https://edu.gcfglobal.org/en/internetsafety/
Creating strong passwords
You'll need to create a password to do just about everything on the Web, from
checking your email to online banking. And while it's simpler to use a short, easy-toremember password, this can also pose serious risks to your online security. To
protect yourself and your information, you'll want to use passwords that are long,
strong, and difficult for someone else to guess while still keeping them relatively
easy for you to remember.
Why do I need a strong password? - At this point, you may be wondering, why do I
even need a strong password anyway? The truth is that even though most websites
are secure, there's always a small chance someone may try to access or steal your
information. This is commonly known as hacking. A strong password is one of the best
ways to defend your accounts and private information from hackers.
A strong password is one that's easy for you to remember but difficult for others to
guess. Let's take a look at some of the most important things to consider when creating
a password.
● Never use personal information such as your name, birthday, user name, or
●
●
●
●
●
email address. This type of information is often publicly available, which makes it
easier for someone to guess your password.
Use a longer password. Your password should be at least six characters
long, although for extra security it should be even longer.
Don't use the same password for each account. If someone discovers your
password for one account, all of your other accounts will be vulnerable.
Try to include numbers, symbols, and both uppercase and lowercase letters.
Avoid using words that can be found in the dictionary. For example,
swimming1 would be a weak password
Some of the most commonly used passwords are based on family names,
hobbies, or just a simple pattern. While these types of passwords are easy to
remember, they're also some of the least secure.
Using password managers - As an alternative to writing your passwords on paper,
you can use a password manager to store them securely online. Password managers
can remember and enter your password on different websites, which means you won't
have to remember longer passwords. Examples of password managers include
LastPass, 1Password, and Google Chrome's password manager.
Example: m#P52s@ap$V - This is a great example of a strong password. It's strong,
long, and difficult for someone else to guess. It uses more than 10 characters with
letters (both uppercase and lowercase), numbers, and symbols, and includes no
obvious personal information or common words. This password might even be a bit too
complicated to remember without a password manager, which underscores why
they're so helpful when creating a strong password.
Your Browser's Security Features
Your computer faces different threats whenever you browse the Web, including
viruses, malware, and spyware. The good news is your web browser has a lot of
built-in security features to help protect your computer. Let's take a look at some of
the most important features you should know about, as well as some simple tips you
can use to stay safe online.
Watch the video below to learn more about your browser's built-in security features.
Check the web address
Malicious websites often use deceptive web addresses to trick users. For example,
www.wellfargo.com looks similar to www.wellsfargo.com, but it's missing the s in the
middle.
Double-checking the domain name is a good way to ensure you're going to the real,
trusted site—not a phony site with a similar web address. Some web browsers will even
try to make the domain name easier to read. In the example below, you can see that
wellsfargo.com uses a darker color in the address bar.
Look at the security symbol
Some websites will display a lock symbol in the address bar. This is most commonly
seen with certain types of websites, like online stores and banking sites. This means the
website is using an HTTPS connection, which makes it safe to enter your personal
information. You'll also see https at the beginning of the URL.
You won't see this symbol on all websites, and that's OK—not all websites need this
extra layer of security. However, you should avoid entering any sensitive information,
such as your credit card number, if you don't see this symbol in the address bar.
Update your browser regularly
New viruses and malware are created all the time, so it's important to update your
browser regularly. Your browser will usually notify you when it has an update available,
but you always have the option to update manually. In this example, we're updating
Google Chrome to the most recent version, but the exact update procedure will vary
depending on your browser.
Avoiding Spam and Phishing
Dealing with spam
If you've ever received unwanted email advertisements, you may already be familiar
with spam, also known as junk email. Spam messages can clutter your inbox and
make it more difficult to find the emails you actually want to read. Even worse, spam
often includes phishing scams and malware, which can pose a serious risk to your
computer. Fortunately, most email services now include several features to help you
protect your inbox from spam.
Spam filters
Whenever you receive an email, most email providers will check to see if it's a real
message or spam. Any likely spam messages will be placed in the spam folder so you
don’t accidentally open them when checking your email.
Spam-blocking systems aren’t perfect, though, and there may be times when legitimate
emails end up in your spam folder. We recommend checking your spam folder regularly
to make sure you aren’t missing any important emails.
Many email services also have a feature you can use to mark emails as spam. In
Gmail, for example, you can select the message and click the Mark as Spam button.
This helps your email provider filter out these types of messages in the future.
Phishing
Phishing scams are messages that try to trick you into providing sensitive
information. These often appear to come from a bank or another trusted source, and
they'll usually want you to re-enter a password, verify a birth date, or confirm a credit
card number. Phishing messages may look real enough at first glance, but it’s
surprisingly easy for scammers to create convincing details.
Even though this email has the Bank of America logo, you can see that the email
address it comes from is misspelled. If you receive something like this, instead of
clicking any of the links in your email, always access your account directly from the
official secure site or by calling the number directly on your bank card.
