CyberSecurity Matters

1. CYBER
SECURITY
MATTERS
2021

2. WHATS IS CYBER SECURITY
Definition
Why is it important?
About Author
Background
Terminology
CYBER SECURITY THREATS
INTRODUCTION
Social Engineering
Malware
Phishing
SQL injection
Man-in-the-middle attack
Denial-of-service attack

3. Lorem ipsum dolor sit amet, consectetuer adipi-
scing elit, sed diam nonummy nibh euismod
tincidunt ut laoreet dolore magna aliquam erat
volutpat. Ut wisi enim ad minim veniam, quis
nostrud exerci tation ullamcorper suscipit lobor-
tis nisl ut aliquip ex ea commodo consequat. Duis
autem vel eum iriure dolor in hendrerit in vulpu-
tate velit esse molestie consequat, vel illum
dolore eu feugiat nulla facilisis at vero eros et
accumsan et iusto odio dignissim qui blandit
praesent luptatum zzril delenit augue duis dolore
te feugait nulla facilisi.
Lorem ipsum dolor sit amet, cons ectetuer adipi-
scing elit, sed diam nonummy nibh euismod
tincidunt ut laoreet dolore magna aliquam erat
volutpat. Ut wisi enim ad minim veniam, quis
Historically human beings have always seeked shelter
from the elements and protection from would be
adversaries. This they did by taking shelter in caves and
eventually they evolved to building houses and walls
around cities. People have learned over time to protect
themselves. This Knowledge is either acquired from
others (Parent, grandparents etc) that’s refers to
historical knowledge or their own experiences. The
mistakes they made, the successes they had all that
knowledge is passed on so that we don’t repeat the same
mistakes and take advantage of where they succeeded.
Over time we have learned which road to take at night, to
avoid dark allies and walking in the park alone at night.
Airplanes and ships avoid the Bermuda Triangle because
of its history with unexplained disappearance of sea
going vessels and aircraft in and around the Bermuda
triangle. Fact or Fiction it’s still avoided. This is because of
the history associated with it. In summation we have
learned to keep ourselves safe from past shared
experiences.
However, this is not the case when it comes to computer
security and the internet. The internet is only about 30
years old and pretty much very few people grew up using
the internet. Therein lies the predicament that most
people do not know how to protect themselves when it
comes to using the internet. They simply don’t know how
to navigate the internet safely because its all new to
them and there is not much historical information in
mainstream media about protecting yourself online. This
is information is found on the very same internet that
they have no knowledge of and will end up falling prey to
would be attackers.
More than 80% of all cyber-incidents are caused by
human error. Enterprises lose millions recovering from
staff-related incidents – but traditional training
programs usually fail to achieve the desired behavioural
changes and motivation. Understanding what lies
behind any learning and teaching process helps to build
an effective educational program. This book not only
delivers knowledge, but – more importantly – change
habits and form the new behaviour patterns that are the
real goal of awareness training.
The scale of the cyber threat
The global cyber threat continues to evolve at a rapid
pace, with a rising number of data breaches each year. A
report by RiskBased Security revealed that a shocking 7.9
billion records have been exposed by data breaches in
the first nine months of 2019 alone. This figure is more
than double (112%) the number of records exposed in the
same period in 2018.
Medical services, retailers and public entities
experienced the most breaches, with malicious criminals
responsible for most incidents. Some of these sectors are
more appealing to cybercriminals because they collect
financial and medical data, but all businesses that use
networks can be targeted for customer data, corporate
espionage, or customer attacks.
With the scale of the cyber threat set to continue to rise,
the International Data Corporation predicts that
worldwide spending on cyber-security solutions will
reach a massive $133.7 billion by 2022. Governments
across the globe have responded to the rising cyber
threat with guidance to help organizations implement
effective cyber-security practices.
In the U.S., the National Institute of Standards and
Technology (NIST) has created a cyber-security
framework. To combat the proliferation of malicious
code and aid in early detection, the framework
recommends continuous, real-time monitoring of all
electronic resources.
The importance of system monitoring is echoed in the
“10 steps to cyber security”, guidance provided by the U.K.
government’s National Cyber Security Centre. In
Australia, The Australian Cyber Security Centre (ACSC)
regularly publishes guidance on how organizations can
counter the latest cyber-security threats.
AUTHOR
BACKGROUND

4. The following terms used with regards to computer
security are explained below:
Access authorization restricts access to a computer to a
group of users through the use of authentication
systems. These systems can protect either the whole
computer, such as through an interactive login screen, or
individual services, such as a FTP server. There are many
methods for identifying and authenticating users, such
as passwords, identification cards, smart cards, and
biometric systems.
Anti-virus software consists of computer programs that
attempt to identify, thwart, and eliminate computer
viruses and other malicious software (malware).
