SlideShare ist ein Scribd-Unternehmen logo

Cyber security and Privacy Awareness manual

Jay Nagar
Jay Nagar

Manual of cyber awareness

Bildung
1 von 140
Downloaden Sie, um offline zu lesen
1 Privacy Kit Manual of cyber awareness Chapter-1 Safe Computing What is Safe Computing? Safety is a state of being protected from potential harm or something that has been designed to protect and prevent harm. An Example of Safety is when you wear a seatbelt. Today, we are more dependent on computers and the information that they store than ever before. From spyware, viruses, and Trojans to identity theft and computer hardware malfunctions - any disruption can have a huge impact on our lives. No matter how savvy the user, safe computing software and security settings and the secure actions of the user. Below are some tips that will help you protect your computer. 1. Keep your Computer Updated: Whether individuals choose to update their operating system software automatically or manually, we recommend making it a continuous process. It is also important to keep other software on your computer updated. Software updates often include essential bug fixes and security features that address existing vulnerabilities.
2 2. Keep up-to-date on software patches: Staying up-to-date on the latest security patches is critical in today’s threat environment. The single most important thing you can do keep your software and computer safe is to always run the most up-to-date versions. Why patch? If your computer seems to be working fine, you may wonder why you should apply a patch. By not applying a patch you might be leaving the door open for a malware attack. What to patch? Not all the vulnerabilities that exist in products or technologies will affect you. However, any software you use is a potential source of vulnerabilities that could lead to compromise of security or identity. The more commonly used a program is, the bigger target it represents and the more likely it is that vulnerability will be exploited. For the more obscure software you use, contact the vendor to receive updates, patches, or vulnerability alerts. Additionally, don’t forget to patch your Antivirus software.
3 3. Do not use open Wi-Fi: Everybody has done it. At least once, probably a lot more. Maybe daily, Maybe even hourly. But just because everybody else is connecting to the internet via free public Wi-Fi doesn’t mean you should, too. Instead, you should listen to that little voice in your head that asks, “is this safe?” every time you connect to a public Wi-Fi network - because you know it really isn’t. You’re not alone. Open public Wi-Fi networks are everywhere: coffee shops, airports, restaurants, shopping malls, public Wi-Fi is commonplace. And so are people’s concerns about their safety on unsecured open Wi-Fi hotspot, but like you they go ahead and connect anyway. There are a few big problems with using a public Wi-Fi network. The open nature of the network allows for snooping, the network could be full of compromised machines, or - most worryingly - the hotspot itself could be malicious. When you connect to an open Wi-Fi network like one at a coffee shop or airport, the network is generally unencrypted - you can tell because you don’t have to enter a passphrase when connecting. Your unencrypted network traffic is then clearly visible to everyone in range. People can see what unencrypted web pages you’re visiting, what you’re typing into unencrypted web forms, and even see which encrypted websites you’re connected to - so if you’re connected to your bank’s website, they’d know it, although they wouldn’t know what you were doing.
4 4. Lock the computer/system when you are not using: The physical security of your devices is just as important as their technical security. If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it. If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well. For desktop computers, shut-down the system when not in use or lock your screen. 5. Download Files Legally: Downloading from the internet and sharing files are both common, everyday practices, and can come with a set of risks you should be aware of. You could unknowingly give others access to your computer while file sharing, who could potentially copy private files. This can happen when you’re asked to disable or alter your firewall settings in order to use Peer-to-Peer to upload to a file sharing program, which could leave your computer vulnerable. Downloading viruses, malware and spyware to your computer without you knowing it, they’re often disguised as popular movie or song downloads. Inadvertently spreading viruses and other malware that damage the computers of those with whom you’re file sharing.
5 6. Backup on regular basis: Regular, scheduled backups can protect you from the unexpected. Keep a few months’ worth of backups and make sure the files can be retrieved if needed. If you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and reinstall the system. 7. Use HTTPS everywhere: HTTPS helps prevent intruders from tampering with the communications between your websites and your user’s browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages. Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For examples, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities. Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML. they are all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP. 8. Use Anti-Virus: Only install an antivirus program from a known and trusted source. Keep virus definitions, engines and software up to date to ensure your antivirus program remains effective. Virus, worms and the like often perform malicious acts, such as deleting files, accessing personal data, or using your computer to attack other computers. To help keep your computer healthy, install Anti-virus. You must also ensure both the program and the virus signature files are up to date.
6 9. Use Anti-Malware: Anti-Malware is a type of software program designed to prevent, detect and remediate malicious programming on individual computing devices and IT systems. Antimalware software protects against infections caused by many types of malware, including viruses, worms, Trojan horses, rootkits, spyware, key loggers, ransomware and adware. The intent of malware is that of promoting rogue product, redirecting your legitimate browsing to their scam sites, intercepting your transactions, and gathering as much of your personally identifying information as possible, all for financial gain. 10. Turn on Firewall: Windows Firewall or any other firewall app can help notify you about suspicious activity if a virus or worm tries to connect to your PC. it can also block viruses, worms, and hackers from trying to download potentially harmful apps to your PC. 11. Use VPN or Proxy: What is VPN? : A VPN is secure connection between your computer and server. All your internet traffic and browsing data goes through that remote server. To the outside world, the anonymous server is doing the browsing, not you. ISPs, government agencies, hacker or anyone else can’t track your activity online. In the past, VPNs were mainly used by companies to securely link remote branches together or connect roaming employees to the office network, but today they’re an important services for consumer too, protecting them from attacks when they connect to public wireless networks.
7 TOP 5 FREE VPNs 1. TunnelBear: Your IP address is the unique number that websites use to determine your physical location and track you across different sites. Use TunnelBear VPN to keep your IP address private from websites, hackers and advertisers. TunnelBear VPN shields your personal information from prying third-parties and hackers on public WiFi, ISPs and other local networks. Your connection is secured with bear-grade (that’s strong) AES 256-bit encryption. 2. OpenVPN: OpenVPN Access Server is a full featured secure network tunneling VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN client software packages that accommodate Windows, MAC, Linux, Android, and iOS environments. OpenVPN Access Server support a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control. 3. Hotspot Shield: Hotspot Shield is possibly the most popular free VPN client in the world. It made waves when Hulu was launched as it allowed users to watch Hulu even when it was blocked. Now, they have US & UK based VPN services which you can use to protect yourself from WiFi Snoopers, identity thefts, and censorships. The best part is, Hotspot Shield provides unlimited bandwidth and works on both PC & Mac.
8 4. VPNBook: It’s a free VPN service and comes with most advanced cryptographic techniques to keep you safe on the internet. VPNBook strives to keep the internet a safe and free place by providing free and secure PPTP and OpenVPN service access for everyone. From our tests, we have found that VPNBook is Romania based and claims that they do not collect any information or log any internet activity. 5. UltraVPN: UltraVPN is a French VPN client that hides your connection from unwanted ears and allows you to use blocked applications. It is also based on OpenVPN service. Traffic is quota is unlimited. Bandwidth is 50kb/s depending on network conditions. What is Proxy? : A Proxy server is a computer that acts as an intermediary between the user’s computer and the Internet. It allows client computers to make indirect network connection to other network services. If use proxy server. Client computers will first connect to the proxy server, requesting some resources like web pages, games, videos, mp3, e-books, and any other resources which are available from various servers over internet. Nowadays, we use proxy server for various purpose like sharing internet connections on a local area network, hide our IP address, implement Internet access control, access blocked websites and so on.
9  To share Internet connection on a LAN. Some small businesses and families have multiple computers but with only one Internet connection, they can share Internet connection for other computers on the LAN with a proxy server.  To hide the IP address of the client computer so that it can surf anonymous, this is mostly for security reasons. A proxy server can act as an intermediary between the user's computer and the Internet to prevent from attack and unexpected access. Use Proxy Server for IE  Click "Tools" -> "Internet Options" -> "Connections" -> "LAN Settings" -> select "Use a proxy server for your LAN" -> "Advanced", configure as bellow.
10 Use Proxy server for Firefox Click "Tools" -> "Options" -> "Advanced" -> "Network" -> "Connections" - > "Settings" -> "Manual proxy configuration", configure as bellow.
11 Use Proxy server for Chrome Click "Tools" -> "Settings" -> "Advanced" -> "Network" -> select "Change Proxy Settings" -> "Connection" -> "LAN Settings" -> Select "Use a proxy server for your LAN" -> "Advanced", configure as below.
12 12. Use TOR: The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses. Journalists use Tor to communicate more safely with whistle-blowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.
13 13. Don’t store password in browser: Most recent versions of web browsers prompt you to save usernames and passwords for various sites on the internet. This feature can be useful, but can also put your money and personal information at risk if you are not careful. Information Services and Technology recommends that you do not save passwords with your browser for sites which have:  Private information about you or someone else (e.g., medical records);  Private financial information (e.g., credit card numbers);  Private correspondence (e.g., email). You put yourself at risk when you save passwords for these types of sites. Below are instructions to disable the password saving feature, or to force the browser to clear all currently saved passwords, on commonly used browsers.
14 To disable password saving in internet Explorer on Windows: 1. Internet Explorer 2. Select Tools > Internet options > Content. 3. Under “AutoComplete”, click Settings. 4. To stop password saving, uncheck Usernames and password forms.
15 To clear all existing saved usernames and passwords, click on Clear Passwords, then click OK in the warning dialog box. To disable password saving in Firefox on Windows: 1. Open Firefox 2. Click on open menu 3. Under “Menu”, Click on Options
16 4. Select Privacy & Security 5. To stop password saving, uncheck Remember Logins and passwords for websites
17 To disable password saving in Chrome on Windows: 1. Open the Chrome menu using the button on the far right of the browser toolbar. 2. Choose the Settings menu option.
18 3. Click the advanced settings…located at the bottom of the page. 4. In the “Passwords and forms” section, click the Manage passwords. 5. In the Manage passwords Section. To stop password saving, turn it off this option.
19 To disable password saving in Safari on Mac OS: 1. Go to Safari Preferences. 2. Select the Autofill tab, and for AutoFill web forms toggle the option for Usernames and passwords option. 3. Select the Password tab. make sure 'AutoFill usernames and passwords' is unchecked and use the 'Remove All' to clear any saved passwords there. 14. Cover Mic and Camera with Tape: It is certainly possible for hackers to install malware on computers that allow them to turn on a computer's camera and record or take screenshots of what is going on. The threat of this can be mitigated by taking common security steps - installing anti-virus software, having a firewall, and not clicking any suspicious links in emails. For those using desktops, the best way to ensure that you're not being watched is simply to unplug your webcam. For laptop users, this isn't an option, so the approach of covering it up might be best. The Electronic Frontier Foundation even sells a specially-designed sticker set for the purpose. Mac users are a little safer - a green light next to the webcam is designed to activate any time the camera is being used, so you should be alerted to any unsolicited recording. This isn't always the case, however.
20 15. Most Importantly, Stay Informed: Stay current with the latest developments for Windows, MacOS Linux, and UNIX systems and in various smartphone operating systems. Regularly browse for security updates and important issues concerning various operating systems and applications. Most importantly, you should keep an ongoing conversation about internet safety and privacy issues. Update your children on any online scams you learn about and initiate discussions about cyberbullying, predators, sexting and more. Remember, there is no better way to protect your children from bad decisions that nurturing critical thinking and raising awareness. For tips on talking to your kids about online safety. In an increasingly security-conscious world, many of us know the basics about phishing, strong password parameters, VPNs and benefits of encryption. Why we sometimes choose to disregard those rules is another question: the important thing is that we know them and we make informed decisions, which is not always true when it comes to our children. Being security-conscious cyber citizens is not enough anymore. We must protect our children until we teach them the basics of online security.
21 Chapter-2 Internet Surfing Tips What is Internet Surfing or Browsing? A browser is a program on your computer that enables you to search ("surf") and retrieve information on the World Wide Web (WWW), which is part of the Internet. The Web is simply a large number of computers linked together in a global network that can be accessed using an address in the same way that you can phone anyone in the world given their telephone number. The Internet can be a confusing and dangerous place. Without a safety net, people can fall into the danger zones of pornography, predators, many online scams, Internet viruses, and spyware. With such free access to the Internet around the world, many have abused it as an opportunity to take advantage of others. But, there's no reason to fear the Internet. When used properly, with the right precautions and the right information; the Internet educates, positively influences, and provides a creative outlet for today's kids. Below are some tips for Surfing Internet. 1. Use private browsing in Firefox: As you browse the web, Firefox remembers lots of information for you - like the sites you've visited. There may be times, however, when you don't want people with access to your computer to see this information, such as when shopping for a present. Private Browsing allows you to browse the Internet without saving any information about which sites and pages
22 you’ve visited. Private Browsing also includes Tracking Protection, which prevents companies from tracking your browsing history across multiple sites. 2. Check for green lock and HTTPS in URL: HTTPS is a modification of the HTTP (Hyper Text Transfer Protocol) standard used to allow the exchange of content on the Internet. The “S” stands for secure, which means the HTTP connection is encrypted — preventing exchanged information from being read in plain text, or “as you see it.” Even if someone were to somehow obtain the encrypted data shared in the exchange, it would be nonsense with nearly no means of decryption to retrieve the original content. Think of HTTPS as locking a door before starting a meeting; only the parties in the room can see what is happening. 3. Keep your browser Up to Date: The most important reason to keep your browser up-to-date is for your own safety and security, and that of your computer. There are many different sorts of security threats that you can be subject to when you're browsing the web: identity theft, phishing sites, viruses, Trojans, spyware, adware, and other sorts of malware.
23 Another reason to keep your browser up-to-date is that you won't necessarily be getting the best browsing experience otherwise. You won't always know when you see a web page that isn't displaying properly – a well-designed site degrades gracefully so that you don't suffer unnecessarily with an old browser – but for the most up-to-date functions and features, you will need to update your browser regularly. 4. Think before you click on unknown links: When you’re online, don’t click something unless you know it’s from someone or something that you recognize. But there’s a reason that it’s important to repeat this. Clicking unknown links is STILL one of the most common forms of security breaches. A common thing to be aware of is that some scammers look at what information is available about you online. If your email address, job title, websites you like, etc. is online, and then there is ample opportunity for a scammer to craft something that is customized to get your attention. Your social media leaves you somewhat vulnerable because of the amount of information available online. But it’s more than just what you share.
24 5. Use NOscript add-on blocker plugins: NoScript (or NoScript Security Suite) is a free software extension for Mozilla Firefox, SeaMonkey, and other Mozilla-based web browsers, created and actively maintained by Giorgio Maone, an Italian software developer and member of the Mozilla Security Group. It allows executable web content based on JavaScript, Java, Flash, Silverlight, and other plugins only if the site hosting is considered trusted by its user and has been previously added to a whitelist. It also offers specific countermeasures against security exploits. NoScript blocks JavaScript, Java, Flash, Silverlight, and other "active" content by default in Firefox. This is based on the assumption that malicious websites can use these technologies in harmful ways. Users can allow active content to execute on trusted websites, by giving explicit permission, on a temporary or a more permanent basis. If "Temporarily allow" is selected, then scripts are enabled for that site until the browser session is closed.
25 6. Turn on do not track button: Do Not Track, the feature in web browsers and web sites that asks advertisers and data miners not to track your browsing habits, is a relatively new service. It's also typically an opt-out feature. So, here's everywhere that you can enable Do Not Track so advertisers can't snoop in on your habits. Essentially, ad and analytics companies watch what you do online, and then tailor the web experience based on your history. That means targeted ads, specific articles, and more. They typically do this through cookies in your browser. Enable Do Not Track in These Browsers: Chrome: Head into the Settings page and click "Show advanced settings." Scroll down to the Privacy section and select Do Not Track. Mobile Chrome: Head into the Settings and then Privacy > Do Not Track.
26 Firefox: Select Preferences > Privacy and check the box marked, "Tell websites I do not want to be tracked." Internet Explorer: Click the Tools button and then Internet Options > Advanced. Select "Always send Do Not Track Header." Safari: Head into Preferences > Privacy and check the box marked "Ask website not to track me." 7. Erase your trail justdelete.me: Some Web sites make it difficult to figure out how to delete your accounts. JustDelete.me can save you time by providing direct links to the cancellation pages of numerous Internet sites. Web companies don't want you to close out your accounts with them, which is understandable. If you leave, their revenue-earning potential decreases. Some companies make the process of deleting your account relatively easy, while others make it practically impossible or confusing. Just Delete Me is a list of the most popular web apps and services with links to delete your account from those services. Each one is color coded.
27 Green is easy, yellow is medium, red is difficult, and black is impossible. When you click on a service, you're automatically taken to the page where you can delete your account so you don't have to go searching for it. Likewise, you can snag the Chrome extension and be taken to the account deletion page right from the URL bar when you're on a site, as well as get up to date information about whether an account is easy to delete before you sign up. If you want to keep track of your accounts and delete as many as possible, this is a good place to start. 8. Use Sandboxie: Sandboxie uses isolation technology to separate programs from your underlying operating system preventing unwanted changes from happening to your personal data, programs and applications that rest safely on your hard drive. Web Browsing? Secure your favourite web browser and block malicious software, viruses, ransom-ware and zero day threats by isolating such attacks in the Sandbox; leaving your system protected. Email Run your favourite email program in Sandboxie so you never have to worry about suspicious attachments or spear phishing attacks. Data Protection Sandboxie prevents internet websites and programs from modifying your personal data (i.e. My Documents), files & folders on your system. Application Testing Safely test and try new programs and applications within Sandboxie and prevent unauthorized changes to your underlying system that may occur.
28 9. Use DuckDuckGo Search Engine: DuckDuckGo (DDG) is an Internet search engine that emphasizes protecting searchers' privacy and avoiding the filter bubble of personalized search results. DuckDuckGo distinguishes itself from other search engines by not profiling its users and by deliberately showing all users the same search results for a given search term. DuckDuckGo emphasizes returning the best results, rather than the most results, and generates those results from over 400 individual sources, including key crowdsourced sites such as Wikipedia, and other search engines like Bing, Yahoo!, Yandex, and Yummly. DuckDuckGo positions itself as a search engine that puts privacy first and as such it does not store IP addresses, does not log user information and uses cookies only when needed. By default, DuckDuckGo does not collect or share personal information. 10. Use Disconnect Search Engine: Disconnect Search already makes your searches—no matter what engine you choose, whether it's Google, Bing, Yahoo, or even the already-private DuckDuckGo—completely private and untraceable. Searches are routed through Disconnect and
29 Anonymized, so they appear to come from Disconnect instead of a specific user. Plus, those queries are encrypted, so ISPs (or anyone riding their lines) can't see what you're looking for. Disconnect also never logs keywords, IP addresses, or other personally identifiable information. Each search is just as anonymous as the first one. The service has been available in the form of a browser extension and an Android app up to this point, but if you don't want to install anything (or can't, because you're at work), you can head right over to their website to search directly. Hit the link below to give it a try. https://search.disconnect.me/ 11. Lukol: Lukol uses a proxy server to deliver customized search results from Google using its enhanced custom search yet conserves your privacy by removing traceable entities. Lukol is considered as one of the best private search engines that protects from online fraudsters and keeps the spammers away by safeguarding you from misleading or inappropriate sites. It ensures full anonymity of your searches. https://www.lukol.com/
30 12. Use lightbeam: Lightbeam is a Firefox add-on that enables you to see the first and third party sites you interact with on the Web. Using interactive visualizations, Lightbeam shows you the relationships between these third parties and the sites you visit.
31 13. Use TOR for no Digital Trace: Another way to go anonymous, when you are browsing is to install the TOR browser. This one comes is based on too many VPN-style features that make your Internet activity to bounce around different parts of the world, making it a lot tougher for both the government and companies to find. When you are using this, you should not share your personal credentials at all. 14. Use uBlock Origin add-on for ad blocker: uBlock Origin is a free and open source, cross- platform browser extension for content-filtering, including ad-blocking. The extension is available for several browsers: Safari (Beta), Chrome, Chromium, Edge, Firefox, and Opera. uBlock Origin has received praise from technology websites, and is reported to be much less memory-intensive than other extensions with similar functionality. uBlock Origin's stated purpose is to give users the means to enforce their own (content-filtering) choices.
32 15. Panopticlick: Panopticlick is a research project designed to better uncover the tools and techniques of online trackers and test the efficacy of privacy add-ons. When you visit a website, you are allowing that site to access a lot of information about your computer's configuration. Combined, this information can create a kind of fingerprint — a signature that could be used to identify you and your computer. Some companies use this technology to try to identify individual computers.
33 16. Use VirusTotal Website: VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners. VirusTotal’s mission is to help in improving the antivirus and security industry and make the internet a safer place through the development of free tools and services. https://www.virustotal.com/#/home/upload
34 Chapter-3 Introduction To Mobile Security Mobile Security is also known as Mobile Device Security has become increasingly important. According to ABI Research number of unique mobile threats grew by 261% in last two quarters of 2012.There are mainly three targets of an attacker Data, Identity and Availability. Threats to mobile device include Botnets, Malicious Applications, Malicious links on social networks, Spywares etc. 1. Lock your screen set passwords and user privileges: The best way to protect your phone is setting up a screen lock. Screen lock won’t allow an attacker to access your phone. You can set a screen lock in many different ways such as setting screen lock using Password, PIN, Pattern, Face Detection, Fingerprint etc. A user privilege is a right to execute a particular type of SQL statement, or a right to access another user's object. The types of privileges are defined by Oracle. Roles, on the other hand, are created by users (usually administrators) and are used to group together privileges or other roles.
35 Step 1: Open the Settings Step 2: Go to Security & Fingerprint
36 Step 3: Choose Screen lock and set the password 2. Use Secured Network: It’s good to be extra careful whenever you go online using a network you don’t know or trust – like using the free Wi-Fi at your local cafe. The service provider can monitor all traffic on their network, which could include your personal information. If you are using a service that encrypts your connection to the web service, it can make it much more difficult for someone to snoop on your activity. When you connect through a public Wi-Fi network, anyone in the vicinity can monitor the information passing between your device and the Wi-Fi hotspot if your connection is not encrypted. Avoid doing important activities like banking or shopping over public networks. If you use Wi-Fi at home, you should make sure you use a password to secure your router by using
37 strong password and avoid using default password. Using default password may become an advantage for an attacker, they can change your settings and snoop on your online activity. There are two main types of encryption WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy).Your computer, router, and other equipment must use the same encryption. WPA2 is strongest; use it if you have a choice. It should protect you against most hackers. Some older routers use only WEP encryption, which likely won’t protect you from some common hacking programs. Consider buying a new router with WPA2 capability. 3. Use Anti-virus Software: Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software. Antivirus software was originally developed to detect and remove computer viruses. Antivirus software is program that help to protect your computer against most viruses, worms, Trojan horses, and other unwanted invaders that can make your computer "sick." Viruses, worms etc. performs malicious acts, such as deleting files, accessing personal data, or using your computer to attack other computers. For avoiding such malicious activities and to keep your computer healthy, install Antivirus. It is important to constantly update the anti-virus software on a computer because computers are regularly threatened by new viruses. The anti-virus updates contain the latest files needed to combat new viruses and protect your computer. These updates are generally available through your subscription. Viruses can be prevented by taking sensible precautions, including:  Keeping your operating system up to date  Using up to date anti-virus software  Not opening an email attachment unless you are expecting it and know the source (many email servers scan emails with anti-virus software on the user's behalf)  Back up your computer  Use a strong password  Use a firewall  Use a pop-up blocker  Scan your system weekly