Other common email scams
Spam and phishing are common problems, but there are many other types of email
scams you may encounter. Some will promise to give you a lot of money if you advance
a small amount upfront. Others may pretend to be from people you know in real life, and
they'll often ask you to send money or download an attached file.
Remember to trust your best judgment. You should never send someone money
just because you've received an email request. You should also never download email
attachments you weren't expecting because they might contain malware that could
damage your computer and steal your personal information.
How to Avoid Malware
How to avoid malware
Malware is one of the most common hazards to your computer when you're online, but
it's easy to avoid. Developing safe and smart browsing habits can protect you from
malware and other threats, like viruses. Securing your computer and learning how to
identify and avoid suspicious links are the fundamentals of safe browsing habits.
Secure your computer
Limiting your computer's vulnerability to malware is a crucial safe browsing habit. You
can protect your computer by running antivirus and antimalware software like
Bitdefender or Norton. These programs can block malware from being installed and
can remove it if it does get onto your computer. Even if you don't see signs of malware
on your computer, running regular scans can catch any malware that has escaped
notice.
Many malware programs take advantage of security flaws in Windows and other
software. Keeping your OS, browser, and other programs updated is an important
step in protecting your computer. The security patches in these updates make your
computer immune to many threats.
Avoid suspicious links
Most malware requires you to click something to download and install it. These links are
often disguised as something they are not. If you are aware of what suspicious links can
look like, you can avoid them. Here are some examples of misleading links concealing
malware downloads.
● Ads on websites can look like system messages or diagnostics warning you
that something is wrong with your computer, like the image below.
● Ads can look like messages saying you have won a prize and instructing you to
●
●
●
●
click to claim it.
Pop-up windows frequently contain malware or attempt to lead you to a less
secure site. Most reputable sites don't use pop-up windows. Many browsers
block pop-up windows by default.
If you are prompted to download something you weren't expecting—or if it seems
to be unrelated to the page you were on—it's probably malware.
Headlines that are ambiguous and sensational that encourage you to click to
read more are called clickbait. Sites that use lots of clickbait headlines are more
likely to contain links to malware.
If you're ever unsure whether a website or download is safe, close it and
investigate the site before returning to it. It's always a good idea to be cautious
when browsing unfamiliar sites.
Safe Online Shopping
To protect sensitive information like credit card numbers, you'll want to shop from your
home Internet connection if possible. Try to avoid shopping when connected to a
public Wi-Fi network or when using a public computer, such as a library computer.
Public computers and Wi-Fi networks are at a slightly greater risk for hacking, which
could put your information at risk.
Look for HTTPS
Many websites will display a lock symbol in the address bar. This is most commonly
seen on the payment page of an online store. This means the website is using an
HTTPS connection, which makes it safe to enter your information.
You won't see this symbol on every page of an online store, and that's OK—not all
pages really need this extra layer of security. However, you should avoid entering your
credit card number or other financial information if you don't see this symbol.
Research the company or seller
Anyone can set up a shop online, so it's important to research a company or seller
before buying from the site. Make sure the business has a physical address and
phone number you can contact if there's a problem. You can also check for reviews on
sites like Yelp and Google.
Use secure payment methods
Credit cards are generally the safest way to pay for items online. Avoid options like
direct wire transfer, bank transfers, or sending cash or checks through the mail. And if
you don't like the idea of giving your credit card information to different retailers, you
could try an online payment service like PayPal or Google Wallet.
Keep a record
Always save records of your online transactions, which should include the receipt,
order number, product description, and price. You will also want to save any emails
you send or receive from a seller, which may come in handy if there's a problem later
on.
Understanding Browser Tracking
Whenever you use the Internet, you leave a record of the websites you visit, along with
each and every thing you click. To track this information, many websites save a small
piece of data—known as a cookie—to your web browser. In addition to cookies, many
websites can use your user accounts to track browsing activity. While this type of
browser tracking doesn't pose a serious risk to your online security, it's important to
understand how your online data is tracked and used.
Why do websites track browsing activity?
There are many reasons a website might track your browsing activity. In some cases,
it's simply to make your browsing experience faster and more convenient. But this data
can also be used to determine your browsing habits and preferences—information that
is frequently used by advertisers in determining what ads to show you online.
How do cookies work?
Cookies can store specific information on the websites you visit and the things you click
on different sites. If you don't have an account on a particular site, this information is
typically saved in a cookie to your web browser. For example, a news website might use
cookies to see if you've previously visited its site—and what articles you read on your
last visit—so it can suggest more articles based on your previous choices.
Should I be worried about cookies?
Generally speaking, cookies don't pose a serious risk to your online security—you're
unlikely to acquire malware or expose sensitive financial information by using cookies.
Still, if you don't like the idea of websites collecting information about you this way, there
are options for limiting cookie tracking on your computer.
How to avoid cookie tracking
There are a few different ways to avoid cookie tracking. Some websites actually give
you the option to disable cookie tracking on their site, although this may also disable
certain site features.
If you want to opt out of cookies entirely, you could try enabling the Do Not Track
setting in your browser. Most web browsers disable this feature by default, but it can
usually be activated from the privacy settings.