Applications are executable code, so general practice is
to disallow users the power to install them; to install only
those which are known to be reputable – and to reduce
the attack surface by installing as few as possible. They
are typically run with least privilege, with a robust process
in place to identify, test and install any released security
patches or updates for them.
Authentication techniques can be used to ensure that
communication end-points are who they say they are.
Automated theorem proving and other verification
tools can enable critical algorithms and code used in
secure systems to be mathematically proven to meet
their specifications.
Backups are one or more copies kept of important
computer files. Typically, multiple copies will be kept at
different locations so that if a copy is stolen or damaged,
other copies will still exist.
Capability and access control list techniques can be
used to ensure privilege separation and mandatory
access control. Capabilities vs. ACLs discusses their use.
Chain of trust techniques can be used to attempt to
ensure that all software loaded has been certified as
authentic by the system's designers.
Confidentiality is the nondisclosure of information
except to another authorized person.
Cryptographic techniques can be used to defend data
in transit between systems, reducing the probability that
data exchanged between systems can be intercepted or
modified.
Cyberwarfare is an Internet-based conflict that involves
politically motivated attacks on information and
information systems. Such attacks can, for example,
disable official websites and networks, disrupt or disable
essential services, steal or alter classified data, and cripple
financial systems.
Data integrity is the accuracy and consistency of stored
data, indicated by an absence of any alteration in data
between two updates of a data record.[229]
Cryptographic techniques involve transforming
information, scrambling it, so it becomes unreadable
during transmission. The intended recipient can
unscramble the message; ideally, eavesdroppers cannot.
Encryption is used to protect the confidentiality of a
message. Cryptographically secure ciphers are designed
to make any practical attempt of breaking them
infeasible. Symmetric-key ciphers are suitable for bulk
encryption using shared keys, and public-key encryption
using digital certificates can provide a practical solution
for the problem of securely communicating when no key
is shared in advance.
Endpoint security software aids networks in preventing
malware infection and data theft at network entry points
made vulnerable by the prevalence of potentially
infected devices such as laptops, mobile devices, and
USB drives.
Firewalls serve as a gatekeeper system between
networks, allowing only traffic that matches defined
rules. They often include detailed logging, and may
include intrusion detection and intrusion prevention
features. They are near-universal between company local
area networks and the Internet, but can also be used
internally to impose traffic rules between networks if
network segmentation is configured.
A hacker is someone who seeks to breach defenses and
exploit weaknesses in a computer system or network.
Honey pots are computers that are intentionally left
vulnerable to attack by crackers. They can be used to
catch crackers and to identify their techniques.
Intrusion-detection systems (IDS) are devices or
software applications that monitor networks or systems
for malicious activity or policy violations.
A microkernel is an approach to operating system
design which has only the near-minimum amount of
code running at the most privileged level – and runs
other elements of the operating system such as device
drivers, protocol stacks and file systems, in the safer, less
privileged user space.
Pinging. The standard "ping" application can be used to
test if an IP address is in use. If it is, attackers may then try
a port scan to detect which services are exposed.
A port scan is used to probe an IP address for open ports
to identify accessible network services and applications.
A Key logger is spyware silently captures and stores each
keystroke that a user types on the computer's keyboard.
Social engineering is the use of deception to
manipulate individuals to breach security.
Logic bombs is a type of malware added to a legitimate
program that lies dormant until it is triggered by a
specific event.

5. The following terms used with regards to computer
security are explained below:
Access authorization restricts access to a computer to a
group of users through the use of authentication
systems. These systems can protect either the whole
computer, such as through an interactive login screen, or
individual services, such as a FTP server. There are many
methods for identifying and authenticating users, such
as passwords, identification cards, smart cards, and
biometric systems.
Anti-virus software consists of computer programs that
attempt to identify, thwart, and eliminate computer
viruses and other malicious software (malware).
Applications are executable code, so general practice is
to disallow users the power to install them; to install only
those which are known to be reputable – and to reduce
the attack surface by installing as few as possible. They
are typically run with least privilege, with a robust process
in place to identify, test and install any released security
patches or updates for them.
Authentication techniques can be used to ensure that
communication end-points are who they say they are.
Automated theorem proving and other verification
tools can enable critical algorithms and code used in
secure systems to be mathematically proven to meet
their specifications.
Backups are one or more copies kept of important
computer files. Typically, multiple copies will be kept at
different locations so that if a copy is stolen or damaged,
other copies will still exist.
Capability and access control list techniques can be
used to ensure privilege separation and mandatory
access control. Capabilities vs. ACLs discusses their use.
Chain of trust techniques can be used to attempt to
ensure that all software loaded has been certified as
authentic by the system's designers.
Confidentiality is the nondisclosure of information
except to another authorized person.