38 4. Update your Mobile OS: Updating mobile’s OS is necessary because it keeps your mobile free from the viruses. If one will not update its mobile’s operating system regularly he/she needs to face the repercussions and the repercussions may lead to the loss of sensitive data. Before you proceed, be sure to backup all of your data, just in case something goes wrong with the update. You should be backing up your information regularly. There is a multitude of backup apps available out there from carriers, manufacturers, and third parties, download and use it (Verify before using third party applications). Download and use How to update your mobile’s Operating System: Step 1: Go to Settings
39 Step 2: Select System Updates Step 3: Click on Download Now
40 Rooting is always an option - If you want the latest OS as soon as it's available, you can always choose to root your phone, which enables you to access updates when you want them. That's just one of the many benefits of rooting your Android device. You'll also be able to access features not yet available to unrooted Android smartphones and tablets, and you'll have more control over your device to boot. Steps for rooting – (Rooting may lead to some disadvantages) Step 1: Free download KingoRoot.apk. Step 2: Install KingoRoot.apk on your device. Step 3: Launch "Kingo ROOT" app and start rooting. Step 4: Waiting for a few seconds till the result screen appear. Step 5: Succeeded or Failed.
41 5. Use Lock Code Apps and Vaults : Use of lock codes and vaults is mainly for the applications that you have downloaded on your device. Lock codes and vaults can help you in securing your apps by some code or password. It is as same as putting PIN, Pattern or Password on your device, you can download Vaults or Lock Code Apps from the PlayStore. Using Lock Code Apps or Vaults will help you in maintaining confidentiality of your personal information. According to survey 60% of the total population doesn’t use Lock Code Apps or Vaults and hence results to the personal information expose. How to download Lock Code Apps and Vaults: Step 1: Go to PlayStore Step 2: Search for the App Locks
42 Step 3: Choose wisely and Download
43 6. Use Kids/Guest modes: Guest mode is one of many new features of the new version of Android Lollipop 5.0 it mainly add two accounts first for the User and second for the Guest (unknown user). These new feature Guest Mode, which lets you hand your phone over to someone else without giving them access to any of your data. How to enable guest mode: Step 1: Go to Settings -> User Step 2: Click on Guest or Add user
44 7. Set up SIM Lock: A SIM lock, simlock, network lock, carrier lock or (master) subsidy lock is a technical restriction built into GSM (Global System for Mobile) and CDMA (Code Division Multiple Access) mobile phones by mobile phone manufacturers for use by service providers to restrict the use of these phones to specific countries and/or networks. Lock your SIM card with a PIN (personal identification number) to require an identification code for phone calls and cellular-data usage. The wrong guess can permanently lock your SIM card, which means that you would need a new SIM card. SIM lock requires your lock screen PIN, pattern, password, or fingerprint and SIM card to be in place before the phone can be unlocked. Now, a few things you should be aware of before setting up SIM Lock. First off, you’ll need to know your carrier’s default unlock code. For many, this is just 1111, but be aware: if you enter this incorrectly three times, it will render your SIM useless (that’s part of the security of it, after all). You can start by trying 1111, but if that doesn’t work on the first try, you’ll probably need to contact your carrier to get the default code. How to set up SIM lock:
45 Step 1: Go to Settings Step 2: Search for SIM Lock
46 Step 3: Set up SIM Lock
47 8. Keep Sensitive Files of your Phone on Cloud Storage: Cloud Storage is a service where data is remotely maintained, managed, and backed up. The service allows the users to store files online, so that they can access them from any location via the Internet. Instead of storing information to your computer's hard drive or other local storage device, you save it to a remote database. The Internet provides the connection between your computer and the database. On the surface, cloud storage has several advantages over traditional data storage. Users can scale services to fit their needs, customize applications, and access cloud services from anywhere with an Internet connection. Enterprise users can get applications to market quickly without worrying about underlying infrastructure costs or maintenance. Data security is a major concern, and although options are currently limited, they exist. The most secure is likely however, the biggest cause of concern for Cloud storage isn't hacked data. 9. Do not install random apps from unknown sources: Installing applications from unknown sources may harm your device. Unknown apps can come with Viruses, Trojans, Spyware, Adware etc. which can harm your device in different ways. In all devices there is an option of enabling the Unknown source which will not allow any random applications to be downloaded on your device. How to enable Unknown source option: Step 1: Go to settings
48 Step 2: Search for Security
49 Step 3: Open Security and enable the Unknown Source option 10. Disallow any unwanted permissions on the apps which don’t require them to run on android device manager for remote swipe and track location: Do you actually read the list of permissions that Android apps are asking for before you install them? I know most of us treat those permissions like terms and conditions, blindly tapping our way through. But if you actually do, you would be aware of their reach. Some of your apps can make phone calls. Some can track your location. Some can read your browsing history, contacts, SMS, photos,
50 calendar. No doubt, Google’s Android mobile operating system has a powerful app permission system that forces app developers to mention the exact permissions they require. But there is a major issue for Android users, by default it is a Take-it-or-Leave-it situation, which means you can choose to install the app, granting all those permissions or simply, not install it. Controlling these permissions as a user is possible, and there are apps that make it easier for you to control each single permission you grant to an app. You can first install an app like Permission Explorer that allows you to filter apps and permissions by categories, giving you a much more detail about the permissions you granted to the app. You can also try similar apps like Permissions Observatory and App Permissions as well. These apps will help you know if there are any apps with problematic permissions that need to be revoked or perhaps even uninstalled completely. Once you have found some offending apps with unnecessary app permissions, it is time to revoke those permissions. One of the popular apps is App Ops that allows you to block permissions to individual apps. 11. Turn off your Wi-Fi, Bluetooth and NFC if you are not using it: The ornate N is there to let you know that your phone currently has NFC switched on. NFC, or Near Field Communication, is a technology that allows devices to exchange information simply by placing them next to one another. You may well have already encountered NFC if you’ve paid for public transport with an Oyster card, or used the new tap-to-pay feature with your bank card to buy something. Smartphones use NFC to pass photos, contacts, or any other data you specify between NFC enabled handsets. It is also the method used by Android Pay and Samsung Pay. How to turn-off NFC:
51 You intuitively know why you should bolt your doors when you leave the house and add some sort of authentication for your smartphone. But there are lots of digital entrances that you leave open all the time, such as Wi- Fi and your cell connection. It's a calculated risk, and the benefits generally make it worthwhile. That calculus changes with Bluetooth. Whenever you don't absolutely need it, you should go ahead and turn it off. Minimizing your Bluetooth usage minimizes your exposure to very real vulnerabilities. That includes an attack called BlueBorne, which would allow any affected device with Bluetooth turned on to be attacked through a series of vulnerabilities. The flaws aren't in the Bluetooth standard itself, but in its implementation in all sorts of software. Windows, Android, Linux, and iOS have been vulnerable to BlueBorne in the past. Millions could still be at risk. 12. CM Security Application: This is the security application available on the PlayStore and it is very useful. It is excellent in call blocking and VPN services and it also has nice visuals. Steps for CM security application:
52 Step 1: Download the CM Security & Find My Phone App Head on over to the Play Store and download CM Security. Once the app has downloaded, open up the app and tap ‘Scan,’ which is located in the middle of the screen. CM Security will then scan all of the apps on your device to detect any viruses, Trojans, vulnerabilities, adware and spyware. Step 2: Scan SD Card By tapping on the ellipsis on the top right-hand corner, you can tap on ‘Scan SD Card.’ CM Security will then scan the external SD cards to detect any threats, and will alert you if any threats are detected. Step 3: Clean Up Junk You can clean up junk on your Android phone or tablet by tapping on the ellipsis on the top right-hand corner and tapping on ‘Clean Up Junk.’ You
53 will then see what apps are taking up the most storage on your Android phone or tablet. Simply check the apps that you want to cache the junk and tap ‘Solve.’ Step 4: Boost Memory After you cleaned up the junk on your Android phone or tablet, you can then remove apps that are taking up space to boost the memory on your device. Just check the apps you want to remove and tap ‘Boost’ on the bottom of the screen. You can also enable ‘game boost’ to make sure the games on your device run smoothly. Step 5: Find Your Phone & Prevent Unwanted Phone Calls One of CM Security’s best features is that you can locate your Android phone. You can either go to the ellipsis in the top right-hand corner or tap on ‘Find Phone,’ or you can visit https://findphone.cmcm.com. You will need to logon to the website with your email address. CM Security will ask you to set a CM Security password and you will be able to locate your phone on a map. By tapping on ‘Yell,’ you can make the device yell to find it. The ‘Yell’ button will make your device play a loud sound for 60 seconds, even if your device is set to silent. You can also lock your device to protect your privacy. If anyone tries to break into your phone and enters the incorrect password 3 or more times, the app will take a picture of the infiltrator. CM Security allows you to block unwanted phone calls. You can block unwanted phone calls by tapping tapping ‘Call Blocking.’ CM Security will then block all unwanted calls in your blocking blacklist. Step 6: Schedule Routine Scanning To schedule a routine automatic scan, go to the ellipsis in the right-hand corner and tap on ‘Scheduled scan.’ You can then select if you want to do a routine automatic scan once a day, once a week or once a month.
54 Chapter-4 Password Protection Most people don’t realize there are a number of common techniques used to crack passwords and plenty more ways we make our accounts vulnerable due to simple and widely used passwords. How to get hacked? Dictionary attacks: Avoid consecutive keyboard combinations— such as QWERTY or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs. Cracking security questions: Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research. When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked. Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favourite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.” Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.
55 Social engineering: Social engineering is an elaborate type of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information. How to make them secure 1. Make sure you use different passwords for each of your accounts. 2. Be sure no one watches when you enter your password. 3. Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password. 4. Use comprehensive security software and keep it up to date to avoid key loggers (keystroke loggers) and other malware. 5. Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords. 6. Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection. 7. Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself. 8. Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year. 9. Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier. 10. Strong passwords are easy to remember but hard to guess. Iam:)2b29! — This has 10 characters and says “I am happy to be 29!” I wish. 11. Use the keyboard as a palette to create shapes. %tgbHU8*- Follow that on the keyboard. It’s a V. The letter V starting with any of the top keys. To change these periodically, you can slide them across the keyboard. Use W if you are feeling all crazy.
56 12. Have fun with known short codes or sentences or phrases. 2B-or- Not_2b? —This one says “To be or not to be?” 13. It’s okay to write down your passwords, just keep them away from your computer and mixed in with other numbers and letters so it’s not apparent that it’s a password. 14. You can also write a “tip sheet” which will give you a clue to remember your password, but doesn’t actually contain your password on it. For example, in the example above, your “tip sheet” might read “To be, or not to be?” 15. Check your password strength. If the site you are signing up for offers a password strength analyser, pay attention to it and heed its advice. 1. Don’t fill out your social media profile: The more information you share online, the easier it’s going to be for someone to get their hands on it. Don’t cooperate. Take a look at your social media profiles and keep them barren—the people who need to know your birth date, email address and phone number already have them. And what exactly is the point of sharing everything about yourself in your Facebook profile? If you care about your privacy, you won’t do it. Think twice about sharing your social security number with anyone, unless it’s your bank, a credit bureau, a company that wants to do a background check on you or some other entity that has to report to the IRS. If someone gets their hands on it and has information such your birth date and address they can steal your identity and take out credit cards and pile up other debt in your name.
57 Even the last four digits of your social security number should only be used when necessary. The last four are often used by banks and other institutions to reset your password for access your account. Plus, if someone has the last four digits and your birth place, it’s a lot easier to guess the entire number. That’s because the first three are determined by where you, or your parents, applied for your SSN. And the second set of two are the group number, which is assigned to all numbers given out at a certain time in your geographic area. So a determined identity thief with some computing power could hack it given time. 2. Lock down your hardware: Set up your PC to require a password when it wakes from sleep or boots up. Sure, you may trust the people who live in your house, but what if your laptop is stolen or you lose it? Same thing with your mobile devices. Not only should you use a passcode to access them every time you use them, install an app that will locate your phone or tablet if it’s lost or stolen, as well as lock it or wipe it clean of any data so a stranger can’t get access to the treasure trove of data saved on it. And, make sure your computers and mobile devices are loaded with anti-malware apps and software. They can prevent prevent criminals from stealing your data. We recommend Norton Internet Security ($49.99 on norton.com or $17.99 on Amazon) in our computer security buying guide or stepping up to Norton 360 Multi-Device ($59.99 on norton.com or $49.99 on Amazon) if you have mobile devices. And, you’ll want to double up your protection on Android devices by installing, since we found anti-malware apps are dismal at detecting spyware.
58 3. Use a password vault that generates and remembers strong and unique passwords: Most people know better than to use the same password for more than one website or application. In reality, it can be impossible to remember a different one for the dozens of online services you use. The problem with using the same password in more than one place is if someone gets their hands on your password—say, through a phishing attack—they can access all your accounts and cause all sorts of trouble. To eliminate this dilemma, use a password manager that will not only remember all your passwords, but will generate super strong and unique ones and automatically fill them into login fields with the click of a button. LastPass is an excellent and free choice. 4. Use two-factor authentication: You can lock down your Facebook, Google, Dropbox, Apple ID, Microsoft, Twitter and other accounts with two-factor authentication. That means that when you log in, you’ll also need to enter a special code that the site texts to your phone. Some services require it each time you log in, other just when you’re using a new device or web browser. The Electronic Frontier Foundation has a great overview of what’s available. Two-factor authentication works beautifully for keeping others from accessing your accounts, although some people feel it’s too time
59 consuming. But if you’re serious about privacy, you’ll put up with the friction. 5. Lie when setting up password security questions: “What is your mother’s maiden name?” or “In what city were you born?” are common questions websites often ask you to answer so as to supposedly keep your account safe from intruders. In reality, there’s nothing secure about such generic queries. That’s because someone who wants access to your account could easily do some Internet research to dig up the answers. Not sure you can remember your lies? You can create “accounts” in your password manager just for this purpose. Do you know any other good privacy tips? Let us know in the comments below!
60 Chapter-5 Email and Chatting tips Use encrypted emails like Proton mail ProtonMail is an encrypted email service that takes a radically different approach to email security. Find out how ProtonMail security compares to Gmail security. ProtonMail became the world’s first email service to protect data with end- to-end encryption, and today is the world’s most popular secure email service with millions of users worldwide. ProtonMail’s technology is often misunderstood by tech writers (and sometimes incorrectly represented in the press), so this article aims to provide a clear description of how ProtonMail’s technology is different from Gmail, and what makes ProtonMail more secure. Make a separate account for subscriptions Recommendation: When creating multiple New Relic accounts, use the same license key for applications on the same host. This enables those applications to be linked together in New Relic. To create additional accounts with the same email address: 1. Use the same email address and password to sign up for one or more accounts.
61 2. Create a separate account for each subscription level you want to use. 3. Configure your mission-critical hosts to use the master account's license key. 4. Use license keys from your inexpensive or free accounts for your remaining hosts. Use encrypted P2P chatting app like “Signal” Open Whisper Systems' Signal is probably the best-known messaging app for mobile users concerned about their privacy. It is a free app that provides messaging and voice-call services - and everything is completely end-to-end encrypted. You can send text messages to individuals and groups, place calls, share media and other attachments to your phone contacts, and more. Read all the permission that third party application want to access in your E-mail account. Many third-party productivity apps that might be installed by business users in your organization request permission to access user information and data and sign in on behalf of the user in other cloud apps, such as Office 365, G Suite and Salesforce. When users install these apps, they often click accept
62 without closely reviewing the details in the prompt, including granting permissions to the app. This problem is compounded by the fact that IT may not have enough insight to weigh the security risk of an application against the productivity benefit that it provides. Because accepting third- party app permissions is a potential security risk to your organization, monitoring the app permissions your users grant gives you the necessary visibility and control to protect your users and your applications. Remove access of third party application from your accounts. When you use an application or web service that requires access to an account — for example, anything in your Google account, files in your Dropbox account, tweets on Twitter, and so on — that application generally doesn’t ask for the service’s password. Instead, the application requests access using something called OAuth. If you agree to the prompt, that app gets access to your account. The account’s website provides the service with a token it can use to access your account. This is more secure than just giving the third-party application your password because you get to keep your password. It’s also possible to restrict access to specific data — for example, you might authorize a service to access your Gmail account but not you’re files in Google Drive or other data in your Google account.
63 Delete unused account - search for "confirm your email" After the recent Heartbleed bug scare, some of you may want to go and delete those dormant accounts you never use any more. For a quick way to find such sites you signed up on, go to your inbox and search for the term: "Confirm your email. "When something like the Heartbleed security bug hits millions of people, our standard advice is to change your passwords across all the affected services. With Heartbleed, the list was so large that it was advisable to go back to every account you have signed up at. And if many of them are unused, it kind of makes sense to just delete them in case some other security flaw in the future compromises you. If you are lucky, you use Lastpass to manage all your accounts and you can just delete everything from that list. But if that's not the case, chances are, you have used one or two email accounts to sign up at all these web sites over the years. Searching for "confirm your email" (first with the quotes, then without) in your inbox gives you a list of most of these websites, after which it's a matter of going there and deleting your account. The trick is similar to, and inspired by, searching for "unsubscribe" to purge newsletters in your email.
64 Be conscious of what information you reveal Historically, most research on the nature of consciousness. the most puzzling phenomenon in nature has focused on visual perception. This perception-based research has led to great insights regarding the nature of conscious processing. One of these insights is that conscious processing involves a kind of integration across neural systems and information-processing structures that is not achievable by unconscious processes. This is known as the integration consensus. When process X occurs consciously, it activates a wide network of regions that is not activated when that same process occurs unconsciously. 2FA An extra layer of security that is known as "multi factor authentication" In today's world of increasing digital crime and internet fraud many people will be highly familiar with the importance of online security, logins, usernames and passwords but if you ask them the question "What is Two Factor Authentication?" the likelihood is they will not know what it is or how it works, even though they may use it every single day. With standard security procedures (especially online) only requiring a simple username and password it has become increasingly easy for criminals (either in organised gangs or working alone) to gain access to a user's private data such as personal and financial details and then use that information to commit fraudulent acts, generally of a financial nature. Mailvelope Mailvelope is a free and open source browser extension that allows you to send and receive encrypted email text and attachments when using webmail services. It relies on the same form of public key encryption as GnuPG and PGP. Mailvelope is a browser extension that allows you to encrypt, decrypt, sign and authenticate email messages and files using
65 OpenPGP. It works with webmail and does not require you to download or install additional software. While Mailvelope lacks many of the features provided by Thunderbird, Enigmail and GnuPG, it is probably the easiest way for webmail users to begin taking advantage of end-to-end encryption. Guerrilla Mail Guerrilla Mail gives you a disposable email address. There is no need to register, simply visit Guerrilla Mail and a random address will be given. You can also choose your own address. You can give your email address to whoever you do not trust. You can view the email on Guerrilla Mail, click on any confirmation link, and then delete it. Any future spam sent to the disposable email will be zapped by Guerrilla Mail, never reaching your mail box, keeping your mail box safe and clean. Zoho mail: Zoho Mail is an amazing email platform that offers a mixture of ad-free, clean, minimalist interface and powerful features that are geared for business and professional use. Experience a fast, clean, Webmail that has powerful features matching or even superior to those you will find in desktop email clients. Immediately control of your inbox and get the freedom you need from tedious software upgrades. Zoho Mail suite has Zoho Docs. This means your team can create, collaborate, and edit text, presentation as well as spreadsheet documents
66 with the help of the most sophisticated online editors. You will experience faster work and better productivity with your online office. iCloud mail If you have an Apple ID, then you have an iCloud email account. This free account gives you up to 5GB storage for your emails, minus what you use for documents and other data you store in the cloud. It’s easy to work with your iCloud email from Apple’s Mail, on the Mac, or on an iOS device. Still, you may not know about the many extra options and features available if you log into iCloud on the Web. Before you can take advantage of any of the following tips, you need to turn on iCloud. If you already have an Apple ID, which you use on the iTunes store, you may never have set up iCloud. Sigiant SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at sigaint.org for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired. The service was recommended by various security specialists as a highly secure email service.
67 Mail2Tor Mail2Tor is a Tor Hidden Service that allows anyone to send and receive emails anonymously. It is produced independently from The Tor Project. For more information, or to signup for your free @mail2tor.com account (webmail, smtp, pop3 and imap access) Please visit our tor hidden service at http://mail2tor2zyjdctd.onion You will need to have Tor software installed on your computer to securely access Mail2Tor hidden service Mail2Tor consists of several servers, a Tor hidden service, and an incoming and outgoing internet facing mail servers. These internet facing mail servers are relays. They relay mails in and out of the Tor network. The relays are anonymous and not tracable to us. The only thing stored on the hard drive of those servers is the mail server, and the Tor software. No emails or logs or anything important are stored on those servers, thus it doesn't matter if they are seized or shut down. We are prepared to quickly replace any relay that is taken offline for any reason. The Mail2Tor hidden service and SMTP/IMAP/POP3 are on a hidden server completely separate from the relays. The relays do not know (and do not need to know) the IP of the hidden service. Because the communications between the relays and the "dark server" occur through the tor network, without using traditional internet protocols (ip).
68 This hidden server is not one of the Tor network nodes/public servers, whose IPs are known. It is a private server that does not route traffic for tor users, but it is devoted exclusively to exchange data with Mail2Tor relays. The entire contents of the relays are immediately deleted and it is not possible to "sniff" data because transmitted in encrypted way. SAFe-mail SAFe-mail is a highly secure communication, storage, sharing and distribution system for the Internet. It provides email, instant messaging, data distribution, data storage and file sharing tools in a suite of applications that enable businesses and individuals to communicate and store data with privacy and confidence. Every application is secured by state-of-the-art encryption ensuring the highest level protection and privacy to users. Within the overall system as with each application, security is not an add-on feature but has been designed in to the fundamental architecture of the system. Safe-mail is provided as a hosted facility and offers the following services:  PrivateMail - a single account that brings together the best in email messaging for the individual user and provides a very secure online storage place for important documents and data. Register for a free account and you get 3MB of disk space to test drive the system. Then upgrade to a larger account through the StoragePlus program published under Premium Services.  BusinessMail - the perfect secure communication system for your organization. Create and manage multiple email addresses under your own domain and bring your staff and customers together in one secure private community.
