Staying Safe In Cyberspace By Chris Sweet Decatur Public Library Updated by Lesley Farmer Did You Know? There are 240 million Internet users in the US (77% of the population) Online sales totaled over $100 billion in 2008 1 in 4 households have been victims of ID theft in the past 5 years. 33% of 13- to- 17-year-olds reported that their parents or guardians know “very little” or “nothing” about what they do on the Internet. DO NOT FEAR THE INTERNET! The Internet has tremendous potential for learning and entertainment. It also has the potential to be a dangerous place. On the Internet, the good far outweighs the bad. We’re here to learn some of the ways you can protect yourself on the Internet. Internet Safety is cumulative. There is NO single thing you can do to completely protect yourself on the Internet. There are multiple components to staying safe. We will look at all the major categories including: Passwords and IDs E-mail and Phishing Cookies, Spyware, Viruses and Firewalls Online Shopping and Banking Children and Teens on the Net Filtering and Monitoring PASSWORDS Writing STRONG passwords for all of your accounts is the first step in internet safety. What is a “strong” password? A strong password is one that cannot be easily guessed or broken by hackers. Passwords DO NOT use the same password for every site. Each site that has access to your financial information should have its own unique password. Change all your passwords at least once a year. Never, ever give out your passwords to anyone. Passwords If you think someone has learned your passwords, change them immediately. Writing down your list of passwords is ok as long as you keep that list safe (you can write more complex passwords this way). Avoid letting people observe you typing your password. Be sure to log out from any site that requires a password to log in. How to write a weak password! How to write a strong password DO NOT USE: Any part of your name - first, last, or middle Your initials Your social security number Birthdays Phone numbers or addresses Words from the English dictionary Your username or login name How to write a strong password DO USE: Special characters (*!$+) mixed with both letters and numbers Mixed upper- and lower-case letters Nonsense words that are easy to pronounce but aren't in any dictionary At least eight or more characters Usernames and ID names As long as you have a strong password, the username is not quite as important. You can use real words for your username, but it is still a good idea to avoid using any part of your real name. For the greatest security you can follow all the rules for creating a strong password. E-MAIL AND PHISHING Did You Know? One of the most common ways to get a virus is through an e-mail that you open? Or that victims of identity theft often send their personal information straight to the criminals? How do you prevent this? E-mail Safety NEVER open attachments from senders you do not know! Contrary to popular belief, it is ok to read all of your e-mails, just beware of those attachments from unknown senders! Avoid sending personal information (social security number, bank account numbers, credit card information, etc.) in any emails. E-mail Safety Set up spam filters so that only messages from people you know get into your inbox (different with each e-mail service). If you use a public computer, do not select the feature that allows you to log on automatically. People who use that computer after you may be able to see and use your screen name to log on. Phishing Phishing is an attempt to get you to disclose personal sensitive information by fooling you with fake e-mails. Phishers target consumers by sending them e-mail messages from well-known companies such as PayPal, eBay, Citibank, and AOL that appear legitimate. These scam emails often tell you that you need to update your account information, PIN number or password. If you click on the links in the e-mail it will take you to a site that is an exact replica of the legitimate site EXCEPT that the web address is slightly different. Phishing It is very easy to avoid phishing scams. If you get an e-mail telling you to update your account information simply DO NOT use the links provided in the e-mail! Type the address of the real site into your browser’s address bar, login, and then determine if your information really needs updating. Learn to identify fake websites. The web address will always be slightly different than the correct one: for example www.001ebay.com instead of www.ebay.com Example: www.hotmail.com Cookies, Spyware, Virsuses And Firewalls What are cookies? Cookies are small bits of data used by web servers to help identify individual web users. To simplify things, a cookie can help a website “remember” you and show you a customized page the next time you visit it. Cookies How do you get rid of cookies? Go to the “Tools” menu in Internet Explorer. Click on “Internet Options.” In the middle of the box that pops up click on “Delete Cookies”. While you are on this screen it is also worthwhile to click on the “Delete Files” button and put a checkmark next to “Delete All Offline Content.” This will remove additional temporary internet files that you do not need. (Demonstrate: www.google.com ) Spyware Spyware is any technology that aids in gathering information about a person without their knowledge. Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program. Serious spyware programs can lead to identity theft. Spyware Avoid installing spyware by: 1) Never clicking on a pop-up (these often lead to sites that install spyware) 2) Don’t click on pop-ups that tell you that your computer is infected with spyware (this is a common scam to get you to install spyware) 3) Set your Internet Explorer security setting to medium or higher. To do this click on “Tools” then “Internet Options” then “Security”. The slider on the left should be at medium or higher. Spyware There are a number of good free spyware removal programs available: The free Yahoo toolbar has a good Spyware removal program and pop-up blocker (in addition to other features). Download here: http://toolbar.yahoo.com Another good, free program is Spybot: http://www.spybot.info/en/index.html Spyware Notes: 1) You must update these programs on a regular basis to be protected from new forms of spyware. 