Cryptographic techniques can be used to defend data
in transit between systems, reducing the probability that
data exchanged between systems can be intercepted or
modified.
Cyberwarfare is an Internet-based conflict that involves
politically motivated attacks on information and
information systems. Such attacks can, for example,
disable official websites and networks, disrupt or disable
essential services, steal or alter classified data, and cripple
financial systems.
Data integrity is the accuracy and consistency of stored
data, indicated by an absence of any alteration in data
between two updates of a data record.[229]
Cryptographic techniques involve transforming
information, scrambling it, so it becomes unreadable
during transmission. The intended recipient can
unscramble the message; ideally, eavesdroppers cannot.
Encryption is used to protect the confidentiality of a
message. Cryptographically secure ciphers are designed
to make any practical attempt of breaking them
infeasible. Symmetric-key ciphers are suitable for bulk
encryption using shared keys, and public-key encryption
using digital certificates can provide a practical solution
for the problem of securely communicating when no key
is shared in advance.
Endpoint security software aids networks in preventing
malware infection and data theft at network entry points
made vulnerable by the prevalence of potentially
infected devices such as laptops, mobile devices, and
USB drives.
Firewalls serve as a gatekeeper system between
networks, allowing only traffic that matches defined
rules. They often include detailed logging, and may
include intrusion detection and intrusion prevention
features. They are near-universal between company local
area networks and the Internet, but can also be used
internally to impose traffic rules between networks if
network segmentation is configured.
A hacker is someone who seeks to breach defenses and
exploit weaknesses in a computer system or network.
Honey pots are computers that are intentionally left
vulnerable to attack by crackers. They can be used to
catch crackers and to identify their techniques.
Intrusion-detection systems (IDS) are devices or
software applications that monitor networks or systems
for malicious activity or policy violations.
A microkernel is an approach to operating system
design which has only the near-minimum amount of
code running at the most privileged level – and runs
other elements of the operating system such as device
drivers, protocol stacks and file systems, in the safer, less
privileged user space.
Pinging. The standard "ping" application can be used to
test if an IP address is in use. If it is, attackers may then try
a port scan to detect which services are exposed.
A port scan is used to probe an IP address for open ports
to identify accessible network services and applications.
A Key logger is spyware silently captures and stores each
keystroke that a user types on the computer's keyboard.
Social engineering is the use of deception to
manipulate individuals to breach security.
Logic bombs is a type of malware added to a legitimate
program that lies dormant until it is triggered by a
specific event.

6. There are
only 10 types
of people
regarding
binary, those
who get it
and those
who dont.

7. Cyber security is the practice of defending computers,
servers, mobile devices, electronic systems, networks,
and data from malicious attacks. It's also known as
information technology security or electronic
information security. The term applies in a variety of
contexts, from business to mobile computing, and can
be divided into a few common categories.
• Network security is the practice of securing a computer
network from intruders, whether targeted attackers or
opportunistic malware.
• Application security focuses on keeping software and
devices free of threats. A compromised application could
provide access to the data its designed to protect.
Successful security begins in the design stage, well
before a program or device is deployed.
• Information security protects the integrity and privacy
of data, both in storage and in transit.
• Operational security includes the processes and
decisions for handling and protecting data assets. The
permissions users have when accessing a network and
the procedures that determine how and where data may
be stored or shared all fall under this umbrella.
• Disaster recovery and business continuity define how
an organization responds to a cyber-security incident or
any other event that causes the loss of operations or data.
Disaster recovery policies dictate how the organization
restores its operations and information to return to the
same operating capacity as before the event. Business
continuity is the plan the organization falls back on while
trying to operate without certain resources.
• End-user education addresses the most unpredictable
cyber-security factor: people. Anyone can accidentally
introduce a virus to an otherwise secure system by failing
to follow good security practices. Teaching users to delete
suspicious email attachments, not plug in unidentified
USB drives, and various other important lessons is vital
for the security of any organization.
DEFINITION

8. THE THREATS COUNTERED BY CYBER-SECURITY
ARE THREE-FOLD:
1. Cybercrime includes single actors or groups targeting
systems for financial gain or to cause disruption.
2. Cyber-attack often involves politically motivated
information gathering.
3. Cyberterrorism is intended to undermine electronic
systems to cause panic or fear.
So, how do malicious actors gain control of computer
systems? Here are some common methods used to
threaten cyber-security:
MALWARE
Malware means malicious software. One of the most
common cyber threats, malware is software that a
cybercriminal or hacker has created to disrupt or
damage a legitimate user’s computer. Often spread via
an unsolicited email attachment or legitimate-looking
download, malware may be used by cybercriminals to
make money or in politically motivated cyber-attacks.
There are a number of different types of malware,
including:
Virus: A self-replicating program that attaches itself to
clean file and spreads throughout a computer system,
infecting files with malicious code.