69 Spam Gourmet SpamGourmet (free) has some interesting innovations, but it also has limitations on how many messages each address will be able to accept. There are two modes, No- brainer and Advanced. In the former, you get a user name and then you can give out self-destructing addresses in the form whatever.n.username@spamgourmet.com, where whatever is some word you choose and is the number of messages (up to 20) that you can receive at that address until it self-destructs—after which messages will return errors. For example, crazylegs.4.larryseltzer@spamgourmet.com will be able to receive four messages, and then senders will get error messages. The problem is, anyone can send you a message using a disposable account that you did not create: for example, IAMSPAM.20.larryseltzer@spamgourmet.com. Enigmail Enigmail is a seamlessly integrated security add-on for Mozilla Thunderbird. It allows you to use OpenPGP to encrypt and digitally sign your emails and to decrypt and verify messages you receive. Enigmail is free software. It can be freely used, modified and distributed under the terms of the Mozilla Public License. Sending unencrypted emails is like sending post cards – anyone and any system that process your mails can read its content. If you encrypt your emails, you put your message into an envelope that only the recipient of the email can open.
70 Thunderbird Thunderbird is an email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client. The vanilla version was not originally a personal information manager (PIM), although the Mozilla Lightning extension, which is now installed by default, adds PIM functionality. Additional features, if needed, are often available via other extensions. Thunderbird can manage multiple email, newsgroup, and news feed accounts and supports multiple identities within accounts. Features such as quick search, saved search folders ("virtual folders"), advanced message filtering, message grouping, and labels help manage and find messages. On Linux-based systems, system mail (movemail) accounts are supported. Thunderbird provides basic support for system- specific new email notifications and can be extended with advanced notification support using an add-on. Thunderbird incorporates a Bayesian spam filter, a whitelist based on the included address book, and can also understand classifications by server- based filters such as SpamAssassin. maskme addon Now you never have to give out your personal information online again. MaskMe creates disposable email addresses, phone numbers, and credit cards, so you can enjoy all the web has to offer without surrendering your personal data in exchange. The Details: - Every time you sign up for a site or shop the web, MaskMe will be by your side. -Choose to Mask your email address, phone number, or credit card, using unique, disposable info that MaskMe creates and autofills on the spot. It works instantly, every time, everywhere.
71 - Ensures you never miss important communication, but also puts you in control so you can stop spammers, telemarketers, and hackers in one click. - Convenient, fast, & easy-to-use. ghostery addon to block ads Ghostery is the first browser extension that makes your web browsing experience faster, cleaner and safer by detecting and blocking thousands of third-party data- tracking technologies – putting control of their own data back into consumers’ hands. Launched in 2009, Ghostery has more than seven million monthly active users who access the tool via the free apps or browser extensions. With its intuitive user interface, Ghostery enables average internet users to protect their privacy by default, while expert users benefit from a broad set of features and settings. The Ghostery apps and browser extensions are developed and operated by Ghostery, Inc. The company is headquartered in New York and is a fully-owned subsidiary of Cliqz GmbH. Cliqz is a German search, browser and data protection technology company backed by Mozilla and Hubert Burda Media. Neither Cliqz nor Ghostery share any data aboutindividual users with third parties.
72 Telegram Telegram is a non-profit cloud-based instant messaging service. Telegram client apps exist for Android, iOS, Windows Phone, Windows NT, MacOS and Linux. Users can send messages and exchange photos, videos, stickers, audio and files of any type. Telegram was founded by the Russian entrepreneur Pavel Durov. Its client-side code is open- source software but the source code for recent versions is not always immediately published, whereas its server-side code is closed-source and proprietary. The service also provides APIs to independent developers. In February 2016, Telegram stated that it had 100 million monthly active users, sending 15 billion messages per day. According to its CEO, as of April 2017, Telegram has more than 50% annual growth rate. Telegram's security model has received notable criticism by cryptography experts. They have argued that it is undermined by its use of a custom- designed encryption protocol that has not been proven reliable and secure, by storing all messages on their servers by default and by not enabling end-to-end encryption for messages by default. Pavel Durov has argued that this is because it helps to avoid third-party unsecure backups and to allow users to access messages and files from any device.Messages in Telegram are server-client encrypted by default, and the service provides end-to-end encryption for voice calls and optional end-to-end encrypted "secret" chats. Wickr Initially unveiled on iOS and later on Android, the Wickr app allows users to set an expiration time for their encrypted communications. In December 2014, Wickr released a desktop version of its secure communications platform.
73 The release of the desktop Wickr app coincided with introducing the ability to sync messages across multiple devices, including mobile phones, tablets, and computers. All communications on Wickr are encrypted locally on each device with a new key generated for each new message, meaning that no one except Wickr users have the keys to decipher their content. In addition to encrypting user data and conversations, Wickr strips metadata from all content transmitted through the network. Since its launch, Wickr has gone through regular security audits by prominent information security organizations, which verified Wickr's code, security and policies. Wickr has also launched a "bug bounty program" that offers a reward to hackers who can find a vulnerability in the app ChatSecure ChatSecure is a messaging application for iOS which allows OTR and OMEMO encryption for the XMPP protocol. ChatSecure is free and open source software available under the GNU General Public License. ChatSecure also features built-in support for anonymous communication on the Tor network. ChatSecure has been used by international individuals and governments, businesses, and those spreading jihadi propaganda. Surespot Surespot is an open source instant messaging application for Android and iOS. Surespot is one of the modern messaging apps that has a focus on privacy and security. For secure communication it uses end-to-end encryption by default.
74 Threema Threema is a proprietary encrypted instant messaging application for iOS, Android and Windows Phone. In addition to text messaging, users can send multimedia, locations, voice messages and files. The name Threema is based on the acronym EEEMA which stands for end-to-end encrypting Messaging Application. Threema is developed by the Swiss company Threema GmbH. The servers are located in Switzerland and the development is based in the Zürich metropolitan area. As of June 2015, Threema had 3.5 million users, most of them from German-speaking countries.
75 Chapter-6 Social Media Tips People lives have gotten easier thanks to the internet. With that being said, it is important people know how to protect themselves and their personal information to avoid becoming a victim of fraud. Online criminals and fraudsters can use your information to create bogus accounts to obtain anything they want. They can also use your information for phishing or soliciting. Attempting to get private or financial information from people online is known as phishing. The act begins with an email that looks like it is from a trusted source you know. It may claim to come from a bank. The email will encourage you to click a link claiming to take you to the website to enter personal account information including your password. If you fall for the trick, they get your personal information and access to your account.
76 Here’s what you need to protect yourself: Check privacy settings When using social media sites, review privacy settings. The settings for your profile may at the defaults, and you can change them to make your account information more secure. You should also review this information in case there is something you should keep private. Limit bio information Social media websites will ask for personal information when creating an account. Use tools offered to limit what others can view when they land on your page. The privacy settings may help customize the content that is viewable. Avoid sharing account details Sensitive details such as your bank account number, social security number, or other related information should be private. Use sponsored communication options such as email, telephone, mailed letter, or direct communication via the website if you need to share such information to reduce the risk of personal details getting into the wrong hands.
77 Choose friends and add contacts wisely The reason why you signed up for a social media account is likely why you have friends and contacts on your list. Be cautious of requests from people you don’t know. You don’t have to accept every friend request. Learn features of the website When signing up for an account, get to know the features. Do this before sharing information to understand how the site functions. You can choose who can view your posts and understand how such content is shared with others. What is shared online stays online Think before you share. Because of the unique way the internet is designed, once you post something, it stays online forever. People have ways of getting information and saving to another source. So, if you don’t want to set yourself up for embarrassment, think twice before posting messages or photos. Have a good reputation when approaching job recruiters Research has shown roughly 70 percent of job recruiters have turned down applicants because of something posted to their social media page. When you’re online, conduct yourself in a manner you want people to respect you for. Keep your online presence positive and be thoughtful with what you share. Use tools to manage friends and contacts
78 Have a personal profile page to keep in contact with people you know personally. Use a fan page to appeal on a public level without risking too much of your personal information. Use tools to separate contacts into groups. You can have a list of family members, friends, co-workers, etc. Managing contacts helps you get a better idea of who is following you online. This helps determine what you can share, with whom, and when to keep things to yourself. Let others know if you are not comfortable Be respectful of opinions and things shared online between you and friends. Yet, mention when something makes you uncomfortable or when you think something is inappropriate. This helps set boundaries for what content appears on your page. Plus, you learn what people can and cannot tolerate while respecting one another. Know when to take immediate action If someone harasses you online or makes inappropriate threats, contact the administrator of the website. You can report the person and take additional action of blocking them or removing them from your list. Keep antivirus software up-to-date Keeping your antivirus system updated ensures your web browsing is protected from potential threats that may get picked up via social networking, such as clicking links or opening messages.
79 Be in control of your online presence Know what information you share and who it is being shared with. Check privacy and security settings to stay on top of information shared. Make changes as needed. Use a strong password or create a sentence Use a strong password to log in your account to reduce hacking risk. The password should be at least 12 characters long with a mix of lower and upper case letters, symbols, and numbers. Consider using a short sentence you can remember and add a number and symbol to make it more secure something like: “I love dollar bills.” The password can have spaces too. Use different passwords for each account Try keeping passwords for email and social media separate to throw off cyber criminals. For your most used or most important accounts make sure your passwords are strong. Through away or delete messages when in doubt When you get a message that seems suspicious, delete it. Don’t open it or forward its contents if you don’t trust it. People often get so many ads for different stores and businesses, it can be easier to delete it and be safe. Keep tweets protected You can choose to use a protected Twitter account if you want more control of what people can view and access. Followers who are approved
80 to follow you have access to details you post. Search engines won’t index your tweets and cannot view them in a Google search. Consider turning off Broadcast Activity on LinkedIn Use the Broadcast Activity feature to limit what information is seen by your followers. LinkedIn has a unique way of letting others know your updates. This means people and organizations you follow will get updates you post. Limit LinkedIn updates to your followers You can post updates and changes to your status like on Facebook. People can choose to subscribe to your updates. But, you can use privacy settings to select who can receive updates you post. The public doesn’t have to get your updates but a few select connects can. Use privacy settings to keep Facebook page from being indexed Use Facebook privacy settings and look for the option “Let other search engines link to your timeline.” When turned on, people who search your name through a search engine can see your Facebook profile. Potential employers may do this. If you don’t want your profile searchable in this manner, turn this feature off. Restrict friend requests Not all friend requests are true friend requests. Some are cyber criminals with nothing else better to do than to spam or phish people. They do this randomly with accounts all the time. Restrict who can send you a friend
81 request by choosing options under privacy settings and selecting “Who can contact me?” Avoid mentioning other accounts There are a few social media websites allowing users to connect their social media accounts together at once. If you are working to establish a professional and personal identity, you may want to keep them separate. Linking the accounts increases security risks and you may end up sharing something you don’t want to appear on another site. An example connect is Twitter with LinkedIn. Use settings to cut reviews for Facebook tags Use Facebook settings titled “Timeline and Tagging” section to set limits on what can be shared using your name. This is handy if friends have pictures that include you, but you may not want them shared with others. When the picture is uploaded and tagged with your name, you learn about it first. You can require an approval before it gets published. Make Facebook groups restricted Create groups on Facebook to control who sees what. You can block someone you want to keep as a friend from viewing certain posts. To do this, add the friend to the “Restricted” list when clicking on the Facebook sidebar. The posts would be marked “public,” but they are only seen by friends added to this list. Isn’t it great to have more control over who sees your social media posts? Your online security is greatly increased thanks to a few easy steps taken to control your identity when online.
82 Chapter-7 Banking Tips With so many people going online to manage their money, however, threats have arisen. Hackers, malware and fraudsters abound, ready and eager to steal online-banking passwords and the money they protect. But you don't have to resign yourself to a world of unsafe banking. Here are some online-banking security tips you can practice before signing in to your account. Each will help ensure a safe online-banking experience. Here are some useful tips for Banking: Use a script blocker on your browser:- 1. There is a small but vocal subset of users that disable Script. We should do this because of a perceived security benefit. There have been a few known vulnerabilities that can be exploited with scripting like XSS. 2. Disabling it will also prevents malicious ads from infecting our system 3. Lastly, disabling JavaScript will take up less CPU and RAM on your computer, which is to be expected. If you run something super basic, it’ll take up fewer resources. But if your computer is so old that it can’t handle modern websites, it may be time to upgrade it—as the web improves, it needs more resources to do what it does, just like any other program on your computer. You can use NoScript Security Suite for Mozilla. Script Block for Chrome.
83 Use a virtual keyboard with key randomizer:- Online Virtual Keyboard is the best Security implementation to make Sensitive data safe from “spyware” and “Trojan program”. While entering sensitive data (Username and Password) for Internet Banking, Security features recommend me to use Virtual Keyboard to protect my password. Virtual Keyboard is an online application to enter password with the help of a mouse which helps us to remain safe against key logger. Example of online Virtual keyboard:- Benefits of online Virtual Keyboard  Online Virtual Keyboard is designed to protect your password from malicious “Spyware” and “Trojan Programs”.  Use of online virtual keyboard will reduce the risk of password theft using Key loggers and Keyboard action Monitoring.  It will auto encrypt your Password entered through Online Virtual Keyboard.  Easy to Implement as Login Security. To use Online virtual Keyboard is the Best practice in websites where is to Protect sensitive data from hackers, crackers and malicious programs. Most of banks who offer online banking facility, offers Virtual keyboard to type in your password to login. Also for bloggers and freelancers who are using PayPal as their primary account to send and receive funds, should
84 start using onscreen keyboard feature of your windows system to type passwords. Onscreen Keyboard You can type “OSK” command in Run windows and it will pop up on screen keyboard which works as a full fledge keyboard: Never save sessions of banking sites on your browser:- 1. It is good practice to always log out of your online banking session when you have finished your business. This will decrease the chances of falling to session hijacking and cross- site scripting exploits. 2. You may also want to set up the extra precaution of private browsing on your computer or smart phone, and set your browser to clear its cache at the end of each session. 3. Always remember to clear cookies and cache data from browser before closing the browser. 4. Clear your browsing data and history. Never tick on “remember me” on banking websites:- Don’t stay logged in to your favourite online services all the time. We know how convenient it is to login to Facebook in the morning, or at the beginning of the week, and to tick the “Keep me logged in” box. you login once and then you don’t have to keep logging back in all the time. It’s even more easy to stay logged in via mobile apps, because typing a suitably long and secure password is harder. Indeed, many mobile apps quietly and automatically remember your password even between reboots so the app can log you back in automatically every time you restart it .The thing is, all this logged-in- forever convenience comes at the cost of reduced security.
85 Never log in banking portals on public PCs like a cyber cafe or a public Wi-Fi:- If you want to be safe then don’t login to your banking or any other sites while using public Wi-Fi or in an open network because an attacker may use man in the middle attack (MITM) to get your session Id or username and password. As there are many apps which can hijack and sniff on network and also capture packets transferring through your connection. Choose an account with two factor authentication:- Two-Factor authentication provides an additional security layer and makes it harder for an attacker to gain access to a person account because knowing victim password is not enough for taking over full account. Here are some types of 2F authentication: Something the user knows, such as a password, PIN or shared secret. Something the user has, such as an ID card, security token or a smartphone. Biometrics something the user is. These may be personal attributes mapped from physical characteristics, such as fingerprints, face and voice.
86 Systems with more demanding requirements for security may use location and time as fourth and fifth factors. For example, users may be required to authenticate from specific locations, or during specific time windows. Like google smart lock. Create a strong password:- A strong password has 12 characters of length which also includes number, characters, symbols, Capital letters, and a Lower case letters and it shouldn’t be your first name or your DOB. Some examples of strong passwords are:- 1Ki77y,.Susan53,&m3llycat Secure your computer and keep it up-to-date:- Always remember to keep a password on your computer and also update it regularly so that any new vulnerabilities found can be patched with that update. Tips for securing your computer: 1. Use an anti-virus. 2. Remember to update virus protection.
87 3. Keep a password on your computer. 4. Lock your private files and folders. 5. Update your computer regularly.  Avoid clicking through emails Avoid clicking to unsuspicious emails Phishing Phishing is the term for sending emails (considered the bait) with a link to a fake website. Once on the site, the user is tricked into giving sensitive information. For example, the link takes you to a fake site that looks like your bank, and you try to log in with your username and password. The bad guy has now captured your login info. And if he’s clever then it would redirect you to the real site afterward. You’d probably be none the wiser. Malware or “virus” downloads The link may take you to a website that infects your computer with malware like ransomware or a keylogger (a “virus” that captures everything you type into your computer like passwords and credit card numbers). Or it might even download the virus directly without going to a web page. Malicious web pages are the most common way that I see computers get infected in my day job. Why It’s Hard To Tell the Real from the Fake Most of the emails you get will be fine. The trouble is, do you know which is which? Some bogus emails are obviously fake to most people, full of misspellings and shady suggestions. But some of them look very professional. Take these for instance. They’re both fake. Would you be able to tell the difference?
88 Phishing Example 1
89 Phishing Example 2 These would fool most people. But besides looking legitimate, there are other ways to fool us.
90 Hacked email account If a spammer hacks an email account, he can send out an email blast to all the contacts stored in the account. This is dangerous because you may get a phishing email that’s actually sent from the real account of someone you know. Unless the email seems out of the ordinary, you’ll have no way of knowing. Email address spoofing Spoofing is essentially “faking”. It’s possible to spoof the sender’s address so it looks like it’s coming from someone you know, when in reality it’s coming from the bad guy’s email account. It can be very hard or impossible to tell if an email address is spoofed. It requires digging through the email header which is, itself, prone to tampering. Forwarding a phishing email Sometimes people are just naive and forward an email to you that has a malicious link in it. They might not realize it’s there, and have possibly become a victim themselves. I see it happen. Which Email Links Can I Click? Well, if you don’t click any of them you won’t have a problem. But that’s not realistic. Very few people will ever take that advice. The good news is you don’t have to. I suggest treating links like attachments. Only click it if you’re expecting it. Examples of when to click You just ordered something from Amazon. Feel free to click the shipment tracking link in the email they send you. Just make sure it’s exactly what you’re expecting. If you get a tracking link that you weren’t expecting, or for a product you don’t recognize, delete the email right away. You just signed up for an account on a website. If they send you a link to confirm your email address, it’s okay to click it. But again, make sure it’s exactly what you’re expecting and you specifically remember requesting it.
91 Examples of when NOT to click You get an unexpected email from your bank. Maybe it says that you need to log in and take care of something important. Don’t click the link they give you. If you didn’t know it was coming, there’s no guarantee it’s a legitimate email. Your friend sends you a link that you weren’t expecting. Don’t click it. Remember, the sender’s address can be spoofed or their account hacked. Yeah, I know, this is all awfully annoying, so is there anything else we can do? What To Do Instead of Clicking Links In the case of your bank or other institution, just go to the website yourself and log in. Type in the address manually in the browser or click your bookmark. That way you can see if there’s something that needs taken care of without the risk of ending up on a phishing site. In the case of your friend’s email, chances are that they copied/pasted the link into the message. That means you can see the full address. You can just copy/paste the address into the browser yourself without clicking anything. Of course, before doing that make sure you recognize the website and that it’s not misspelled. Make sure it looks like this: http://www.youtube.com/adgasLKUkjFJos&odgs and not like this: http://www.yuutube.com/adgasLKUkjFJos&odgs Other Things To Consider It’s up to you how far you want to take this. For instance, I’ve made a rule never to click links in emails notifying me that my paycheck has been deposited. Yes that really happens, and I get one every week, but automated recurring emails can be dangerous. They’re commonly faked because the bad guys know we’re expecting them.
92 The bottom line is that unless you explicitly know and trust it, avoid it. That’s all there is to it. Make this a habit and you can avoid one of the biggest mistakes in internet safety. Monitor your accounts regularly:- Learn How Banks Track Suspicious Activity We trust our banks to keep a watchful eye out for suspicious activity. That involves trust. It’s either that or we can choose to tuck all our money away in a sock beneath our bed— hopefully safely. But taking that route, for the vast majority of Americans, isn’t an option. Banks do tend protect the nation’s assets with vigilance, and they put a great deal of effort into preventing and catching suspicious banking behaviour that can indicate identity theft on a person’s account. The following behaviours are signs that could raise the red flag for banks:  Suspicious, frequent transactions. Banks keep a close eye out for transactions that are made in frequent, short periods of time, especially if there are large deposits and withdrawals made in cash or by check. Banks can rationalize the transactions by customers’ occupations and patterns of conducting business.  Numerous transactions that are made in different branches on the same day—for the same account. If these transactions are below an established bank threshold, it could mean the transactions were made to go undetected.  Activities that deviate from a person’s normal banking habits. Your bank likely has a policy in place to contact you if they detect any suspicious activity on your account. They may even choose to freeze or cancel your debit or credit card as a result. If you become a victim of identity theft or
93 fraud, there are steps that you can take to “right” the wrong and get back on the path of recovery. It’s not the bank’s responsibility to monitor each transaction to determine if it’s an instance of identity theft. You are the only one who can truly track each purchase and deposit to confirm it’s authorized – and if it’s not, it could be a sign of identity theft. As a consumer, it’s up to you to regularly check your bank statements & monitor your credit card reports for signs of identity theft. Furthermore, early detection of suspicious activity may help you to recover more quickly if there’s an indication of fraud on your credit report. Change your internet banking password at periodical intervals:- The Theory of Regular Password Changes Regular password changes are theoretically a good idea because they ensure someone can’t acquire your password and use it to snoop on you over an extended period of time. For example, if someone acquired your email password, they could log into your email account regularly and monitor your communications. If someone acquired your online banking password, they could snoop on your transactions or come back in several months and attempt to transfer money to their own accounts. If someone acquired your Facebook password, they could log in as you and monitor your private communications. Theoretically, changing your passwords regularly — perhaps every few months — will help prevent this from happening. Even if someone did acquire your password, they’d only have a few months to use their access for nefarious purposes. Save and check all receipts against your statement:- Every time you make a transaction at the bank or ATM, you’ll receive a receipt. Be sure to save your receipts and write the information in your transaction register. That’s a small notepad you’ll receive when you open your account. Add your deposits, subtract your withdrawals, and keep
94 track of your current balance — the exact amount you have in your account right now. Keeping track will help you avoid spending more than you have in your account. That’s called an overdraft — and the fees and penalties can be expensive! At the end of the month, the bank will send you a statement. It lists your balance at the beginning and end of the statement month, and all of the transactions that the bank has processed during the statement month. Every month, review your statement along with your register and your receipts to make sure that your records and the bank’s records agree. And if your bank offers online banking, you won’t have to wait for your statement to review your account activity. Online banking gives you access to review your accounts any time. The keys to account management: Save your transaction receipts. Record every transaction in your register Avoid spending more than you have. Review your statement every month. Make sure your records and the bank’s records agree.
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual

