1. CYBER SAFETY MONTH
HIGHLIGHTS
This slideshow outlines and summarises the most
important lessons we hope you took away from our cyber
safety month
All of this information and more is available on the ICTS
website at www.icts.uct.ac.za | Anti-Virus & Security |
Cyber Safety Month, as well as on our Facebook account
at www.facebook.com/icts.uct
2. DID YOU KNOW?
• 1 in every 436 emails are malicious
• 1 in every 1.48 emails are spam (67% of
all emails)
• 1 in every 171.2 emails is a phishing
attack
• 1 in every 340.9 emails contains malware
(malicious software)
• 2200 malicious websites are blocked by
ISPs per day
3. Do you ever think twice about
what you do or say online?
Do you know what phishing is?
Hacking? Identity theft?
As of 2012, it is estimated that 10.8% of the
South African population is online, a 100%
increase over the last 4 years. This means
that many people are still new to the
Internet and can easily fall prey to
scammers.
5. Facebook, Twitter, and other social media
are great for keeping up to date with your
friends and family, but it isn't always wise to
post or share everything you think others
would be interested in.
Here are some common sense guidelines that can
protect you against harm when sharing online:
• Follow the golden rule: If you're not comfortable
having the whole world know about something, don't
post it.
• Assume your mother and your boss are reading what
you post: the things you write or show can come back
to haunt you, so be careful of what you say.
6. • Regardless of your privacy settings,
some people may still be able to
access content you've restricted.
• Remember that everything is permanent:
Once you post something, consider it
permanently published.
• Be cautious of predators: Don't post
revealing photos, updates, or content that
would make you a target of sexual predators
and other criminals.
7. • Never share information that could
endanger yourself or your posses-
sions - such as details of your daily
schedule, dates when you'll be going on
holiday, and what security precautions
you're taking.
• Protect sensitive information: Never
reveal sensitive information regarding
your finances or banking.
8. • Never share your passwords, or information
that could give clues to your passwords.
Never betray the confidentiality of others.
• Know who your friends are – it is unwise to make
friends with complete strangers on social media
sites - you can never be sure what their motives
are.
• Always beware of posting your location. Many
apps have location settings, which can be turned
off. These location settings can show your exact
location to within a few metres. Especially don‟t
check in on social media when you‟re by yourself
and/or in a remote location.
9. • Beware of what you share. Sharing your cell
number and address online are risky
things to do - you should limit who sees your
information.
• Know how to use the security settings on all the sites
you have accounts on. It may seem like a drag, but it
could save your life. Make sure strangers can‟t
harvest your details and use them against you.
• Assume the world is watching is watching you. If you
don‟t want something widely broadcast, don‟t post it.
Everything that gets on the web, stays on the web. It
can be in caches, cookies or saved to someone
else‟s computer, once you post something, consider
it permanently published, even if you delete it.
10. • Don‟t share photographs of yourself in
compromising positions, and never post
extreme views related to race, religion, or
politics.
• Also, don‟t publically air complaints or
extreme views relating to your academic or
professional career, your job
tasks, employer, employees, colleagues, rival
s, or anyone in your professional life. Always
think first and then post only if you‟re sure
that there won‟t be negative repercussions
later on.
• Beware of clickjacking on social media.
12. PART 1: ONLINE SAFETY
Identity (ID) theft is one of the fastest
growing crimes worldwide – with millions
of people having fallen victim to it, and
financial costs of the crime running
into billions of dollars.
ID theft occurs when criminals steal your
personal information and use it for their own
benefit – without your knowledge or
permission.
However, there are guidelines you can follow
to severely reduce the chances of becoming a
victim:
13. • Always keep your sensitive documents
(e.g. ID document, passport, driver's
licence) safe.
• When any of these documents, or your
credit or debit cards, expire or are
replaced, immediately destroy the old
version by shredding or destroying papers
before disposal.
• Do not ever hand your password over to
anyone
• Consider using an identity theft protection
service to protect yourself online.
14. • Always use different passwords for
all your different accounts. If one
account is compromised, the other
accounts remain safe, if all your
passwords are different.
• Google „Password manager‟ on
Google. You can find a tool which
allows you to store all your
passwords safely using one master
password to access them.
15. • Make your passwords long and strong –
Use numbers, characters and for the best
passwords, use a passphrase.
• Ensure that your bank sends you SMS alerts
when transactions occur in your bank account.
• When a bill doesn't arrive on time, contact the
service provider to check if they've sent it to
you.
• Check your credit rating at least once a year to
see if you've unknowingly been blacklisted or
are at risk. South Africans can get a free credit
report once a year from bureaus such as
TransUnion or Experian.
16. • No reputable organisation will ever
ask for your password, but
scammers have been known to go as
far as emailing, phoning and disguising
themselves as IT technicians to gain
access to people‟s passwords.