2) If you buy a software package from McAfee, Norton, etc. you may also get additional spyware protection. VIRUSES Viruses What is a virus? Computer viruses are self-replicating programs which cannot exist without a host. A computer virus passes from computer to computer like a biological virus passes from person to person. A computer virus must piggyback on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. These programs can be relatively harmless, or they can completely crash your computer. Viruses How do you protect yourself from viruses? As mentioned above, not opening e-mail attachments from unknown senders is your first line of defense. There are three additional steps you should take to avoid viruses: 1) Keep your computer updated, 2) Use antivirus software, 3) Use a firewall. Updates Viruses usually work by exploiting security flaws in the software that you are running. Software companies issue “patches” to fix these flaws, but you must update your system regularly to keep your computer secure. Updates video from Microsoft: http://www.microsoft.com/athome/security/updat e/video_update.mspx Updates Keeping your operating system (Windows XP, 2000, etc.) updated is essential. Go to http://windowsupdate.microsoft.com to download updates or turn on automatic updates. You should also keep your Microsoft Office products up-to-date by going here: http://office.microsoft.com/ and clicking on “Check For Updates.” Update other software as required. Antivirus Software Antivirus software is your first line of protection against viruses that you can get over the internet. Antivirus software is a class of program that searches your hard drive and floppy disks for any known or potential viruses. There are quite a few antivirus companies out there. Norton, McAfee, Panda, Trend Micro. Norton and McAfee are the largest. There is a free anti-virus called AVG and it is available at http://free.grisoft.com/ Antivirus Software Major antivirus software companies offer frequent updates to keep your computer safe against the most recent viruses. You MUST pay a yearly subscription fee and keep your antivirus software up-todate. If you don’t, you are only protected against old viruses and vulnerable to all new viruses! Firewall A FIREWALL is a program that serves as a sort of filter between your home computer and the internet. If you have a fast connection (cable or DSL) you probably want some sort of firewall. A firewall can prevent hackers from gaining access to your computer and files. A firewall generally provides additional virus protection. There is a free firewall called Zone Alarm available from http://www.zonelabs.com Other makers of firewalls include Norton and McAfee. There is also a firewall included with Windows XP. Remember! Getting a virus or finding spyware on your computer is a common occurrence. The majority of viruses and spyware are relatively harmless. There are very few viruses that can crash your entire system and very few spyware programs that can steal your personal information. For More Info: The June 2010 issue of Consumer Reports has great information and ratings on cyber security. ONLINE SHOPPING & ONLINE BANKING Online shopping is a huge, growing industry ($100 billion in 2005). Why shop online? 24 hour convenience Very easy to comparison shop Better deals than retail stores Larger selection than retail stores Often no sales tax Online Banking All major banks and most smaller ones offer online banking Why bank online? 24 hour convenience Up-to-date statements Easy transfers Pure online banks are often cheaper Online Shopping & Banking The easiest way to protect yourself when shopping online is to only enter confidential information (credit card numbers) on a secure server. You know you are on a secure site when this padlock symbol: appears in the lower right-hand corner of the screen. The web address will also change from http to httpS. (the “s” stands for secure). (www.sears.com) Online Shopping & Banking As mentioned above, keep your browser (Internet Explorer, Firefox, etc.) up-to-date. Browsers use encryption to keep sensitive information safe over the internet. Newer versions often offer increased security. Be wary of “sounds too good to be true” offers on the internet. They probably are! If you are required to give a credit card number for a “free” prize, it probably isn’t. Online Shopping & Banking Read the fine print. You can often get limited time free access to great sites, but then get hit with a hefty monthly subscription fee thereafter. Always, always log out of your account when finished. If there is an option, don’t let the company store your credit card information for next time. Online Shopping & Banking Big name companies and banks (target.com, walmart.com, amazon.com, citibank.com etc.) are safe to do business with. Be more cautious with smaller companies. For smaller or unknown companies, check with the Better Business Bureau Online: http://www.bbbonline.org/ Use your credit card: under federal law (and your credit card agreement) your liability for an unauthorized charge is limited to $50. YOUTH ON THE NET “The Internet isn’t optional anymore- it’s essential to our children’s futures. Unplugging them is like throwing the baby out with the bathwater. Our children need to become Internet literate in order to hold jobs, succeed in school, or attend college. Denying them access is denying them the tools they need to succeed.” (Aftab, Parry. The Parent’s Guide to Protecting Your Children in Cyberspace. p.1) Rules for Kids on Net Never give out identifying information: phone number, address, school name, social security number, passwords, etc. Use a false name or nickname Never respond to messages that are suggestive, obscene, belligerent, or threatening. Just ignore them!! Remember that people online may not be who they seem! Rules for Kids on Net Tell an adult if you find anything on the Internet that makes you uncomfortable. Never agree to meet someone you meet online unless a parent agrees to come with you. Use safe websites and safe search engines (see handout). Rules for Parents Keep the computer in an open, visible area- not a bedroom or office Set daily Internet time limits. You may want to only allow Internet use when a parent is at home. Sign an Internet safety pledge: http://www.netsmartz.org/resources/pledge.htm or http://www.safekids.com/contract_kid.htm (a very good idea to