Empfohlen

Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYFaMulan2
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awarenessMichel Bitter
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rulesritz482
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity AwarenessJoshuaWisniewski3
 
Securitytips
SecuritytipsSecuritytips
SecuritytipsSantosh Khadsare
 
Cyber Security and Cyber Awareness Tips manual 2020
Cyber Security and Cyber Awareness Tips manual 2020Cyber Security and Cyber Awareness Tips manual 2020
Cyber Security and Cyber Awareness Tips manual 2020Jay Nagar
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 

Empfohlen

Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYFaMulan2
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awarenessMichel Bitter
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rulesritz482
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity AwarenessJoshuaWisniewski3
 
Securitytips
SecuritytipsSecuritytips
SecuritytipsSantosh Khadsare
 
Cyber Security and Cyber Awareness Tips manual 2020
Cyber Security and Cyber Awareness Tips manual 2020Cyber Security and Cyber Awareness Tips manual 2020
Cyber Security and Cyber Awareness Tips manual 2020Jay Nagar
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityQuick Heal Technologies Ltd.
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteDOFJLCCDD
 
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesMark Jhon Oxillo
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tipsACE Software n Web Solutions
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safetyMOHAMMADZAINULABIDEE3
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and securityjovellconde1
 
Cyber security
Cyber securityCyber security
Cyber securityDebaroy1995
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crimezahid_ned
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteJuan Miguel Palero
 
Internet security
Internet securityInternet security
Internet securityCarmen Gorda
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsLeelet1121
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposterWarsi Wa
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Online safety and malwares
Online safety and malwaresOnline safety and malwares
Online safety and malwaresFersie Ann Malacas
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsRonalyn_Cao
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanismCAS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxHAYDEECAYDA
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 

Weitere ähnliche Inhalte

Was ist angesagt?

Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteDOFJLCCDD
 
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesMark Jhon Oxillo
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and securityjovellconde1
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteJuan Miguel Palero
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsLeelet1121
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposterWarsi Wa
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsRonalyn_Cao
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanismCAS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 

Was ist angesagt? (20)

Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and Etiquette
 
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment TechnologiesOnline Safety, Security, Ethics, and Netiquette - Empowerment Technologies
Online Safety, Security, Ethics, and Netiquette - Empowerment Technologies
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tips
 
Presentation on cyber safety
Presentation on cyber safetyPresentation on cyber safety
Presentation on cyber safety
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
Online safety and security
Online safety and securityOnline safety and security
Online safety and security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
 
Internet security
Internet securityInternet security
Internet security
 
Internet Threats
Internet ThreatsInternet Threats
Internet Threats
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposter
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
Online safety and malwares
Online safety and malwaresOnline safety and malwares
Online safety and malwares
 
Internet Threats
Internet ThreatsInternet Threats
Internet Threats
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanism
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
 

Ähnlich wie Cyber security and Privacy Awareness manual

TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxHAYDEECAYDA
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
Slicksheet best practicesforkeepingyourhomenetworksecure
Slicksheet best practicesforkeepingyourhomenetworksecureSlicksheet best practicesforkeepingyourhomenetworksecure
Slicksheet best practicesforkeepingyourhomenetworksecureMargus Meigo
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guideNguyen Xuan Quang
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsConnecting Up
 
Importance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionImportance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionHTS Hosting
 
Tips to remove malwares
Tips to remove malwaresTips to remove malwares
Tips to remove malwaresanthnyq
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfANJUMOHANANU
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Cyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraCyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraPranav Kumar
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catchiYogi
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityTechvera
 

Ähnlich wie Cyber security and Privacy Awareness manual (20)

TheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptxTheInternetDigitalSecurityfddreeere.pptx
TheInternetDigitalSecurityfddreeere.pptx
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Chapter 5.pptx
Chapter 5.pptxChapter 5.pptx
Chapter 5.pptx
 
Slicksheet best practicesforkeepingyourhomenetworksecure
Slicksheet best practicesforkeepingyourhomenetworksecureSlicksheet best practicesforkeepingyourhomenetworksecure
Slicksheet best practicesforkeepingyourhomenetworksecure
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guide
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 
Internet security
Internet securityInternet security
Internet security
 
M
MM
M
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
 
Hamza
HamzaHamza
Hamza
 
Importance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionImportance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat Protection
 
Tips to remove malwares
Tips to remove malwaresTips to remove malwares
Tips to remove malwares
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
Cyber attacks during COVID-19 Era
Cyber attacks during COVID-19 EraCyber attacks during COVID-19 Era
Cyber attacks during COVID-19 Era
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer Security
 

Mehr von Jay Nagar

11 best tips to grow your influence youtube
11 best tips to grow your influence youtube11 best tips to grow your influence youtube
11 best tips to grow your influence youtubeJay Nagar
 
Impact of micro vs macro influencers in 2022
Impact of micro vs macro influencers in 2022Impact of micro vs macro influencers in 2022
Impact of micro vs macro influencers in 2022Jay Nagar
 
What is Signature marketing
What is Signature marketingWhat is Signature marketing
What is Signature marketingJay Nagar
 
100+ Guest blogging sites list
100+ Guest blogging sites list100+ Guest blogging sites list
100+ Guest blogging sites listJay Nagar
 
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationJay Nagar
 
On-Page SEO Techniques By Digitech Jay
On-Page SEO Techniques By Digitech JayOn-Page SEO Techniques By Digitech Jay
On-Page SEO Techniques By Digitech JayJay Nagar
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial IntelligenceJay Nagar
 
Dynamic programming
Dynamic programmingDynamic programming
Dynamic programmingJay Nagar
 
Bluethooth Protocol stack/layers
Bluethooth Protocol stack/layersBluethooth Protocol stack/layers
Bluethooth Protocol stack/layersJay Nagar
 
GPRS(General Packet Radio Service)
GPRS(General Packet Radio Service)GPRS(General Packet Radio Service)
GPRS(General Packet Radio Service)Jay Nagar
 
Communication and Networking
Communication and NetworkingCommunication and Networking
Communication and NetworkingJay Nagar
 
MOBILE COMPUTING and WIRELESS COMMUNICATION
MOBILE COMPUTING and WIRELESS COMMUNICATION MOBILE COMPUTING and WIRELESS COMMUNICATION
MOBILE COMPUTING and WIRELESS COMMUNICATION Jay Nagar
 
Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Jay Nagar
 
Python for beginners
Python for beginnersPython for beginners
Python for beginnersJay Nagar
 
Earn Money from bug bounty
Earn Money from bug bountyEarn Money from bug bounty
Earn Money from bug bountyJay Nagar
 
Code smell & refactoring
Code smell & refactoringCode smell & refactoring
Code smell & refactoringJay Nagar
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmJay Nagar
 
Confidentiality using Symmetric Encryption
Confidentiality using Symmetric EncryptionConfidentiality using Symmetric Encryption
Confidentiality using Symmetric EncryptionJay Nagar
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniquesJay Nagar
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
 

Mehr von Jay Nagar (20)

11 best tips to grow your influence youtube
11 best tips to grow your influence youtube11 best tips to grow your influence youtube
11 best tips to grow your influence youtube
 
Impact of micro vs macro influencers in 2022
Impact of micro vs macro influencers in 2022Impact of micro vs macro influencers in 2022
Impact of micro vs macro influencers in 2022
 
What is Signature marketing
What is Signature marketingWhat is Signature marketing
What is Signature marketing
 
100+ Guest blogging sites list
100+ Guest blogging sites list100+ Guest blogging sites list
100+ Guest blogging sites list
 
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense Penetration
 
On-Page SEO Techniques By Digitech Jay
On-Page SEO Techniques By Digitech JayOn-Page SEO Techniques By Digitech Jay
On-Page SEO Techniques By Digitech Jay
 
Artificial Intelligence
Artificial IntelligenceArtificial Intelligence
Artificial Intelligence
 
Dynamic programming
Dynamic programmingDynamic programming
Dynamic programming
 
Bluethooth Protocol stack/layers
Bluethooth Protocol stack/layersBluethooth Protocol stack/layers
Bluethooth Protocol stack/layers
 
GPRS(General Packet Radio Service)
GPRS(General Packet Radio Service)GPRS(General Packet Radio Service)
GPRS(General Packet Radio Service)
 
Communication and Networking
Communication and NetworkingCommunication and Networking
Communication and Networking
 
MOBILE COMPUTING and WIRELESS COMMUNICATION
MOBILE COMPUTING and WIRELESS COMMUNICATION MOBILE COMPUTING and WIRELESS COMMUNICATION
MOBILE COMPUTING and WIRELESS COMMUNICATION
 
Global system for mobile communication(GSM)
Global system for mobile communication(GSM)Global system for mobile communication(GSM)
Global system for mobile communication(GSM)
 
Python for beginners
Python for beginnersPython for beginners
Python for beginners
 
Earn Money from bug bounty
Earn Money from bug bountyEarn Money from bug bounty
Earn Money from bug bounty
 
Code smell & refactoring
Code smell & refactoringCode smell & refactoring
Code smell & refactoring
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman Algorithm
 
Confidentiality using Symmetric Encryption
Confidentiality using Symmetric EncryptionConfidentiality using Symmetric Encryption
Confidentiality using Symmetric Encryption
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniques
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
 

Kürzlich hochgeladen

COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxannathomasp01
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...Amil baba
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxPooja Bhuva
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibitjbellavia9
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentationcamerronhm
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsKarakKing
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxUmeshTimilsina1
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 

Kürzlich hochgeladen (20)

COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Plant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptxPlant propagation: Sexual and Asexual propapagation.pptx
Plant propagation: Sexual and Asexual propapagation.pptx
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 