Trojans: A type of malware that is disguised as legitimate
software. Cybercriminals trick users into uploading
Trojans onto their computer where they cause damage
or collect data.
Spyware: A program that secretly records what a user
does, so that cybercriminals can make use of this
information. For example, spyware could capture credit
card details.
Ransomware: Malware which locks down a user’s files
and data, with the threat of erasing it unless a ransom is
paid.
Adware: Advertising software which can be used to
spread malware.
Botnets: Networks of malware infected computers
which cybercriminals use to perform tasks online
without the user’s permission.
SQL INJECTION
An SQL (structured language query) injection is a type of
cyber-attack used to take control of and steal data from a
database. Cybercriminals exploit vulnerabilities in
data-driven applications to insert malicious code into a
databased via a malicious SQL statement. This gives
them access to the sensitive information contained in
the database.
PHISHING
Phishing is when cybercriminals target victims with
emails that appear to be from a legitimate company
asking for sensitive information. Phishing attacks are
often used to dupe people into handing over credit card
data and other personal information.
MAN-IN-THE-MIDDLE ATTACK
A man-in-the-middle attack is a type of cyber threat
where a cybercriminal intercepts communication
between two individuals in order to steal data. For
example, on an unsecure WiFi network, an attacker
could intercept data being passed from the victim’s
device and the network.
DENIAL-OF-SERVICE ATTACK
A denial-of-service attack is where cybercriminals
prevent a computer system from fulfilling legitimate
requests by overwhelming the networks and servers with
traffic. This renders the system unusable, preventing an
organization from carrying out vital functions.
SOCIAL ENGINEERING
Social engineering is a tactic that adversaries use to trick
you into revealing sensitive information. They can solicit a
monetary payment or gain access to your confidential
data. Social engineering can be combined with any of
the threats listed above to make you more likely to click
on links, download malware, or trust a malicious source.

9. A Trojan horse or Trojan is a type of malware that is often
disguised as legitimate software. Trojans can be
employed by cyber-thieves and hackers trying to gain
access to users' systems. Users are typically tricked by
some form of social engineering into loading and
executing Trojans on their systems. Once activated,
Trojans can enable cyber-criminals to spy on you, steal
your sensitive data, and gain backdoor access to your
system. These actions can include:
Deleting data
Blocking data
Modifying data
Copying data
Disrupting the performance of computers or computer
networks
Unlike computer viruses and worms, Trojans are not able
to self-replicate.
How Trojans can impact you
Trojans are classified according to the type of actions that
they can perform on your computer:
Backdoor
A backdoor Trojan gives malicious users remote control
over the infected computer. They enable the author to
do anything they wish on the infected computer –
including sending, receiving, launching and deleting
files, displaying data and rebooting the computer.
Backdoor Trojans are often used to unite a group of
victim computers to form a botnet or zombie network
that can be used for criminal purposes.
Exploit
Exploits are programs that contain data or code that
takes advantage of a vulnerability within application
software that’s running on your computer.
Rootkit
Rootkits are designed to conceal certain objects or
activities in your system. Often their main purpose is to
prevent malicious programs being detected – in order to
extend the period in which programs can run on an
infected computer.
Trojan-Banker
Trojan-Banker programs are designed to steal your
account data for online banking systems, e-payment
systems and credit or debit cards.
Trojan-DDoS
These programs conduct DoS (Denial of Service) attacks
against a targeted web address. By sending multiple
requests – from your computer and several other
infected computers – the attack can overwhelm the
target address… leading to a denial of service.
Trojan-Downloader
Trojan-Downloaders can download and install new
versions of malicious programs onto your computer –
including Trojans and adware.
Trojan-Dropper
These programs are used by hackers in order to install
Trojans and / or viruses – or to prevent the detection of
malicious programs. Not all antivirus programs are
capable of scanning all of the components inside this
type of Trojan.
Trojan-FakeAV
Trojan-FakeAV programs simulate the activity of
antivirus software. They are designed to extort money
from you – in return for the detection and removal of
threats… even though the threats that they report are
actually non-existent.
Trojan-GameThief
This type of program steals user account information
from online gamers.
Trojan-IM
Trojan-IM programs steal your logins and passwords for
instant messaging programs – such as ICQ, MSN
Messenger, AOL Instant Messenger, Yahoo Pager, Skype
and many more.
Trojan-Ransom
This type of Trojan can modify data on your computer –
so that your computer doesn’t run correctly or you can
no longer use specific data. The criminal will only restore
your computer’s performance or unblock your data, after
you have paid them the ransom money that they
demand.
Trojan-SMS
These programs can cost you money – by sending text
messages from your mobile device to premium rate
phone numbers.
Trojan-Spy
Trojan-Spy programs can spy on how you’re using your
computer – for example, by tracking the data you enter
via your keyboard, taking screen shots or getting a list of
running applications.
