN). Funding provided by IRRRA Do I.T. Community Technology Awareness Program. </li></ul><ul><li>Additional content created by Connect Your Community, a project of OneCommunity , funded by the federal Broadband Technology Opportunities Program . </li></ul>
Creative Commons License <ul><li>This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0 </li></ul>