Cyber security and Privacy Awareness manual

  • 1. 1 Privacy Kit Manual of cyber awareness Chapter-1 Safe Computing What is Safe Computing? Safety is a state of being protected from potential harm or something that has been designed to protect and prevent harm. An Example of Safety is when you wear a seatbelt. Today, we are more dependent on computers and the information that they store than ever before. From spyware, viruses, and Trojans to identity theft and computer hardware malfunctions - any disruption can have a huge impact on our lives. No matter how savvy the user, safe computing software and security settings and the secure actions of the user. Below are some tips that will help you protect your computer. 1. Keep your Computer Updated: Whether individuals choose to update their operating system software automatically or manually, we recommend making it a continuous process. It is also important to keep other software on your computer updated. Software updates often include essential bug fixes and security features that address existing vulnerabilities.
  • 2. 2 2. Keep up-to-date on software patches: Staying up-to-date on the latest security patches is critical in today’s threat environment. The single most important thing you can do keep your software and computer safe is to always run the most up-to-date versions. Why patch? If your computer seems to be working fine, you may wonder why you should apply a patch. By not applying a patch you might be leaving the door open for a malware attack. What to patch? Not all the vulnerabilities that exist in products or technologies will affect you. However, any software you use is a potential source of vulnerabilities that could lead to compromise of security or identity. The more commonly used a program is, the bigger target it represents and the more likely it is that vulnerability will be exploited. For the more obscure software you use, contact the vendor to receive updates, patches, or vulnerability alerts. Additionally, don’t forget to patch your Antivirus software.
  • 3. 3 3. Do not use open Wi-Fi: Everybody has done it. At least once, probably a lot more. Maybe daily, Maybe even hourly. But just because everybody else is connecting to the internet via free public Wi-Fi doesn’t mean you should, too. Instead, you should listen to that little voice in your head that asks, “is this safe?” every time you connect to a public Wi-Fi network - because you know it really isn’t. You’re not alone. Open public Wi-Fi networks are everywhere: coffee shops, airports, restaurants, shopping malls, public Wi-Fi is commonplace. And so are people’s concerns about their safety on unsecured open Wi-Fi hotspot, but like you they go ahead and connect anyway. There are a few big problems with using a public Wi-Fi network. The open nature of the network allows for snooping, the network could be full of compromised machines, or - most worryingly - the hotspot itself could be malicious. When you connect to an open Wi-Fi network like one at a coffee shop or airport, the network is generally unencrypted - you can tell because you don’t have to enter a passphrase when connecting. Your unencrypted network traffic is then clearly visible to everyone in range. People can see what unencrypted web pages you’re visiting, what you’re typing into unencrypted web forms, and even see which encrypted websites you’re connected to - so if you’re connected to your bank’s website, they’d know it, although they wouldn’t know what you were doing.
  • 4. 4 4. Lock the computer/system when you are not using: The physical security of your devices is just as important as their technical security. If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it. If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well. For desktop computers, shut-down the system when not in use or lock your screen. 5. Download Files Legally: Downloading from the internet and sharing files are both common, everyday practices, and can come with a set of risks you should be aware of. You could unknowingly give others access to your computer while file sharing, who could potentially copy private files. This can happen when you’re asked to disable or alter your firewall settings in order to use Peer-to-Peer to upload to a file sharing program, which could leave your computer vulnerable. Downloading viruses, malware and spyware to your computer without you knowing it, they’re often disguised as popular movie or song downloads. Inadvertently spreading viruses and other malware that damage the computers of those with whom you’re file sharing.
  • 5. 5 6. Backup on regular basis: Regular, scheduled backups can protect you from the unexpected. Keep a few months’ worth of backups and make sure the files can be retrieved if needed. If you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and reinstall the system. 7. Use HTTPS everywhere: HTTPS helps prevent intruders from tampering with the communications between your websites and your user’s browsers. Intruders include intentionally malicious attackers, and legitimate but intrusive companies, such as ISPs or hotels that inject ads into pages. Intruders exploit unprotected communications to trick your users into giving up sensitive information or installing malware, or to insert their own advertisements into your resources. For examples, some third parties inject advertisements into websites that potentially break user experiences and create security vulnerabilities. Intruders exploit every unprotected resource that travels between your websites and your users. Images, cookies, scripts, HTML. they are all exploitable. Intrusions can occur at any point in the network, including a user’s machine, a Wi-Fi hotspot, or a compromised ISP. 8. Use Anti-Virus: Only install an antivirus program from a known and trusted source. Keep virus definitions, engines and software up to date to ensure your antivirus program remains effective. Virus, worms and the like often perform malicious acts, such as deleting files, accessing personal data, or using your computer to attack other computers. To help keep your computer healthy, install Anti-virus. You must also ensure both the program and the virus signature files are up to date.
  • 6. 6 9. Use Anti-Malware: Anti-Malware is a type of software program designed to prevent, detect and remediate malicious programming on individual computing devices and IT systems. Antimalware software protects against infections caused by many types of malware, including viruses, worms, Trojan horses, rootkits, spyware, key loggers, ransomware and adware. The intent of malware is that of promoting rogue product, redirecting your legitimate browsing to their scam sites, intercepting your transactions, and gathering as much of your personally identifying information as possible, all for financial gain. 10. Turn on Firewall: Windows Firewall or any other firewall app can help notify you about suspicious activity if a virus or worm tries to connect to your PC. it can also block viruses, worms, and hackers from trying to download potentially harmful apps to your PC. 11. Use VPN or Proxy: What is VPN? : A VPN is secure connection between your computer and server. All your internet traffic and browsing data goes through that remote server. To the outside world, the anonymous server is doing the browsing, not you. ISPs, government agencies, hacker or anyone else can’t track your activity online. In the past, VPNs were mainly used by companies to securely link remote branches together or connect roaming employees to the office network, but today they’re an important services for consumer too, protecting them from attacks when they connect to public wireless networks.
  • 7. 7 TOP 5 FREE VPNs 1. TunnelBear: Your IP address is the unique number that websites use to determine your physical location and track you across different sites. Use TunnelBear VPN to keep your IP address private from websites, hackers and advertisers. TunnelBear VPN shields your personal information from prying third-parties and hackers on public WiFi, ISPs and other local networks. Your connection is secured with bear-grade (that’s strong) AES 256-bit encryption. 2. OpenVPN: OpenVPN Access Server is a full featured secure network tunneling VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN client software packages that accommodate Windows, MAC, Linux, Android, and iOS environments. OpenVPN Access Server support a wide range of configurations, including secure and granular remote access to internal network and/ or private cloud network resources and applications with fine-grained access control. 3. Hotspot Shield: Hotspot Shield is possibly the most popular free VPN client in the world. It made waves when Hulu was launched as it allowed users to watch Hulu even when it was blocked. Now, they have US & UK based VPN services which you can use to protect yourself from WiFi Snoopers, identity thefts, and censorships. The best part is, Hotspot Shield provides unlimited bandwidth and works on both PC & Mac.
  • 8. 8 4. VPNBook: It’s a free VPN service and comes with most advanced cryptographic techniques to keep you safe on the internet. VPNBook strives to keep the internet a safe and free place by providing free and secure PPTP and OpenVPN service access for everyone. From our tests, we have found that VPNBook is Romania based and claims that they do not collect any information or log any internet activity. 5. UltraVPN: UltraVPN is a French VPN client that hides your connection from unwanted ears and allows you to use blocked applications. It is also based on OpenVPN service. Traffic is quota is unlimited. Bandwidth is 50kb/s depending on network conditions. What is Proxy? : A Proxy server is a computer that acts as an intermediary between the user’s computer and the Internet. It allows client computers to make indirect network connection to other network services. If use proxy server. Client computers will first connect to the proxy server, requesting some resources like web pages, games, videos, mp3, e-books, and any other resources which are available from various servers over internet. Nowadays, we use proxy server for various purpose like sharing internet connections on a local area network, hide our IP address, implement Internet access control, access blocked websites and so on.
  • 9. 9  To share Internet connection on a LAN. Some small businesses and families have multiple computers but with only one Internet connection, they can share Internet connection for other computers on the LAN with a proxy server.  To hide the IP address of the client computer so that it can surf anonymous, this is mostly for security reasons. A proxy server can act as an intermediary between the user's computer and the Internet to prevent from attack and unexpected access. Use Proxy Server for IE  Click "Tools" -> "Internet Options" -> "Connections" -> "LAN Settings" -> select "Use a proxy server for your LAN" -> "Advanced", configure as bellow.
  • 10. 10 Use Proxy server for Firefox Click "Tools" -> "Options" -> "Advanced" -> "Network" -> "Connections" - > "Settings" -> "Manual proxy configuration", configure as bellow.
  • 11. 11 Use Proxy server for Chrome Click "Tools" -> "Settings" -> "Advanced" -> "Network" -> select "Change Proxy Settings" -> "Connection" -> "LAN Settings" -> Select "Use a proxy server for your LAN" -> "Advanced", configure as below.
  • 12. 12 12. Use TOR: The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses. Journalists use Tor to communicate more safely with whistle-blowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.
  • 13. 13 13. Don’t store password in browser: Most recent versions of web browsers prompt you to save usernames and passwords for various sites on the internet. This feature can be useful, but can also put your money and personal information at risk if you are not careful. Information Services and Technology recommends that you do not save passwords with your browser for sites which have:  Private information about you or someone else (e.g., medical records);  Private financial information (e.g., credit card numbers);  Private correspondence (e.g., email). You put yourself at risk when you save passwords for these types of sites. Below are instructions to disable the password saving feature, or to force the browser to clear all currently saved passwords, on commonly used browsers.
  • 14. 14 To disable password saving in internet Explorer on Windows: 1. Internet Explorer 2. Select Tools > Internet options > Content. 3. Under “AutoComplete”, click Settings. 4. To stop password saving, uncheck Usernames and password forms.
  • 15. 15 To clear all existing saved usernames and passwords, click on Clear Passwords, then click OK in the warning dialog box. To disable password saving in Firefox on Windows: 1. Open Firefox 2. Click on open menu 3. Under “Menu”, Click on Options
  • 16. 16 4. Select Privacy & Security 5. To stop password saving, uncheck Remember Logins and passwords for websites
  • 17. 17 To disable password saving in Chrome on Windows: 1. Open the Chrome menu using the button on the far right of the browser toolbar. 2. Choose the Settings menu option.
  • 18. 18 3. Click the advanced settings…located at the bottom of the page. 4. In the “Passwords and forms” section, click the Manage passwords. 5. In the Manage passwords Section. To stop password saving, turn it off this option.
  • 19. 19 To disable password saving in Safari on Mac OS: 1. Go to Safari Preferences. 2. Select the Autofill tab, and for AutoFill web forms toggle the option for Usernames and passwords option. 3. Select the Password tab. make sure 'AutoFill usernames and passwords' is unchecked and use the 'Remove All' to clear any saved passwords there. 14. Cover Mic and Camera with Tape: It is certainly possible for hackers to install malware on computers that allow them to turn on a computer's camera and record or take screenshots of what is going on. The threat of this can be mitigated by taking common security steps - installing anti-virus software, having a firewall, and not clicking any suspicious links in emails. For those using desktops, the best way to ensure that you're not being watched is simply to unplug your webcam. For laptop users, this isn't an option, so the approach of covering it up might be best. The Electronic Frontier Foundation even sells a specially-designed sticker set for the purpose. Mac users are a little safer - a green light next to the webcam is designed to activate any time the camera is being used, so you should be alerted to any unsolicited recording. This isn't always the case, however.
  • 20. 20 15. Most Importantly, Stay Informed: Stay current with the latest developments for Windows, MacOS Linux, and UNIX systems and in various smartphone operating systems. Regularly browse for security updates and important issues concerning various operating systems and applications. Most importantly, you should keep an ongoing conversation about internet safety and privacy issues. Update your children on any online scams you learn about and initiate discussions about cyberbullying, predators, sexting and more. Remember, there is no better way to protect your children from bad decisions that nurturing critical thinking and raising awareness. For tips on talking to your kids about online safety. In an increasingly security-conscious world, many of us know the basics about phishing, strong password parameters, VPNs and benefits of encryption. Why we sometimes choose to disregard those rules is another question: the important thing is that we know them and we make informed decisions, which is not always true when it comes to our children. Being security-conscious cyber citizens is not enough anymore. We must protect our children until we teach them the basics of online security.
  • 21. 21 Chapter-2 Internet Surfing Tips What is Internet Surfing or Browsing? A browser is a program on your computer that enables you to search ("surf") and retrieve information on the World Wide Web (WWW), which is part of the Internet. The Web is simply a large number of computers linked together in a global network that can be accessed using an address in the same way that you can phone anyone in the world given their telephone number. The Internet can be a confusing and dangerous place. Without a safety net, people can fall into the danger zones of pornography, predators, many online scams, Internet viruses, and spyware. With such free access to the Internet around the world, many have abused it as an opportunity to take advantage of others. But, there's no reason to fear the Internet. When used properly, with the right precautions and the right information; the Internet educates, positively influences, and provides a creative outlet for today's kids. Below are some tips for Surfing Internet. 1. Use private browsing in Firefox: As you browse the web, Firefox remembers lots of information for you - like the sites you've visited. There may be times, however, when you don't want people with access to your computer to see this information, such as when shopping for a present. Private Browsing allows you to browse the Internet without saving any information about which sites and pages
  • 22. 22 you’ve visited. Private Browsing also includes Tracking Protection, which prevents companies from tracking your browsing history across multiple sites. 2. Check for green lock and HTTPS in URL: HTTPS is a modification of the HTTP (Hyper Text Transfer Protocol) standard used to allow the exchange of content on the Internet. The “S” stands for secure, which means the HTTP connection is encrypted — preventing exchanged information from being read in plain text, or “as you see it.” Even if someone were to somehow obtain the encrypted data shared in the exchange, it would be nonsense with nearly no means of decryption to retrieve the original content. Think of HTTPS as locking a door before starting a meeting; only the parties in the room can see what is happening. 3. Keep your browser Up to Date: The most important reason to keep your browser up-to-date is for your own safety and security, and that of your computer. There are many different sorts of security threats that you can be subject to when you're browsing the web: identity theft, phishing sites, viruses, Trojans, spyware, adware, and other sorts of malware.
  • 23. 23 Another reason to keep your browser up-to-date is that you won't necessarily be getting the best browsing experience otherwise. You won't always know when you see a web page that isn't displaying properly – a well-designed site degrades gracefully so that you don't suffer unnecessarily with an old browser – but for the most up-to-date functions and features, you will need to update your browser regularly. 4. Think before you click on unknown links: When you’re online, don’t click something unless you know it’s from someone or something that you recognize. But there’s a reason that it’s important to repeat this. Clicking unknown links is STILL one of the most common forms of security breaches. A common thing to be aware of is that some scammers look at what information is available about you online. If your email address, job title, websites you like, etc. is online, and then there is ample opportunity for a scammer to craft something that is customized to get your attention. Your social media leaves you somewhat vulnerable because of the amount of information available online. But it’s more than just what you share.
  • 24. 24 5. Use NOscript add-on blocker plugins: NoScript (or NoScript Security Suite) is a free software extension for Mozilla Firefox, SeaMonkey, and other Mozilla-based web browsers, created and actively maintained by Giorgio Maone, an Italian software developer and member of the Mozilla Security Group. It allows executable web content based on JavaScript, Java, Flash, Silverlight, and other plugins only if the site hosting is considered trusted by its user and has been previously added to a whitelist. It also offers specific countermeasures against security exploits. NoScript blocks JavaScript, Java, Flash, Silverlight, and other "active" content by default in Firefox. This is based on the assumption that malicious websites can use these technologies in harmful ways. Users can allow active content to execute on trusted websites, by giving explicit permission, on a temporary or a more permanent basis. If "Temporarily allow" is selected, then scripts are enabled for that site until the browser session is closed.
  • 25. 25 6. Turn on do not track button: Do Not Track, the feature in web browsers and web sites that asks advertisers and data miners not to track your browsing habits, is a relatively new service. It's also typically an opt-out feature. So, here's everywhere that you can enable Do Not Track so advertisers can't snoop in on your habits. Essentially, ad and analytics companies watch what you do online, and then tailor the web experience based on your history. That means targeted ads, specific articles, and more. They typically do this through cookies in your browser. Enable Do Not Track in These Browsers: Chrome: Head into the Settings page and click "Show advanced settings." Scroll down to the Privacy section and select Do Not Track. Mobile Chrome: Head into the Settings and then Privacy > Do Not Track.
  • 26. 26 Firefox: Select Preferences > Privacy and check the box marked, "Tell websites I do not want to be tracked." Internet Explorer: Click the Tools button and then Internet Options > Advanced. Select "Always send Do Not Track Header." Safari: Head into Preferences > Privacy and check the box marked "Ask website not to track me." 7. Erase your trail justdelete.me: Some Web sites make it difficult to figure out how to delete your accounts. JustDelete.me can save you time by providing direct links to the cancellation pages of numerous Internet sites. Web companies don't want you to close out your accounts with them, which is understandable. If you leave, their revenue-earning potential decreases. Some companies make the process of deleting your account relatively easy, while others make it practically impossible or confusing. Just Delete Me is a list of the most popular web apps and services with links to delete your account from those services. Each one is color coded.
  • 27. 27 Green is easy, yellow is medium, red is difficult, and black is impossible. When you click on a service, you're automatically taken to the page where you can delete your account so you don't have to go searching for it. Likewise, you can snag the Chrome extension and be taken to the account deletion page right from the URL bar when you're on a site, as well as get up to date information about whether an account is easy to delete before you sign up. If you want to keep track of your accounts and delete as many as possible, this is a good place to start. 8. Use Sandboxie: Sandboxie uses isolation technology to separate programs from your underlying operating system preventing unwanted changes from happening to your personal data, programs and applications that rest safely on your hard drive. Web Browsing? Secure your favourite web browser and block malicious software, viruses, ransom-ware and zero day threats by isolating such attacks in the Sandbox; leaving your system protected. Email Run your favourite email program in Sandboxie so you never have to worry about suspicious attachments or spear phishing attacks. Data Protection Sandboxie prevents internet websites and programs from modifying your personal data (i.e. My Documents), files & folders on your system. Application Testing Safely test and try new programs and applications within Sandboxie and prevent unauthorized changes to your underlying system that may occur.
  • 28. 28 9. Use DuckDuckGo Search Engine: DuckDuckGo (DDG) is an Internet search engine that emphasizes protecting searchers' privacy and avoiding the filter bubble of personalized search results. DuckDuckGo distinguishes itself from other search engines by not profiling its users and by deliberately showing all users the same search results for a given search term. DuckDuckGo emphasizes returning the best results, rather than the most results, and generates those results from over 400 individual sources, including key crowdsourced sites such as Wikipedia, and other search engines like Bing, Yahoo!, Yandex, and Yummly. DuckDuckGo positions itself as a search engine that puts privacy first and as such it does not store IP addresses, does not log user information and uses cookies only when needed. By default, DuckDuckGo does not collect or share personal information. 10. Use Disconnect Search Engine: Disconnect Search already makes your searches—no matter what engine you choose, whether it's Google, Bing, Yahoo, or even the already-private DuckDuckGo—completely private and untraceable. Searches are routed through Disconnect and
  • 29. 29 Anonymized, so they appear to come from Disconnect instead of a specific user. Plus, those queries are encrypted, so ISPs (or anyone riding their lines) can't see what you're looking for. Disconnect also never logs keywords, IP addresses, or other personally identifiable information. Each search is just as anonymous as the first one. The service has been available in the form of a browser extension and an Android app up to this point, but if you don't want to install anything (or can't, because you're at work), you can head right over to their website to search directly. Hit the link below to give it a try. https://search.disconnect.me/ 11. Lukol: Lukol uses a proxy server to deliver customized search results from Google using its enhanced custom search yet conserves your privacy by removing traceable entities. Lukol is considered as one of the best private search engines that protects from online fraudsters and keeps the spammers away by safeguarding you from misleading or inappropriate sites. It ensures full anonymity of your searches. https://www.lukol.com/
  • 30. 30 12. Use lightbeam: Lightbeam is a Firefox add-on that enables you to see the first and third party sites you interact with on the Web. Using interactive visualizations, Lightbeam shows you the relationships between these third parties and the sites you visit.
  • 31. 31 13. Use TOR for no Digital Trace: Another way to go anonymous, when you are browsing is to install the TOR browser. This one comes is based on too many VPN-style features that make your Internet activity to bounce around different parts of the world, making it a lot tougher for both the government and companies to find. When you are using this, you should not share your personal credentials at all. 14. Use uBlock Origin add-on for ad blocker: uBlock Origin is a free and open source, cross- platform browser extension for content-filtering, including ad-blocking. The extension is available for several browsers: Safari (Beta), Chrome, Chromium, Edge, Firefox, and Opera. uBlock Origin has received praise from technology websites, and is reported to be much less memory-intensive than other extensions with similar functionality. uBlock Origin's stated purpose is to give users the means to enforce their own (content-filtering) choices.
  • 32. 32 15. Panopticlick: Panopticlick is a research project designed to better uncover the tools and techniques of online trackers and test the efficacy of privacy add-ons. When you visit a website, you are allowing that site to access a lot of information about your computer's configuration. Combined, this information can create a kind of fingerprint — a signature that could be used to identify you and your computer. Some companies use this technology to try to identify individual computers.