Trojan-Mailfinder
These programs can harvest email addresses from your
computer.
Other types of Trojans include:
Trojan-ArcBomb
Trojan-Clicker
Trojan-Notifier
Trojan-Proxy
Trojan-PSW
How to protect yourself against Trojans
By installing effective anti-malware software, you can
defend your devices – including PCs, laptops, Macs,
tablets and smartphones – against Trojans. A rigorous
anti-malware solution – such as Kaspersky Anti-Virus,
ESET Anti-Virus, Norton and Sophos – will detect and
prevent Trojan attacks on your PC, while the Mobile
Security versions can deliver world-class virus protection
for smartphones and tablets.
TROJAN VIRUS

10. If there was any doubt on the incredible power of social
networking, consider the more than one billion pieces of
content shared each day with over half a billion users.
Facebook connects over 500 million people in over 210
countries—indeed, its global population exceeds the size
of most European countries, and counts among its
members citizens from every single continent in the
world.
People on Facebook have great power—they can Friend,
Chat, share Status Updates, post Comments, share Links,
tag Photos, post Videos, join Groups, create Pages,
design Polls, and play together using Applications. They
use Facebook to promote causes, interests, and
themselves!
Facebook allows the world to be more open and
connected by giving its users the tools to interact and
share in any conceivable way. And, to paraphrase the
superhero, with great power comes great responsibility.
Just as a city paints sidewalks, and pedestrians look both
ways before crossing the street, security on Facebook is a
responsibility shared between Facebook and the people
who use its platform.
This guide is all about empowering you to Own Your
Space—to understand what Facebook is doing to make
the site safe and secure and to take the actions that are
needed in this new digital world to protect yourself and
your account.
While the focus of this guide is on Facebook, the lessons
here apply to every site you visit online. Throughout the
guide, we will highlight the unique tools that Facebook
provides so that you can harness your power by
protecting your account, using advanced security
settings, recovering a hacked Facebook account, and
stopping imposters.
Beyond this, we want you to adopt the mantra: Stop.
Think. Connect. Facebook has a ton to offer people, and
with a little bit of common sense you can stay safe and
secure. We hope you find this guide useful. Please join
the conversation by visiting the Facebook Security Page
at www.facebook.com/security.
You are the first line of defense in protecting your
account. You can take control of your protection by using
strong passwords, taking advantage of the many
advanced security settings that provide authentication
as well as secure communications, and making sure you
log out when you are done.
USING GOOD PASSWORDS
Using a good password is something that you should do
every place you visit on the Internet, not just Facebook.
Creating a good password is fairly simple. You want it to
be complex enough that it can’t be guessed, yet
meaningful enough that you
can actually remember it.
Have a great password?
• Don’t use it for ALL your accounts.
• Don’t share it with friends.
• Change it regularly.
• Consider storing it in a password tool.
A good password has at least eight characters, one or
more numbers, and at least one special character. Use
non-words but
associate them with a word. Imagine your pet’s name is
Buddy, you live on State Street, you’re 15, and you like to
stargaze
at night. A good password for you would be budstat15*.
Or go for something humorous you can remember. One
woman
set her work password to remind her of why she went to
work, 4da$cash.
Can’t remember that many details? Use a password tool
to remember for you. Many browsers now include
password vaults.
If yours doesn’t, consider a free tool like KeePass
Password Safe (http://keepass.info/). And just in case you
still forget, be
sure to add a security question and your mobile phone
number in the ACCOUNT SETTINGS of your Facebook
account.
Logging out of Facebook
Logging out of Facebook when you’re not using it is a
simple and effective way to protect your account. Many
people think
that if they close the web page or exit the browser that
also logs them out of Facebook. It doesn’t. The next
person who goes
to Facebook.com on that computer will find themselves
already logged in—to your account. Logging out is
crucial when
you’re accessing Facebook away from home.
But it’s also important at home if you share a computer.
Just ask Nathan, a 16-year-old who left his Facebook
account
logged in on the family computer. During one soccer
practice, his sister dumped his girlfriend for him by
changing his
Facebook relationship status to SINGLE. Since then, he
makes it a point to always log out of Facebook before
leaving the
house. And remember, if you forget to log out of an active
session, you can always remotely close that session from
the
ACCOUNT SECURITY section of the ACCOUNT SETTINGS
page.
PROTECTING YOUR FACEBOOK ACCOUNT

11. If there was any doubt on the incredible power of social
networking, consider the more than one billion pieces of
content shared each day with over half a billion users.
Facebook connects over 500 million people in over 210
countries—indeed, its global population exceeds the size
of most European countries, and counts among its
members citizens from every single continent in the
world.