• Don't give out your personal information -
such as ID number and home address - to
people or companies you don't know, even if
they're offering you special deals or claiming
you've won a prize.
17. Help! My identity's been stolen!
If you're the victim of identity theft, the first thing
you need to do is report the fraud to the police and
obtain a case number. This will assist you when
dealing with banks and retailers that the thief has
used under your name and will also help you navigate
your way through the legal system.
It's important to report the fraud to the Southern African
Fraud Prevention Service (SAFPS) (Helpline: 0860 101
248).
If your ID book and other sensitive documents have been
lost or stolen, register them with the SAFBS via phone
(011 867 2234) or email (safps@safps.org.za).
In cases of financial fraud, you can also contact the
Credit Ombudsman (http://www.creditombud.org.za/) to
resolve disputes with credit providers or agents.
18. PART 2 : OFFLINE SAFETY
It‟s essential to take very strong precautions
when meeting an online friend offline. There
are no standard rules for staying safe, but some
important guidelines are:
• Be paranoid: Be aware that anyone you
interact with online could be a predator in
disguise.
• Verify identity and information: If possible, try
to verify the person‟s identity in some way – for
example by calling the company they say they
work for or Googling them or checking them on
social media.
19. • Retain your privacy: While commu-
nicating online, don‟t give away too
much personal information such as
your address, your daily
schedule, financial information, etc. Also
make
it clear to your friends that they should not
give out such information either.
• Use alternate contact methods: Don‟t give
out your primary email address or phone
numbers. Set up alternatives for all the
means you use to communicate with
online acquaintances – such as an
alternate email address, Skype
account, and cellphone sim card.
20. • Retain your privacy: While communicating
online, don‟t give away too much personal
information such as your address, your daily
schedule, financial information, etc. Also make
it clear to your friends that they should not
give out such information either.
• Use alternate contact methods: Don‟t give out
your primary email address or phone numbers. Set
up alternatives for all the means you use to
communicate with online acquaintances – such as
an alternate email address, chat or Skype account.
• Report unwelcome behaviour: If the person
becomes abusive or sexually inappropriate with
you online, cut off communication and report them
to the police and other relevant authorities – such
as the website you‟re interacting with them on.
21. Meeting an online friend:
• Never let the person fetch you from home
or work.
• Meet in public places only. Make it a place of your
choosing, and somewhere you don‟t normally go –
because if things go wrong, you wouldn‟t want
them finding you there in future.
• Try to have a trusted friend with you if possible, or
at least make safety arrangements like letting
someone know where you‟re going, who you‟re
going to meet, and what to do if they don‟t hear
from you in a certain period of time.
• During the meeting, avoid going to any secluded
area where there‟s no one to see or help you if
things go wrong.
22. • Take things at your own pace. Never
be pressured to do anything you're
uncomfortable with - no matter what
the person says.
• From the start of the meeting, lay down
your rules – and don‟t be afraid to end the
meeting if they violate your rules. And try
to have your own transport nearby so that
you can leave quickly if need be.
• If the person gives you something to eat or
drink, be careful, as it might be spiked
with date-rape drugs or other substances.
24. Many people have given up standing in
long queues at banks and have instead
opted for online banking.
The cool thing about online banking is that you
can access your bank account wherever you are -
provided that you have Internet access.
The downside is that if a hacker gets hold of your
log on details, they can access your bank
account, transfer your funds, and even lock you
out of your account.
Follow these handy tips for banking and buying:
25. 1. ONLINE TRADING POSTS AND AUCTION SITES
• When making purchases or selling on Internet trading
portals always read the buying and selling
instructions carefully.
• Make sure you understand the policies of the website
you are dealing through – particularly regarding what it
will and won‟t do if something goes wrong or a
fraudulent transaction occurs. You should be able to
find this information easily in its terms and conditions.
• If you can, do your homework on the buyer or seller.
When transacting through an online trading post like
Gumtree, make sure that you have the other person‟s
proof of identification, proof of residence, and correct
and confirmed contact details.
26. • When carrying out the
transaction, ensure that the
transaction is witnessed by at least one
person, and that a receipt is issued.
• If the seller is a business, check its
real-world presence. If they provide a
phone number, call them up and verify
their details. But remember that
overseas sellers may be harder to
chase in the event of a problem.
27. 2. ONLINE SHOPPING SITES
• Check online stores‟ privacy and returns
policies to be sure your information will
not be shared and that you are not stuck with
merchandise you didn‟t order.
• Be clear about shipping and delivery costs
(for example, whether or not they are included
and if not, if they are clearly stated).
• Be clear about methods of payment and
whether any of these attract any extra costs.
28. • Always provide the absolute minimum
necessary personal information to
sellers and buyers – and nothing more.
• Bear in mind that paying by credit card offers
greater protection against fraud than other
payment methods – since banks often have
measures in place to deal with credit card
fraud.
• Always double check all details of your
purchase before confirming payment.