  • 33. 33 16. Use VirusTotal Website: VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. At the same time, it may be used as a means to detect false positives, i.e. innocuous resources detected as malicious by one or more scanners. VirusTotal’s mission is to help in improving the antivirus and security industry and make the internet a safer place through the development of free tools and services. https://www.virustotal.com/#/home/upload
  • 34. 34 Chapter-3 Introduction To Mobile Security Mobile Security is also known as Mobile Device Security has become increasingly important. According to ABI Research number of unique mobile threats grew by 261% in last two quarters of 2012.There are mainly three targets of an attacker Data, Identity and Availability. Threats to mobile device include Botnets, Malicious Applications, Malicious links on social networks, Spywares etc. 1. Lock your screen set passwords and user privileges: The best way to protect your phone is setting up a screen lock. Screen lock won’t allow an attacker to access your phone. You can set a screen lock in many different ways such as setting screen lock using Password, PIN, Pattern, Face Detection, Fingerprint etc. A user privilege is a right to execute a particular type of SQL statement, or a right to access another user's object. The types of privileges are defined by Oracle. Roles, on the other hand, are created by users (usually administrators) and are used to group together privileges or other roles.
  • 35. 35 Step 1: Open the Settings Step 2: Go to Security & Fingerprint
  • 36. 36 Step 3: Choose Screen lock and set the password 2. Use Secured Network: It’s good to be extra careful whenever you go online using a network you don’t know or trust – like using the free Wi-Fi at your local cafe. The service provider can monitor all traffic on their network, which could include your personal information. If you are using a service that encrypts your connection to the web service, it can make it much more difficult for someone to snoop on your activity. When you connect through a public Wi-Fi network, anyone in the vicinity can monitor the information passing between your device and the Wi-Fi hotspot if your connection is not encrypted. Avoid doing important activities like banking or shopping over public networks. If you use Wi-Fi at home, you should make sure you use a password to secure your router by using
  • 37. 37 strong password and avoid using default password. Using default password may become an advantage for an attacker, they can change your settings and snoop on your online activity. There are two main types of encryption WPA (Wi-Fi Protected Access) and WEP (Wired Equivalent Privacy).Your computer, router, and other equipment must use the same encryption. WPA2 is strongest; use it if you have a choice. It should protect you against most hackers. Some older routers use only WEP encryption, which likely won’t protect you from some common hacking programs. Consider buying a new router with WPA2 capability. 3. Use Anti-virus Software: Antivirus or anti-virus software (often abbreviated as AV), sometimes known as anti-malware software, is computer software used to prevent, detect and remove malicious software. Antivirus software was originally developed to detect and remove computer viruses. Antivirus software is program that help to protect your computer against most viruses, worms, Trojan horses, and other unwanted invaders that can make your computer "sick." Viruses, worms etc. performs malicious acts, such as deleting files, accessing personal data, or using your computer to attack other computers. For avoiding such malicious activities and to keep your computer healthy, install Antivirus. It is important to constantly update the anti-virus software on a computer because computers are regularly threatened by new viruses. The anti-virus updates contain the latest files needed to combat new viruses and protect your computer. These updates are generally available through your subscription. Viruses can be prevented by taking sensible precautions, including:  Keeping your operating system up to date  Using up to date anti-virus software  Not opening an email attachment unless you are expecting it and know the source (many email servers scan emails with anti-virus software on the user's behalf)  Back up your computer  Use a strong password  Use a firewall  Use a pop-up blocker  Scan your system weekly
  • 38. 38 4. Update your Mobile OS: Updating mobile’s OS is necessary because it keeps your mobile free from the viruses. If one will not update its mobile’s operating system regularly he/she needs to face the repercussions and the repercussions may lead to the loss of sensitive data. Before you proceed, be sure to backup all of your data, just in case something goes wrong with the update. You should be backing up your information regularly. There is a multitude of backup apps available out there from carriers, manufacturers, and third parties, download and use it (Verify before using third party applications). Download and use How to update your mobile’s Operating System: Step 1: Go to Settings
  • 39. 39 Step 2: Select System Updates Step 3: Click on Download Now
  • 40. 40 Rooting is always an option - If you want the latest OS as soon as it's available, you can always choose to root your phone, which enables you to access updates when you want them. That's just one of the many benefits of rooting your Android device. You'll also be able to access features not yet available to unrooted Android smartphones and tablets, and you'll have more control over your device to boot. Steps for rooting – (Rooting may lead to some disadvantages) Step 1: Free download KingoRoot.apk. Step 2: Install KingoRoot.apk on your device. Step 3: Launch "Kingo ROOT" app and start rooting. Step 4: Waiting for a few seconds till the result screen appear. Step 5: Succeeded or Failed.
  • 41. 41 5. Use Lock Code Apps and Vaults : Use of lock codes and vaults is mainly for the applications that you have downloaded on your device. Lock codes and vaults can help you in securing your apps by some code or password. It is as same as putting PIN, Pattern or Password on your device, you can download Vaults or Lock Code Apps from the PlayStore. Using Lock Code Apps or Vaults will help you in maintaining confidentiality of your personal information. According to survey 60% of the total population doesn’t use Lock Code Apps or Vaults and hence results to the personal information expose. How to download Lock Code Apps and Vaults: Step 1: Go to PlayStore Step 2: Search for the App Locks
  • 42. 42 Step 3: Choose wisely and Download
  • 43. 43 6. Use Kids/Guest modes: Guest mode is one of many new features of the new version of Android Lollipop 5.0 it mainly add two accounts first for the User and second for the Guest (unknown user). These new feature Guest Mode, which lets you hand your phone over to someone else without giving them access to any of your data. How to enable guest mode: Step 1: Go to Settings -> User Step 2: Click on Guest or Add user
  • 44. 44 7. Set up SIM Lock: A SIM lock, simlock, network lock, carrier lock or (master) subsidy lock is a technical restriction built into GSM (Global System for Mobile) and CDMA (Code Division Multiple Access) mobile phones by mobile phone manufacturers for use by service providers to restrict the use of these phones to specific countries and/or networks. Lock your SIM card with a PIN (personal identification number) to require an identification code for phone calls and cellular-data usage. The wrong guess can permanently lock your SIM card, which means that you would need a new SIM card. SIM lock requires your lock screen PIN, pattern, password, or fingerprint and SIM card to be in place before the phone can be unlocked. Now, a few things you should be aware of before setting up SIM Lock. First off, you’ll need to know your carrier’s default unlock code. For many, this is just 1111, but be aware: if you enter this incorrectly three times, it will render your SIM useless (that’s part of the security of it, after all). You can start by trying 1111, but if that doesn’t work on the first try, you’ll probably need to contact your carrier to get the default code. How to set up SIM lock:
  • 45. 45 Step 1: Go to Settings Step 2: Search for SIM Lock
  • 46. 46 Step 3: Set up SIM Lock
  • 47. 47 8. Keep Sensitive Files of your Phone on Cloud Storage: Cloud Storage is a service where data is remotely maintained, managed, and backed up. The service allows the users to store files online, so that they can access them from any location via the Internet. Instead of storing information to your computer's hard drive or other local storage device, you save it to a remote database. The Internet provides the connection between your computer and the database. On the surface, cloud storage has several advantages over traditional data storage. Users can scale services to fit their needs, customize applications, and access cloud services from anywhere with an Internet connection. Enterprise users can get applications to market quickly without worrying about underlying infrastructure costs or maintenance. Data security is a major concern, and although options are currently limited, they exist. The most secure is likely however, the biggest cause of concern for Cloud storage isn't hacked data. 9. Do not install random apps from unknown sources: Installing applications from unknown sources may harm your device. Unknown apps can come with Viruses, Trojans, Spyware, Adware etc. which can harm your device in different ways. In all devices there is an option of enabling the Unknown source which will not allow any random applications to be downloaded on your device. How to enable Unknown source option: Step 1: Go to settings
  • 48. 48 Step 2: Search for Security
  • 49. 49 Step 3: Open Security and enable the Unknown Source option 10. Disallow any unwanted permissions on the apps which don’t require them to run on android device manager for remote swipe and track location: Do you actually read the list of permissions that Android apps are asking for before you install them? I know most of us treat those permissions like terms and conditions, blindly tapping our way through. But if you actually do, you would be aware of their reach. Some of your apps can make phone calls. Some can track your location. Some can read your browsing history, contacts, SMS, photos,
  • 50. 50 calendar. No doubt, Google’s Android mobile operating system has a powerful app permission system that forces app developers to mention the exact permissions they require. But there is a major issue for Android users, by default it is a Take-it-or-Leave-it situation, which means you can choose to install the app, granting all those permissions or simply, not install it. Controlling these permissions as a user is possible, and there are apps that make it easier for you to control each single permission you grant to an app. You can first install an app like Permission Explorer that allows you to filter apps and permissions by categories, giving you a much more detail about the permissions you granted to the app. You can also try similar apps like Permissions Observatory and App Permissions as well. These apps will help you know if there are any apps with problematic permissions that need to be revoked or perhaps even uninstalled completely. Once you have found some offending apps with unnecessary app permissions, it is time to revoke those permissions. One of the popular apps is App Ops that allows you to block permissions to individual apps. 11. Turn off your Wi-Fi, Bluetooth and NFC if you are not using it: The ornate N is there to let you know that your phone currently has NFC switched on. NFC, or Near Field Communication, is a technology that allows devices to exchange information simply by placing them next to one another. You may well have already encountered NFC if you’ve paid for public transport with an Oyster card, or used the new tap-to-pay feature with your bank card to buy something. Smartphones use NFC to pass photos, contacts, or any other data you specify between NFC enabled handsets. It is also the method used by Android Pay and Samsung Pay. How to turn-off NFC:
  • 51. 51 You intuitively know why you should bolt your doors when you leave the house and add some sort of authentication for your smartphone. But there are lots of digital entrances that you leave open all the time, such as Wi- Fi and your cell connection. It's a calculated risk, and the benefits generally make it worthwhile. That calculus changes with Bluetooth. Whenever you don't absolutely need it, you should go ahead and turn it off. Minimizing your Bluetooth usage minimizes your exposure to very real vulnerabilities. That includes an attack called BlueBorne, which would allow any affected device with Bluetooth turned on to be attacked through a series of vulnerabilities. The flaws aren't in the Bluetooth standard itself, but in its implementation in all sorts of software. Windows, Android, Linux, and iOS have been vulnerable to BlueBorne in the past. Millions could still be at risk. 12. CM Security Application: This is the security application available on the PlayStore and it is very useful. It is excellent in call blocking and VPN services and it also has nice visuals. Steps for CM security application:
  • 52. 52 Step 1: Download the CM Security & Find My Phone App Head on over to the Play Store and download CM Security. Once the app has downloaded, open up the app and tap ‘Scan,’ which is located in the middle of the screen. CM Security will then scan all of the apps on your device to detect any viruses, Trojans, vulnerabilities, adware and spyware. Step 2: Scan SD Card By tapping on the ellipsis on the top right-hand corner, you can tap on ‘Scan SD Card.’ CM Security will then scan the external SD cards to detect any threats, and will alert you if any threats are detected. Step 3: Clean Up Junk You can clean up junk on your Android phone or tablet by tapping on the ellipsis on the top right-hand corner and tapping on ‘Clean Up Junk.’ You
  • 53. 53 will then see what apps are taking up the most storage on your Android phone or tablet. Simply check the apps that you want to cache the junk and tap ‘Solve.’ Step 4: Boost Memory After you cleaned up the junk on your Android phone or tablet, you can then remove apps that are taking up space to boost the memory on your device. Just check the apps you want to remove and tap ‘Boost’ on the bottom of the screen. You can also enable ‘game boost’ to make sure the games on your device run smoothly. Step 5: Find Your Phone & Prevent Unwanted Phone Calls One of CM Security’s best features is that you can locate your Android phone. You can either go to the ellipsis in the top right-hand corner or tap on ‘Find Phone,’ or you can visit https://findphone.cmcm.com. You will need to logon to the website with your email address. CM Security will ask you to set a CM Security password and you will be able to locate your phone on a map. By tapping on ‘Yell,’ you can make the device yell to find it. The ‘Yell’ button will make your device play a loud sound for 60 seconds, even if your device is set to silent. You can also lock your device to protect your privacy. If anyone tries to break into your phone and enters the incorrect password 3 or more times, the app will take a picture of the infiltrator. CM Security allows you to block unwanted phone calls. You can block unwanted phone calls by tapping tapping ‘Call Blocking.’ CM Security will then block all unwanted calls in your blocking blacklist. Step 6: Schedule Routine Scanning To schedule a routine automatic scan, go to the ellipsis in the right-hand corner and tap on ‘Scheduled scan.’ You can then select if you want to do a routine automatic scan once a day, once a week or once a month.
  • 54. 54 Chapter-4 Password Protection Most people don’t realize there are a number of common techniques used to crack passwords and plenty more ways we make our accounts vulnerable due to simple and widely used passwords. How to get hacked? Dictionary attacks: Avoid consecutive keyboard combinations— such as QWERTY or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs. Cracking security questions: Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research. When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked. Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favourite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.” Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.
  • 55. 55 Social engineering: Social engineering is an elaborate type of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information. How to make them secure 1. Make sure you use different passwords for each of your accounts. 2. Be sure no one watches when you enter your password. 3. Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password. 4. Use comprehensive security software and keep it up to date to avoid key loggers (keystroke loggers) and other malware. 5. Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords. 6. Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection. 7. Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself. 8. Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year. 9. Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier. 10. Strong passwords are easy to remember but hard to guess. Iam:)2b29! — This has 10 characters and says “I am happy to be 29!” I wish. 11. Use the keyboard as a palette to create shapes. %tgbHU8*- Follow that on the keyboard. It’s a V. The letter V starting with any of the top keys. To change these periodically, you can slide them across the keyboard. Use W if you are feeling all crazy.
  • 56. 56 12. Have fun with known short codes or sentences or phrases. 2B-or- Not_2b? —This one says “To be or not to be?” 13. It’s okay to write down your passwords, just keep them away from your computer and mixed in with other numbers and letters so it’s not apparent that it’s a password. 14. You can also write a “tip sheet” which will give you a clue to remember your password, but doesn’t actually contain your password on it. For example, in the example above, your “tip sheet” might read “To be, or not to be?” 15. Check your password strength. If the site you are signing up for offers a password strength analyser, pay attention to it and heed its advice. 1. Don’t fill out your social media profile: The more information you share online, the easier it’s going to be for someone to get their hands on it. Don’t cooperate. Take a look at your social media profiles and keep them barren—the people who need to know your birth date, email address and phone number already have them. And what exactly is the point of sharing everything about yourself in your Facebook profile? If you care about your privacy, you won’t do it. Think twice about sharing your social security number with anyone, unless it’s your bank, a credit bureau, a company that wants to do a background check on you or some other entity that has to report to the IRS. If someone gets their hands on it and has information such your birth date and address they can steal your identity and take out credit cards and pile up other debt in your name.
  • 57. 57 Even the last four digits of your social security number should only be used when necessary. The last four are often used by banks and other institutions to reset your password for access your account. Plus, if someone has the last four digits and your birth place, it’s a lot easier to guess the entire number. That’s because the first three are determined by where you, or your parents, applied for your SSN. And the second set of two are the group number, which is assigned to all numbers given out at a certain time in your geographic area. So a determined identity thief with some computing power could hack it given time. 2. Lock down your hardware: Set up your PC to require a password when it wakes from sleep or boots up. Sure, you may trust the people who live in your house, but what if your laptop is stolen or you lose it? Same thing with your mobile devices. Not only should you use a passcode to access them every time you use them, install an app that will locate your phone or tablet if it’s lost or stolen, as well as lock it or wipe it clean of any data so a stranger can’t get access to the treasure trove of data saved on it. And, make sure your computers and mobile devices are loaded with anti-malware apps and software. They can prevent prevent criminals from stealing your data. We recommend Norton Internet Security ($49.99 on norton.com or $17.99 on Amazon) in our computer security buying guide or stepping up to Norton 360 Multi-Device ($59.99 on norton.com or $49.99 on Amazon) if you have mobile devices. And, you’ll want to double up your protection on Android devices by installing, since we found anti-malware apps are dismal at detecting spyware.
  • 58. 58 3. Use a password vault that generates and remembers strong and unique passwords: Most people know better than to use the same password for more than one website or application. In reality, it can be impossible to remember a different one for the dozens of online services you use. The problem with using the same password in more than one place is if someone gets their hands on your password—say, through a phishing attack—they can access all your accounts and cause all sorts of trouble. To eliminate this dilemma, use a password manager that will not only remember all your passwords, but will generate super strong and unique ones and automatically fill them into login fields with the click of a button. LastPass is an excellent and free choice. 4. Use two-factor authentication: You can lock down your Facebook, Google, Dropbox, Apple ID, Microsoft, Twitter and other accounts with two-factor authentication. That means that when you log in, you’ll also need to enter a special code that the site texts to your phone. Some services require it each time you log in, other just when you’re using a new device or web browser. The Electronic Frontier Foundation has a great overview of what’s available. Two-factor authentication works beautifully for keeping others from accessing your accounts, although some people feel it’s too time
  • 59. 59 consuming. But if you’re serious about privacy, you’ll put up with the friction. 5. Lie when setting up password security questions: “What is your mother’s maiden name?” or “In what city were you born?” are common questions websites often ask you to answer so as to supposedly keep your account safe from intruders. In reality, there’s nothing secure about such generic queries. That’s because someone who wants access to your account could easily do some Internet research to dig up the answers. Not sure you can remember your lies? You can create “accounts” in your password manager just for this purpose. Do you know any other good privacy tips? Let us know in the comments below!
  • 60. 60 Chapter-5 Email and Chatting tips Use encrypted emails like Proton mail ProtonMail is an encrypted email service that takes a radically different approach to email security. Find out how ProtonMail security compares to Gmail security. ProtonMail became the world’s first email service to protect data with end- to-end encryption, and today is the world’s most popular secure email service with millions of users worldwide. ProtonMail’s technology is often misunderstood by tech writers (and sometimes incorrectly represented in the press), so this article aims to provide a clear description of how ProtonMail’s technology is different from Gmail, and what makes ProtonMail more secure. Make a separate account for subscriptions Recommendation: When creating multiple New Relic accounts, use the same license key for applications on the same host. This enables those applications to be linked together in New Relic. To create additional accounts with the same email address: 1. Use the same email address and password to sign up for one or more accounts.
  • 61. 61 2. Create a separate account for each subscription level you want to use. 3. Configure your mission-critical hosts to use the master account's license key. 4. Use license keys from your inexpensive or free accounts for your remaining hosts. Use encrypted P2P chatting app like “Signal” Open Whisper Systems' Signal is probably the best-known messaging app for mobile users concerned about their privacy. It is a free app that provides messaging and voice-call services - and everything is completely end-to-end encrypted. You can send text messages to individuals and groups, place calls, share media and other attachments to your phone contacts, and more. Read all the permission that third party application want to access in your E-mail account. Many third-party productivity apps that might be installed by business users in your organization request permission to access user information and data and sign in on behalf of the user in other cloud apps, such as Office 365, G Suite and Salesforce. When users install these apps, they often click accept
  • 62. 62 without closely reviewing the details in the prompt, including granting permissions to the app. This problem is compounded by the fact that IT may not have enough insight to weigh the security risk of an application against the productivity benefit that it provides. Because accepting third- party app permissions is a potential security risk to your organization, monitoring the app permissions your users grant gives you the necessary visibility and control to protect your users and your applications. Remove access of third party application from your accounts. When you use an application or web service that requires access to an account — for example, anything in your Google account, files in your Dropbox account, tweets on Twitter, and so on — that application generally doesn’t ask for the service’s password. Instead, the application requests access using something called OAuth. If you agree to the prompt, that app gets access to your account. The account’s website provides the service with a token it can use to access your account. This is more secure than just giving the third-party application your password because you get to keep your password. It’s also possible to restrict access to specific data — for example, you might authorize a service to access your Gmail account but not you’re files in Google Drive or other data in your Google account.
  • 63. 63 Delete unused account - search for "confirm your email" After the recent Heartbleed bug scare, some of you may want to go and delete those dormant accounts you never use any more. For a quick way to find such sites you signed up on, go to your inbox and search for the term: "Confirm your email. "When something like the Heartbleed security bug hits millions of people, our standard advice is to change your passwords across all the affected services. With Heartbleed, the list was so large that it was advisable to go back to every account you have signed up at. And if many of them are unused, it kind of makes sense to just delete them in case some other security flaw in the future compromises you. If you are lucky, you use Lastpass to manage all your accounts and you can just delete everything from that list. But if that's not the case, chances are, you have used one or two email accounts to sign up at all these web sites over the years. Searching for "confirm your email" (first with the quotes, then without) in your inbox gives you a list of most of these websites, after which it's a matter of going there and deleting your account. The trick is similar to, and inspired by, searching for "unsubscribe" to purge newsletters in your email.