People on Facebook have great power—they can Friend,
Chat, share Status Updates, post Comments, share Links,
tag Photos, post Videos, join Groups, create Pages,
design Polls, and play together using Applications. They
use Facebook to promote causes, interests, and
themselves!
Facebook allows the world to be more open and
connected by giving its users the tools to interact and
share in any conceivable way. And, to paraphrase the
superhero, with great power comes great responsibility.
Just as a city paints sidewalks, and pedestrians look both
ways before crossing the street, security on Facebook is a
responsibility shared between Facebook and the people
who use its platform.
This guide is all about empowering you to Own Your
Space—to understand what Facebook is doing to make
the site safe and secure and to take the actions that are
needed in this new digital world to protect yourself and
your account.
While the focus of this guide is on Facebook, the lessons
here apply to every site you visit online. Throughout the
guide, we will highlight the unique tools that Facebook
provides so that you can harness your power by
protecting your account, using advanced security
settings, recovering a hacked Facebook account, and
stopping imposters.
Beyond this, we want you to adopt the mantra: Stop.
Think. Connect. Facebook has a ton to offer people, and
with a little bit of common sense you can stay safe and
secure. We hope you find this guide useful. Please join
the conversation by visiting the Facebook Security Page
at www.facebook.com/security.
You are the first line of defense in protecting your
account. You can take control of your protection by using
strong passwords, taking advantage of the many
advanced security settings that provide authentication
as well as secure communications, and making sure you
log out when you are done.
USING GOOD PASSWORDS
Using a good password is something that you should do
every place you visit on the Internet, not just Facebook.
Creating a good password is fairly simple. You want it to
be complex enough that it can’t be guessed, yet
meaningful enough that you
can actually remember it.
Have a great password?
• Don’t use it for ALL your accounts.
• Don’t share it with friends.
• Change it regularly.
• Consider storing it in a password tool.
A good password has at least eight characters, one or
more numbers, and at least one special character. Use
non-words but
associate them with a word. Imagine your pet’s name is
Buddy, you live on State Street, you’re 15, and you like to
stargaze
at night. A good password for you would be budstat15*.
Or go for something humorous you can remember. One
woman
set her work password to remind her of why she went to
work, 4da$cash.
Can’t remember that many details? Use a password tool
to remember for you. Many browsers now include
password vaults.
If yours doesn’t, consider a free tool like KeePass
Password Safe (http://keepass.info/). And just in case you
still forget, be
sure to add a security question and your mobile phone
number in the ACCOUNT SETTINGS of your Facebook
account.
Logging out of Facebook
Logging out of Facebook when you’re not using it is a
simple and effective way to protect your account. Many
people think
that if they close the web page or exit the browser that
also logs them out of Facebook. It doesn’t. The next
person who goes
to Facebook.com on that computer will find themselves
already logged in—to your account. Logging out is
crucial when
you’re accessing Facebook away from home.
But it’s also important at home if you share a computer.
Just ask Nathan, a 16-year-old who left his Facebook
account
logged in on the family computer. During one soccer
practice, his sister dumped his girlfriend for him by
changing his
Facebook relationship status to SINGLE. Since then, he
makes it a point to always log out of Facebook before
leaving the
house. And remember, if you forget to log out of an active
session, you can always remotely close that session from
the
ACCOUNT SECURITY section of the ACCOUNT SETTINGS
page.
PROTECTING YOUR FACEBOOK ACCOUNT

12. If there was any doubt on the incredible power of social
networking, consider the more than one billion pieces of
content shared each day with over half a billion users.
Facebook connects over 500 million people in over 210
countries—indeed, its global population exceeds the size
of most European countries, and counts among its
members citizens from every single continent in the
world.
People on Facebook have great power—they can Friend,
Chat, share Status Updates, post Comments, share Links,
tag Photos, post Videos, join Groups, create Pages,
design Polls, and play together using Applications. They
use Facebook to promote causes, interests, and
themselves!
Facebook allows the world to be more open and
connected by giving its users the tools to interact and
share in any conceivable way. And, to paraphrase the
superhero, with great power comes great responsibility.
Just as a city paints sidewalks, and pedestrians look both
ways before crossing the street, security on Facebook is a
responsibility shared between Facebook and the people
who use its platform.
This guide is all about empowering you to Own Your
Space—to understand what Facebook is doing to make
the site safe and secure and to take the actions that are
needed in this new digital world to protect yourself and
your account.
While the focus of this guide is on Facebook, the lessons
here apply to every site you visit online. Throughout the
guide, we will highlight the unique tools that Facebook
provides so that you can harness your power by
protecting your account, using advanced security
settings, recovering a hacked Facebook account, and
stopping imposters.
Beyond this, we want you to adopt the mantra: Stop.
Think. Connect. Facebook has a ton to offer people, and
with a little bit of common sense you can stay safe and
secure. We hope you find this guide useful. Please join
the conversation by visiting the Facebook Security Page
at www.facebook.com/security.