do this!). Let children know that they will not be punished for accidentally accessing inappropriate sites. Strongly encourage them to always come to you if they find something on the Internet that makes them uncomfortable. Along these lines, don’t be too quick to blame or threaten privileges. Kids can easily come across inappropriate content by accident. Rules for Parents Don’t use the Internet as an electronic babysitter! Teach children not to accept anything for free over the Internet: whether it is from a contest, pop-up, e-mail or a “friend” they met online. Use the Internet with your children. Learn about the sites they like to use. Depending on their age, you may want to require children to give you their username and password for their e-mail account If your child knows more about the Internet than you do, encourage them to teach you how to use the sites they like. FILTERING AND MONITORING What is a filter? An Internet filter is a software or hardware product designed to prevent access to inappropriate websites on the internet. It does this by using lists of unacceptable URLs, or by examining individual websites for specific keywords or unwanted content. Filters Filters are unreliable at best. NO filter will block ALL inappropriate content on the Internet. Also, ALL filters accidentally block LEGITIMATE content. If you really want to restrict access, the best method is to use software that only allows access to particular sites. You can then add additional legitimate sites to the list after you check them out approve them. Monitoring Some filtering software also includes the ability to monitor and review children’s Internet activities as well as impose daily time limits. A very basic monitor is included with the Internet Explorer browser. If you click on the history icon you can see a list of all the websites visited on your computer in the last 20 days (default setting). You can increase or decrease the number of days if you prefer. Note: Internet savvy users will know how to delete the sites they’ve visited. Demonstrate: www.google.com Filtering and Monitoring Consumer Reports recently ran a good article comparing internet filtering software (June 2010) Also check out these websites for additional reviews and information: http://internet-filter-review.toptenreviews.com/ http://www.internet-filters.net/ CHATROOMS and INSTANT MESSAGING Did You Know?: In a survey of 1,000 U.S. girls aged 13 to 18 thirty percent said they've been sexually harassed in a chatroom? Only 7% told their parents. (Whitney Roban, Ph.D. The Net Effect: Girls and New Media) Chatrooms & Instant Messaging What is Chatting? Internet Chat is a way for people to communicate live with each other by typing text messages which are seen immediately by everyone present in the online chat "room". It is a sociable activity, and very popular with young people as a way of meeting and talking to friends and establishing relationships. Chatrooms & Instant Messaging What is Instant Messaging? Instant Messaging (I.M.) software lets people have live text conversations DIRECT between individuals, rather than in a public Internet chat room with lots of onlookers. The software also allows you to transfer files between the computers of online friends. It is a very popular way to keep in touch with friends or workmates, exchange news and gossip, etc. You can build up a “buddy” list to make it easier to IM friends who use the same software. Chatrooms & Instant Messaging Like e-mail, don’t respond to belligerent or obscene messages. Don’t add just anyone to your contacts lists. Also, know how to block someone whom you don’t want to receive messages from. Remember that viruses and spyware can be transferred through IM. Be careful opening files from people you don’t know. Chatrooms & Instant Messaging Learn the Lingo! Here are a few examples of commonly used abbreviations: LMK- Let Me Know PIR- Parent in Room P911- Parent Alert PAW- Parents are Watching LMIRL- Let’s Meet in Real Life WYCM- Will You Call Me? Find many, many, more at: : http://www.netlingo.com/ Video Tracking Someone online: http://www.netsmartz.org/resources/reallife .htm DID YOU KNOW? 61% of 13 to 17 year olds have a personal profile on sites such as Myspace, Facebook, or Xanga; 14% have actually met face-to-face with a person they had known only though the Internet. (Teen Internet Safety Survey. NCMEC and Cox Communications, 2006) Almost all youth use social media at least monthly (Computer World, 2009) What is www.facebook.com? Myspace.com, Friendster, Facebook, etc, are all “social networking” websites. Essentially they are places to meet new people and express your personal identity. They are hugely popular with teens and college students. Www.facebook.com has over 500 million members and ranks as the most popular site on the web! Staying Safe on Facebook Be very careful about the information you put into your profile and the information in bulletins and comments from friends. It all adds up! Meeting someone you have only met online is very dangerous! If you are set on meeting an online friend be certain to bring one or more friends with you and set the meeting in a public place. Be wary of adding everyone who asks to your “Friends” list. Remember that everyone who is on your friends list can see more of your personal information. Your safety depends on the sum total of all information available about you on the Internet. Try Googling yourself to see how much personal information you can find. Staying Safe on Facebook Don’t lie about your age (You must be 13 or older to have a Facebok profile) Don’t post anything that you would be embarrassed about later (bulletins, blogs, photos, etc.) Add additional security and privacy to your MySpace account by clicking on “Account Settings” and then on “Privacy Settings.” You can make your profile available only to friends and change other privacy settings. Remember, you can get in trouble at school for things you post on the Internet Companies and colleges are now also searching Facebook pages as part of the application process! Be careful! Conclusion The Internet is and extremely valuable resource and it is far safer than most people believe. Don’t avoid the Internet (or keep your kids off) just because of fears about safety. There are many real dangers, but the steps needed to stay safe online are fairly simple.