Note that participation in the Do Not Track program is voluntary, so some sites may not
honor this request. If you'd prefer to avoid cookies altogether, you could use a private
browsing mode whenever you go online. This will prevent any cookies from being
saved to your web browser.
Private browsing mode won't protect against every kind of browser tracking.
Account tracking
Even if you never allow websites to store cookies, there are other ways your browsing
habits can be tracked. For example, when you create an account with a site like
Facebook or Google, you're also giving them permission to track and save information
on your activity. Instead of saving this information in a cookie, it's stored by the
company and associated with your account.
In many cases, this information is then provided to third-party advertisers, who can use
this information to deliver personalized ads across the Internet. And while you can
usually disable these tracking settings, they will be enabled by default.
What To Do if Your Computer Gets a Virus
Computer viruses can be dangerous and should be taken seriously, but there are
ways to remove them before serious damage is done. We'll go through the basic steps
of virus scanning and removal, but keep in mind that it may still be necessary to hire a
technical support professional to completely remove the virus and repair your computer.
Antivirus software
First, if you don't already have an antivirus program, install one. Be sure you only have
one antivirus program installed because having more than one can cause significant
problems. Examples of antivirus software include Bitdefender and Norton.
Run a system scan
Once you've verified that your antivirus program is running, begin a scan. If you're
unsure how to do this, review the documentation for your antivirus program, which
usually can be found on the developer's website. Some programs offer several types of
scans, and you may want to run the most thorough type, usually called a full system
scan. This may take several hours. Usually, you do not need to remain at the computer
during the scan.
Review discovered threats and recommended action
Either during the course of the scan or when it's complete, the antivirus program will
notify you of discovered threats and recommend various courses of action. Usually, the
recommended action for each threat is the best choice. If the antivirus is unable to
remove any threat, don't ignore it. Investigate how to proceed with some Internet
searches or by contacting a professional, like the support team for the antivirus
program.
Malware
Your antivirus program may be bundled with an anti-malware program. Antivirus and
anti-malware programs scan for slightly different things but they work similarly, so you
can follow the same steps in this tutorial.
If you are unable to remove the virus—or if your programs or operating system are
damaged beyond repair—it may be necessary for you to erase the hard drive and
reinstall your operating system and programs. At this point, you would want to hire a
technical support professional,
I Have to Provide My Phone Number? Using Phone Verification
Using phone verification
If you've used a webmail service like Gmail, Outlook.com, or Yahoo! Mail in the past
few years, you may have been asked to provide a phone number to help verify your
account. As we start to conduct more and more of our everyday tasks online—like
paying bills and shopping from online stores—it's become increasingly important for
many web providers to verify your identify and prevent others from abusing your
account. Your phone number is one of the easiest ways to verify your identity with an
online service provider.
How does phone verification work?
When you're creating an account or trying to recover a lost password, you may be
asked to enter your phone number. Your provider will send you a text message (or call
your phone) with a verification code, which you can then enter online. This lets them
know that you're a real person and not someone else trying to gain access to your
account—basically, it's an easy way to prove that you are who you say you are.
Does phone verification pose a risk to my privacy?
Not everyone feels comfortable sharing their phone numbers with large companies like
Google and Microsoft. And while it may seem like a lot of personal information to give
away, it's important to realize that phone verification mainly exists to protect your
account. It's very unlikely that your phone number would be used for any other reason.
It may help to think of phone verification like providing an emergency contact
number—if something goes wrong with your account, it will be easier for the online
service provider to contact you directly.
Some services, like Google and Facebook, even let you use a phone number as part of
a two-step verification program. Basically, whenever you sign in to your account from
a new computer, you'll need to use your phone to enter a verification code. This makes
it much more difficult for someone else to hack into your account.
Wi-Fi Security
If you are using a home Wi-Fi network to access the Internet, you should make sure it
is secure; otherwise, your activity and information could be accessible to hackers and
cybercriminals. Securing a wireless network can get technical, so beginners may prefer
to get help from their Internet service providers (ISPs).
Public Wi-Fi safety tips
Being able to access the Internet through Wi-Fi hotspots in coffee shops, hotels,
airports, and other public spots can be quite convenient. However, these Wi-Fi hotspots
are often not as secure as your home network. Review the following tips to learn how to
stay safe when connecting to a public network.
● Make sure you are on a legitimate network. Cybercriminals sometimes set up
rogue networks with common names like Free Wi-Fi or Public Wi-Fi to get you
to connect to illegitimate networks. Ask the hotspot owner for the name and login
information for the hotspot you are visiting before you connect.
● Protect your computer by making sure your firewall is turned on and your
antivirus software is up to date.
● Make sure you are aware of the people around you when using a hotspot.
●
Keep an eye out for anyone who may be glancing over your shoulder and
viewing your private information and activity. Never leave your laptop or mobile
device unattended in a public space.
Do not conduct financial transactions like banking or shopping with a credit
card while using public hotspots.