You are the first line of defense in protecting your
account. You can take control of your protection by using
strong passwords, taking advantage of the many
advanced security settings that provide authentication
as well as secure communications, and making sure you
log out when you are done.
USING GOOD PASSWORDS
Using a good password is something that you should do
every place you visit on the Internet, not just Facebook.
Creating a good password is fairly simple. You want it to
be complex enough that it can’t be guessed, yet
meaningful enough that you
can actually remember it.
Have a great password?
• Don’t use it for ALL your accounts.
• Don’t share it with friends.
• Change it regularly.
• Consider storing it in a password tool.
A good password has at least eight characters, one or
more numbers, and at least one special character. Use
non-words but
associate them with a word. Imagine your pet’s name is
Buddy, you live on State Street, you’re 15, and you like to
stargaze
at night. A good password for you would be budstat15*.
Or go for something humorous you can remember. One
woman
set her work password to remind her of why she went to
work, 4da$cash.
Can’t remember that many details? Use a password tool
to remember for you. Many browsers now include
password vaults.
If yours doesn’t, consider a free tool like KeePass
Password Safe (http://keepass.info/). And just in case you
still forget, be
sure to add a security question and your mobile phone
number in the ACCOUNT SETTINGS of your Facebook
account.
Logging out of Facebook
Logging out of Facebook when you’re not using it is a
simple and effective way to protect your account. Many
people think
that if they close the web page or exit the browser that
also logs them out of Facebook. It doesn’t. The next
person who goes
to Facebook.com on that computer will find themselves
already logged in—to your account. Logging out is
crucial when
you’re accessing Facebook away from home.
But it’s also important at home if you share a computer.
Just ask Nathan, a 16-year-old who left his Facebook
account
logged in on the family computer. During one soccer
practice, his sister dumped his girlfriend for him by
changing his
Facebook relationship status to SINGLE. Since then, he
makes it a point to always log out of Facebook before
leaving the
house. And remember, if you forget to log out of an active
session, you can always remotely close that session from
the
ACCOUNT SECURITY section of the ACCOUNT SETTINGS
page.
PROTECTING YOUR FACEBOOK ACCOUNT

13. If there was any doubt on the incredible power of social
networking, consider the more than one billion pieces of
content shared each day with over half a billion users.
Facebook connects over 500 million people in over 210
countries—indeed, its global population exceeds the size
of most European countries, and counts among its
members citizens from every single continent in the
world.
People on Facebook have great power—they can Friend,
Chat, share Status Updates, post Comments, share Links,
tag Photos, post Videos, join Groups, create Pages,
design Polls, and play together using Applications. They
use Facebook to promote causes, interests, and
themselves!
Facebook allows the world to be more open and
connected by giving its users the tools to interact and
share in any conceivable way. And, to paraphrase the
superhero, with great power comes great responsibility.
Just as a city paints sidewalks, and pedestrians look both
ways before crossing the street, security on Facebook is a
responsibility shared between Facebook and the people
who use its platform.
This guide is all about empowering you to Own Your
Space—to understand what Facebook is doing to make
the site safe and secure and to take the actions that are
needed in this new digital world to protect yourself and
your account.
While the focus of this guide is on Facebook, the lessons
here apply to every site you visit online. Throughout the
guide, we will highlight the unique tools that Facebook
provides so that you can harness your power by
protecting your account, using advanced security
settings, recovering a hacked Facebook account, and
stopping imposters.
Beyond this, we want you to adopt the mantra: Stop.
Think. Connect. Facebook has a ton to offer people, and
with a little bit of common sense you can stay safe and
secure. We hope you find this guide useful. Please join
the conversation by visiting the Facebook Security Page
at www.facebook.com/security.
You are the first line of defense in protecting your
account. You can take control of your protection by using
strong passwords, taking advantage of the many
advanced security settings that provide authentication
as well as secure communications, and making sure you
log out when you are done.
USING GOOD PASSWORDS
Using a good password is something that you should do
every place you visit on the Internet, not just Facebook.
Creating a good password is fairly simple. You want it to
be complex enough that it can’t be guessed, yet
meaningful enough that you
can actually remember it.
Have a great password?
• Don’t use it for ALL your accounts.
• Don’t share it with friends.
• Change it regularly.
• Consider storing it in a password tool.
A good password has at least eight characters, one or
more numbers, and at least one special character. Use
non-words but
associate them with a word. Imagine your pet’s name is
Buddy, you live on State Street, you’re 15, and you like to
stargaze
at night. A good password for you would be budstat15*.
Or go for something humorous you can remember. One
woman
set her work password to remind her of why she went to
work, 4da$cash.
Can’t remember that many details? Use a password tool
to remember for you. Many browsers now include
password vaults.