29. 3. ALL ONLINE PAYMENTS
• Before entering payment details on any
website, ensure that the site is secure:
There should be a padlock symbol in the
browser window frame, which appears when you
attempt to log in or register.
• Even with a padlock symbol, the site might still be
fraudulent. Check that the web address begins
with „https://‟. (The „s‟ stands for „secure‟.).
• If you‟re using the latest version of your
browser, the address bar or the name of the site
owner will appear in green.
30. • Always keep your receipts –
electronic or otherwise.
• Be sure to check your credit card
and bank statements carefully after
payment to ensure that the correct
amount has been debited, and also that no
fraud has taken place as a result of the
transaction.
• Check the online security options your bank
provides. Some offer free antivirus and
browser security software.
• Remember that UCT staff and students can
use McAfee for free – so be sure that you have
it installed.
31. 4. ONLINE BANKING SAFETY
• Be wary of suspicious looking pop-ups that
appear during your banking session.
Memorise the process you normally
go through to make a payment or
transfer, and be suspicious if anything
different happens.
• Fraudsters sometimes try to trick people into
making a real payment by phoning and
pretending to be from the bank – claiming
the transaction “is just a test”. Never
disclose passwords or other personal
information in response to an email, phone
call or letter purporting to be from your bank
or other financial institution.
32. • Any communication from banks will
use your actual name and verify your
account details by using security
questions.
• Keep your PIN (Personal Identification
Number), your password, your credit or debit
card number PRIVATE. Never write them down
anywhere and never share them with anyone.
Remember that if someone sees your credit
card, they can memorise the numbers and use
these to make purchases without your
knowledge.
• Always install the latest updates and security
patches or your operating system when you are
prompted to do so.
34. With the freedom offered by mobile computing,
it's easy to overlook the basic risks you face
when doing any kind of computing - viruses.
Just as desktop computers need to use antivirus
software, laptops, mobiles and tablet computers
also need to be protected. wIth the increase of
computing applications on mobile phones, even
these devices are at risk if they're not secured with
a suitable antivirus program.
For laptops, UCT staff and students may use
McAfee antivirus free for both their UCT-owned
computers and their private computers – without
charge. For tablet computers and mobile phones, a
number of options are available and can be found
by Googling „Antivirus for mobile phones‟.
35. Are you aware that without you even
knowing it, all the personal information
that you‟re entering on a public computer
like at an internet café may be captured by
someone else?
Hackers and cyber-criminals will do everything
in their power to gain access to your
information. One way they do this is to install
keystroke logging software on some public
computers.
For each and every person using the affected
computer, the software can log emails that
have been sent, passwords entered, websites
accessed, private chats, and file inputs!
36. • Using public Wi-Fi is extremely risky.
Hackers can intercept everything you
do online. This can happen if the
connection between your device and
the Wi-Fi is not encrypted, or if someone
creates a spoof hotspot which fools you into
thinking that it is the legitimate one.
• When you‟re in public, it‟s preferable to use
an encrypted connection – which means
you‟ll probably need to pay. With an
encrypted connection, you‟ll need to enter a
code (called a „key‟) that the provider gives
you.
37. • When using public Wi-Fi, always verify
the name of the network you need to
connect to.
• Don‟t do online banking or other sensitive
computing on public Wi-Fi – especially if you‟ll
need to log into one of your accounts.
• When using your accounts on any Wi-Fi (even
„secure‟ Wi-Fi), always log out of the website as
soon as you‟re done with your tasks. Do not
simply close your web browser.
• Never leave your portable device:
laptop, smartphone or tablet unattended.
38. • Be aware of who is around you and may be
watching what you are doing online. Do not get
distracted by somebody who could steal your
device.
• For all portable devices including tablets and
smartphones, keep your security software up to
date - having the latest mobile security
software, web browser, and operating system
are the best defences against viruses, malware
and other online threats.
• Use the built-in safety features for your device: If the
operating system offers a firewall, make sure it is
turned on.
39. • Research before downloading apps –
always make sure you have read the
terms and conditions and privacy
policy of the apps you wish to install.
Understand what data (location, access to
your social networks) the app can access on
your device before you download it.
• If you don't need Internet access
anymore, turn your device's Wi-Fi setting off
– this will protect you from risks and
lengthen your battery life.
40. THANK YOU FOR
BEING
A PART OF
CYBER SAFETY MONTH!
If you have any queries, ask us on Twitter
(@ICTS_Feedback) or Facebook
(facebook.com/icts.uct)
41. WIN WITH EDUCAUSE!
Win $2000 - enter the 2013 Information Security
Awareness video & poster contest!
You stand to win up to $2000 (that‟s R14 000) for
creating a poster or a video in this international
competition. The contest is aimed at material created
FOR students BY students. The closing date for this
competition is March 8, 2013
Guidelines and rules on producing posters and
videos are available on the Educause website:
www.educause.edu/securityvideocontest.