If yours doesn’t, consider a free tool like KeePass
Password Safe (http://keepass.info/). And just in case you
still forget, be
sure to add a security question and your mobile phone
number in the ACCOUNT SETTINGS of your Facebook
account.
Logging out of Facebook
Logging out of Facebook when you’re not using it is a
simple and effective way to protect your account. Many
people think
that if they close the web page or exit the browser that
also logs them out of Facebook. It doesn’t. The next
person who goes
to Facebook.com on that computer will find themselves
already logged in—to your account. Logging out is
crucial when
you’re accessing Facebook away from home.
But it’s also important at home if you share a computer.
Just ask Nathan, a 16-year-old who left his Facebook
account
logged in on the family computer. During one soccer
practice, his sister dumped his girlfriend for him by
changing his
Facebook relationship status to SINGLE. Since then, he
makes it a point to always log out of Facebook before
leaving the
house. And remember, if you forget to log out of an active
session, you can always remotely close that session from
the
ACCOUNT SECURITY section of the ACCOUNT SETTINGS
page.
PROTECTING YOUR FACEBOOK ACCOUNT

14. If there was any doubt on the incredible power of social
networking, consider the more than one billion pieces of
content shared each day with over half a billion users.
Facebook connects over 500 million people in over 210
countries—indeed, its global population exceeds the size
of most European countries, and counts among its
members citizens from every single continent in the
world.
People on Facebook have great power—they can Friend,
Chat, share Status Updates, post Comments, share Links,
tag Photos, post Videos, join Groups, create Pages,
design Polls, and play together using Applications. They
use Facebook to promote causes, interests, and
themselves!
Facebook allows the world to be more open and
connected by giving its users the tools to interact and
share in any conceivable way. And, to paraphrase the
superhero, with great power comes great responsibility.
Just as a city paints sidewalks, and pedestrians look both
ways before crossing the street, security on Facebook is a
responsibility shared between Facebook and the people
who use its platform.
This guide is all about empowering you to Own Your
Space—to understand what Facebook is doing to make
the site safe and secure and to take the actions that are
needed in this new digital world to protect yourself and
your account.
While the focus of this guide is on Facebook, the lessons
here apply to every site you visit online. Throughout the
guide, we will highlight the unique tools that Facebook
provides so that you can harness your power by
protecting your account, using advanced security
settings, recovering a hacked Facebook account, and
stopping imposters.
Beyond this, we want you to adopt the mantra: Stop.
Think. Connect. Facebook has a ton to offer people, and
with a little bit of common sense you can stay safe and
secure. We hope you find this guide useful. Please join
the conversation by visiting the Facebook Security Page
at www.facebook.com/security.
You are the first line of defense in protecting your
account. You can take control of your protection by using
strong passwords, taking advantage of the many
advanced security settings that provide authentication
as well as secure communications, and making sure you
log out when you are done.
USING GOOD PASSWORDS
Using a good password is something that you should do
every place you visit on the Internet, not just Facebook.
Creating a good password is fairly simple. You want it to
be complex enough that it can’t be guessed, yet
meaningful enough that you
can actually remember it.
Have a great password?
• Don’t use it for ALL your accounts.
• Don’t share it with friends.
• Change it regularly.
• Consider storing it in a password tool.
A good password has at least eight characters, one or
more numbers, and at least one special character. Use
non-words but
associate them with a word. Imagine your pet’s name is
Buddy, you live on State Street, you’re 15, and you like to
stargaze
at night. A good password for you would be budstat15*.
Or go for something humorous you can remember. One
woman
set her work password to remind her of why she went to
work, 4da$cash.
Can’t remember that many details? Use a password tool
to remember for you. Many browsers now include
password vaults.
If yours doesn’t, consider a free tool like KeePass
Password Safe (http://keepass.info/). And just in case you
still forget, be
sure to add a security question and your mobile phone
number in the ACCOUNT SETTINGS of your Facebook
account.
Logging out of Facebook
Logging out of Facebook when you’re not using it is a
simple and effective way to protect your account. Many
people think
that if they close the web page or exit the browser that
also logs them out of Facebook. It doesn’t. The next
person who goes
to Facebook.com on that computer will find themselves
already logged in—to your account. Logging out is
crucial when
you’re accessing Facebook away from home.
But it’s also important at home if you share a computer.
Just ask Nathan, a 16-year-old who left his Facebook
account
logged in on the family computer. During one soccer
practice, his sister dumped his girlfriend for him by
changing his
Facebook relationship status to SINGLE. Since then, he
makes it a point to always log out of Facebook before
leaving the
house. And remember, if you forget to log out of an active
session, you can always remotely close that session from
the
ACCOUNT SECURITY section of the ACCOUNT SETTINGS
page.
PROTECTING YOUR FACEBOOK ACCOUNT