  • 64. 64 Be conscious of what information you reveal Historically, most research on the nature of consciousness. the most puzzling phenomenon in nature has focused on visual perception. This perception-based research has led to great insights regarding the nature of conscious processing. One of these insights is that conscious processing involves a kind of integration across neural systems and information-processing structures that is not achievable by unconscious processes. This is known as the integration consensus. When process X occurs consciously, it activates a wide network of regions that is not activated when that same process occurs unconsciously. 2FA An extra layer of security that is known as "multi factor authentication" In today's world of increasing digital crime and internet fraud many people will be highly familiar with the importance of online security, logins, usernames and passwords but if you ask them the question "What is Two Factor Authentication?" the likelihood is they will not know what it is or how it works, even though they may use it every single day. With standard security procedures (especially online) only requiring a simple username and password it has become increasingly easy for criminals (either in organised gangs or working alone) to gain access to a user's private data such as personal and financial details and then use that information to commit fraudulent acts, generally of a financial nature. Mailvelope Mailvelope is a free and open source browser extension that allows you to send and receive encrypted email text and attachments when using webmail services. It relies on the same form of public key encryption as GnuPG and PGP. Mailvelope is a browser extension that allows you to encrypt, decrypt, sign and authenticate email messages and files using
  • 65. 65 OpenPGP. It works with webmail and does not require you to download or install additional software. While Mailvelope lacks many of the features provided by Thunderbird, Enigmail and GnuPG, it is probably the easiest way for webmail users to begin taking advantage of end-to-end encryption. Guerrilla Mail Guerrilla Mail gives you a disposable email address. There is no need to register, simply visit Guerrilla Mail and a random address will be given. You can also choose your own address. You can give your email address to whoever you do not trust. You can view the email on Guerrilla Mail, click on any confirmation link, and then delete it. Any future spam sent to the disposable email will be zapped by Guerrilla Mail, never reaching your mail box, keeping your mail box safe and clean. Zoho mail: Zoho Mail is an amazing email platform that offers a mixture of ad-free, clean, minimalist interface and powerful features that are geared for business and professional use. Experience a fast, clean, Webmail that has powerful features matching or even superior to those you will find in desktop email clients. Immediately control of your inbox and get the freedom you need from tedious software upgrades. Zoho Mail suite has Zoho Docs. This means your team can create, collaborate, and edit text, presentation as well as spreadsheet documents
  • 66. 66 with the help of the most sophisticated online editors. You will experience faster work and better productivity with your online office. iCloud mail If you have an Apple ID, then you have an iCloud email account. This free account gives you up to 5GB storage for your emails, minus what you use for documents and other data you store in the cloud. It’s easy to work with your iCloud email from Apple’s Mail, on the Mac, or on an iOS device. Still, you may not know about the many extra options and features available if you log into iCloud on the Web. Before you can take advantage of any of the following tips, you need to turn on iCloud. If you already have an Apple ID, which you use on the iTunes store, you may never have set up iCloud. Sigiant SIGAINT was a Tor hidden service offering secure email services. According to its FAQ page, its web interface used SquirrelMail which does not rely on JavaScript. Passwords couldn't be recovered. Users received two addresses per inbox: one at sigaint.org for receiving clearnet emails and the other at its .onion address only for receiving emails sent from other Tor-enabled email services. Free accounts had 50 MB of storage space and expired after one year of inactivity. Upgraded accounts had access to POP3, IMAP, SMTP, larger size limits, full disk encryption, and never expired. The service was recommended by various security specialists as a highly secure email service.
  • 67. 67 Mail2Tor Mail2Tor is a Tor Hidden Service that allows anyone to send and receive emails anonymously. It is produced independently from The Tor Project. For more information, or to signup for your free @mail2tor.com account (webmail, smtp, pop3 and imap access) Please visit our tor hidden service at http://mail2tor2zyjdctd.onion You will need to have Tor software installed on your computer to securely access Mail2Tor hidden service Mail2Tor consists of several servers, a Tor hidden service, and an incoming and outgoing internet facing mail servers. These internet facing mail servers are relays. They relay mails in and out of the Tor network. The relays are anonymous and not tracable to us. The only thing stored on the hard drive of those servers is the mail server, and the Tor software. No emails or logs or anything important are stored on those servers, thus it doesn't matter if they are seized or shut down. We are prepared to quickly replace any relay that is taken offline for any reason. The Mail2Tor hidden service and SMTP/IMAP/POP3 are on a hidden server completely separate from the relays. The relays do not know (and do not need to know) the IP of the hidden service. Because the communications between the relays and the "dark server" occur through the tor network, without using traditional internet protocols (ip).
  • 68. 68 This hidden server is not one of the Tor network nodes/public servers, whose IPs are known. It is a private server that does not route traffic for tor users, but it is devoted exclusively to exchange data with Mail2Tor relays. The entire contents of the relays are immediately deleted and it is not possible to "sniff" data because transmitted in encrypted way. SAFe-mail SAFe-mail is a highly secure communication, storage, sharing and distribution system for the Internet. It provides email, instant messaging, data distribution, data storage and file sharing tools in a suite of applications that enable businesses and individuals to communicate and store data with privacy and confidence. Every application is secured by state-of-the-art encryption ensuring the highest level protection and privacy to users. Within the overall system as with each application, security is not an add-on feature but has been designed in to the fundamental architecture of the system. Safe-mail is provided as a hosted facility and offers the following services:  PrivateMail - a single account that brings together the best in email messaging for the individual user and provides a very secure online storage place for important documents and data. Register for a free account and you get 3MB of disk space to test drive the system. Then upgrade to a larger account through the StoragePlus program published under Premium Services.  BusinessMail - the perfect secure communication system for your organization. Create and manage multiple email addresses under your own domain and bring your staff and customers together in one secure private community.
  • 69. 69 Spam Gourmet SpamGourmet (free) has some interesting innovations, but it also has limitations on how many messages each address will be able to accept. There are two modes, No- brainer and Advanced. In the former, you get a user name and then you can give out self-destructing addresses in the form whatever.n.username@spamgourmet.com, where whatever is some word you choose and is the number of messages (up to 20) that you can receive at that address until it self-destructs—after which messages will return errors. For example, crazylegs.4.larryseltzer@spamgourmet.com will be able to receive four messages, and then senders will get error messages. The problem is, anyone can send you a message using a disposable account that you did not create: for example, IAMSPAM.20.larryseltzer@spamgourmet.com. Enigmail Enigmail is a seamlessly integrated security add-on for Mozilla Thunderbird. It allows you to use OpenPGP to encrypt and digitally sign your emails and to decrypt and verify messages you receive. Enigmail is free software. It can be freely used, modified and distributed under the terms of the Mozilla Public License. Sending unencrypted emails is like sending post cards – anyone and any system that process your mails can read its content. If you encrypt your emails, you put your message into an envelope that only the recipient of the email can open.
  • 70. 70 Thunderbird Thunderbird is an email, newsgroup, news feed, and chat (XMPP, IRC, Twitter) client. The vanilla version was not originally a personal information manager (PIM), although the Mozilla Lightning extension, which is now installed by default, adds PIM functionality. Additional features, if needed, are often available via other extensions. Thunderbird can manage multiple email, newsgroup, and news feed accounts and supports multiple identities within accounts. Features such as quick search, saved search folders ("virtual folders"), advanced message filtering, message grouping, and labels help manage and find messages. On Linux-based systems, system mail (movemail) accounts are supported. Thunderbird provides basic support for system- specific new email notifications and can be extended with advanced notification support using an add-on. Thunderbird incorporates a Bayesian spam filter, a whitelist based on the included address book, and can also understand classifications by server- based filters such as SpamAssassin. maskme addon Now you never have to give out your personal information online again. MaskMe creates disposable email addresses, phone numbers, and credit cards, so you can enjoy all the web has to offer without surrendering your personal data in exchange. The Details: - Every time you sign up for a site or shop the web, MaskMe will be by your side. -Choose to Mask your email address, phone number, or credit card, using unique, disposable info that MaskMe creates and autofills on the spot. It works instantly, every time, everywhere.
  • 71. 71 - Ensures you never miss important communication, but also puts you in control so you can stop spammers, telemarketers, and hackers in one click. - Convenient, fast, & easy-to-use. ghostery addon to block ads Ghostery is the first browser extension that makes your web browsing experience faster, cleaner and safer by detecting and blocking thousands of third-party data- tracking technologies – putting control of their own data back into consumers’ hands. Launched in 2009, Ghostery has more than seven million monthly active users who access the tool via the free apps or browser extensions. With its intuitive user interface, Ghostery enables average internet users to protect their privacy by default, while expert users benefit from a broad set of features and settings. The Ghostery apps and browser extensions are developed and operated by Ghostery, Inc. The company is headquartered in New York and is a fully-owned subsidiary of Cliqz GmbH. Cliqz is a German search, browser and data protection technology company backed by Mozilla and Hubert Burda Media. Neither Cliqz nor Ghostery share any data aboutindividual users with third parties.
  • 72. 72 Telegram Telegram is a non-profit cloud-based instant messaging service. Telegram client apps exist for Android, iOS, Windows Phone, Windows NT, MacOS and Linux. Users can send messages and exchange photos, videos, stickers, audio and files of any type. Telegram was founded by the Russian entrepreneur Pavel Durov. Its client-side code is open- source software but the source code for recent versions is not always immediately published, whereas its server-side code is closed-source and proprietary. The service also provides APIs to independent developers. In February 2016, Telegram stated that it had 100 million monthly active users, sending 15 billion messages per day. According to its CEO, as of April 2017, Telegram has more than 50% annual growth rate. Telegram's security model has received notable criticism by cryptography experts. They have argued that it is undermined by its use of a custom- designed encryption protocol that has not been proven reliable and secure, by storing all messages on their servers by default and by not enabling end-to-end encryption for messages by default. Pavel Durov has argued that this is because it helps to avoid third-party unsecure backups and to allow users to access messages and files from any device.Messages in Telegram are server-client encrypted by default, and the service provides end-to-end encryption for voice calls and optional end-to-end encrypted "secret" chats. Wickr Initially unveiled on iOS and later on Android, the Wickr app allows users to set an expiration time for their encrypted communications. In December 2014, Wickr released a desktop version of its secure communications platform.
  • 73. 73 The release of the desktop Wickr app coincided with introducing the ability to sync messages across multiple devices, including mobile phones, tablets, and computers. All communications on Wickr are encrypted locally on each device with a new key generated for each new message, meaning that no one except Wickr users have the keys to decipher their content. In addition to encrypting user data and conversations, Wickr strips metadata from all content transmitted through the network. Since its launch, Wickr has gone through regular security audits by prominent information security organizations, which verified Wickr's code, security and policies. Wickr has also launched a "bug bounty program" that offers a reward to hackers who can find a vulnerability in the app ChatSecure ChatSecure is a messaging application for iOS which allows OTR and OMEMO encryption for the XMPP protocol. ChatSecure is free and open source software available under the GNU General Public License. ChatSecure also features built-in support for anonymous communication on the Tor network. ChatSecure has been used by international individuals and governments, businesses, and those spreading jihadi propaganda. Surespot Surespot is an open source instant messaging application for Android and iOS. Surespot is one of the modern messaging apps that has a focus on privacy and security. For secure communication it uses end-to-end encryption by default.
  • 74. 74 Threema Threema is a proprietary encrypted instant messaging application for iOS, Android and Windows Phone. In addition to text messaging, users can send multimedia, locations, voice messages and files. The name Threema is based on the acronym EEEMA which stands for end-to-end encrypting Messaging Application. Threema is developed by the Swiss company Threema GmbH. The servers are located in Switzerland and the development is based in the Zürich metropolitan area. As of June 2015, Threema had 3.5 million users, most of them from German-speaking countries.
  • 75. 75 Chapter-6 Social Media Tips People lives have gotten easier thanks to the internet. With that being said, it is important people know how to protect themselves and their personal information to avoid becoming a victim of fraud. Online criminals and fraudsters can use your information to create bogus accounts to obtain anything they want. They can also use your information for phishing or soliciting. Attempting to get private or financial information from people online is known as phishing. The act begins with an email that looks like it is from a trusted source you know. It may claim to come from a bank. The email will encourage you to click a link claiming to take you to the website to enter personal account information including your password. If you fall for the trick, they get your personal information and access to your account.
  • 76. 76 Here’s what you need to protect yourself: Check privacy settings When using social media sites, review privacy settings. The settings for your profile may at the defaults, and you can change them to make your account information more secure. You should also review this information in case there is something you should keep private. Limit bio information Social media websites will ask for personal information when creating an account. Use tools offered to limit what others can view when they land on your page. The privacy settings may help customize the content that is viewable. Avoid sharing account details Sensitive details such as your bank account number, social security number, or other related information should be private. Use sponsored communication options such as email, telephone, mailed letter, or direct communication via the website if you need to share such information to reduce the risk of personal details getting into the wrong hands.
  • 77. 77 Choose friends and add contacts wisely The reason why you signed up for a social media account is likely why you have friends and contacts on your list. Be cautious of requests from people you don’t know. You don’t have to accept every friend request. Learn features of the website When signing up for an account, get to know the features. Do this before sharing information to understand how the site functions. You can choose who can view your posts and understand how such content is shared with others. What is shared online stays online Think before you share. Because of the unique way the internet is designed, once you post something, it stays online forever. People have ways of getting information and saving to another source. So, if you don’t want to set yourself up for embarrassment, think twice before posting messages or photos. Have a good reputation when approaching job recruiters Research has shown roughly 70 percent of job recruiters have turned down applicants because of something posted to their social media page. When you’re online, conduct yourself in a manner you want people to respect you for. Keep your online presence positive and be thoughtful with what you share. Use tools to manage friends and contacts
  • 78. 78 Have a personal profile page to keep in contact with people you know personally. Use a fan page to appeal on a public level without risking too much of your personal information. Use tools to separate contacts into groups. You can have a list of family members, friends, co-workers, etc. Managing contacts helps you get a better idea of who is following you online. This helps determine what you can share, with whom, and when to keep things to yourself. Let others know if you are not comfortable Be respectful of opinions and things shared online between you and friends. Yet, mention when something makes you uncomfortable or when you think something is inappropriate. This helps set boundaries for what content appears on your page. Plus, you learn what people can and cannot tolerate while respecting one another. Know when to take immediate action If someone harasses you online or makes inappropriate threats, contact the administrator of the website. You can report the person and take additional action of blocking them or removing them from your list. Keep antivirus software up-to-date Keeping your antivirus system updated ensures your web browsing is protected from potential threats that may get picked up via social networking, such as clicking links or opening messages.
  • 79. 79 Be in control of your online presence Know what information you share and who it is being shared with. Check privacy and security settings to stay on top of information shared. Make changes as needed. Use a strong password or create a sentence Use a strong password to log in your account to reduce hacking risk. The password should be at least 12 characters long with a mix of lower and upper case letters, symbols, and numbers. Consider using a short sentence you can remember and add a number and symbol to make it more secure something like: “I love dollar bills.” The password can have spaces too. Use different passwords for each account Try keeping passwords for email and social media separate to throw off cyber criminals. For your most used or most important accounts make sure your passwords are strong. Through away or delete messages when in doubt When you get a message that seems suspicious, delete it. Don’t open it or forward its contents if you don’t trust it. People often get so many ads for different stores and businesses, it can be easier to delete it and be safe. Keep tweets protected You can choose to use a protected Twitter account if you want more control of what people can view and access. Followers who are approved
  • 80. 80 to follow you have access to details you post. Search engines won’t index your tweets and cannot view them in a Google search. Consider turning off Broadcast Activity on LinkedIn Use the Broadcast Activity feature to limit what information is seen by your followers. LinkedIn has a unique way of letting others know your updates. This means people and organizations you follow will get updates you post. Limit LinkedIn updates to your followers You can post updates and changes to your status like on Facebook. People can choose to subscribe to your updates. But, you can use privacy settings to select who can receive updates you post. The public doesn’t have to get your updates but a few select connects can. Use privacy settings to keep Facebook page from being indexed Use Facebook privacy settings and look for the option “Let other search engines link to your timeline.” When turned on, people who search your name through a search engine can see your Facebook profile. Potential employers may do this. If you don’t want your profile searchable in this manner, turn this feature off. Restrict friend requests Not all friend requests are true friend requests. Some are cyber criminals with nothing else better to do than to spam or phish people. They do this randomly with accounts all the time. Restrict who can send you a friend
  • 81. 81 request by choosing options under privacy settings and selecting “Who can contact me?” Avoid mentioning other accounts There are a few social media websites allowing users to connect their social media accounts together at once. If you are working to establish a professional and personal identity, you may want to keep them separate. Linking the accounts increases security risks and you may end up sharing something you don’t want to appear on another site. An example connect is Twitter with LinkedIn. Use settings to cut reviews for Facebook tags Use Facebook settings titled “Timeline and Tagging” section to set limits on what can be shared using your name. This is handy if friends have pictures that include you, but you may not want them shared with others. When the picture is uploaded and tagged with your name, you learn about it first. You can require an approval before it gets published. Make Facebook groups restricted Create groups on Facebook to control who sees what. You can block someone you want to keep as a friend from viewing certain posts. To do this, add the friend to the “Restricted” list when clicking on the Facebook sidebar. The posts would be marked “public,” but they are only seen by friends added to this list. Isn’t it great to have more control over who sees your social media posts? Your online security is greatly increased thanks to a few easy steps taken to control your identity when online.
  • 82. 82 Chapter-7 Banking Tips With so many people going online to manage their money, however, threats have arisen. Hackers, malware and fraudsters abound, ready and eager to steal online-banking passwords and the money they protect. But you don't have to resign yourself to a world of unsafe banking. Here are some online-banking security tips you can practice before signing in to your account. Each will help ensure a safe online-banking experience. Here are some useful tips for Banking: Use a script blocker on your browser:- 1. There is a small but vocal subset of users that disable Script. We should do this because of a perceived security benefit. There have been a few known vulnerabilities that can be exploited with scripting like XSS. 2. Disabling it will also prevents malicious ads from infecting our system 3. Lastly, disabling JavaScript will take up less CPU and RAM on your computer, which is to be expected. If you run something super basic, it’ll take up fewer resources. But if your computer is so old that it can’t handle modern websites, it may be time to upgrade it—as the web improves, it needs more resources to do what it does, just like any other program on your computer. You can use NoScript Security Suite for Mozilla. Script Block for Chrome.
  • 83. 83 Use a virtual keyboard with key randomizer:- Online Virtual Keyboard is the best Security implementation to make Sensitive data safe from “spyware” and “Trojan program”. While entering sensitive data (Username and Password) for Internet Banking, Security features recommend me to use Virtual Keyboard to protect my password. Virtual Keyboard is an online application to enter password with the help of a mouse which helps us to remain safe against key logger. Example of online Virtual keyboard:- Benefits of online Virtual Keyboard  Online Virtual Keyboard is designed to protect your password from malicious “Spyware” and “Trojan Programs”.  Use of online virtual keyboard will reduce the risk of password theft using Key loggers and Keyboard action Monitoring.  It will auto encrypt your Password entered through Online Virtual Keyboard.  Easy to Implement as Login Security. To use Online virtual Keyboard is the Best practice in websites where is to Protect sensitive data from hackers, crackers and malicious programs. Most of banks who offer online banking facility, offers Virtual keyboard to type in your password to login. Also for bloggers and freelancers who are using PayPal as their primary account to send and receive funds, should
  • 84. 84 start using onscreen keyboard feature of your windows system to type passwords. Onscreen Keyboard You can type “OSK” command in Run windows and it will pop up on screen keyboard which works as a full fledge keyboard: Never save sessions of banking sites on your browser:- 1. It is good practice to always log out of your online banking session when you have finished your business. This will decrease the chances of falling to session hijacking and cross- site scripting exploits. 2. You may also want to set up the extra precaution of private browsing on your computer or smart phone, and set your browser to clear its cache at the end of each session. 3. Always remember to clear cookies and cache data from browser before closing the browser. 4. Clear your browsing data and history. Never tick on “remember me” on banking websites:- Don’t stay logged in to your favourite online services all the time. We know how convenient it is to login to Facebook in the morning, or at the beginning of the week, and to tick the “Keep me logged in” box. you login once and then you don’t have to keep logging back in all the time. It’s even more easy to stay logged in via mobile apps, because typing a suitably long and secure password is harder. Indeed, many mobile apps quietly and automatically remember your password even between reboots so the app can log you back in automatically every time you restart it .The thing is, all this logged-in- forever convenience comes at the cost of reduced security.
  • 85. 85 Never log in banking portals on public PCs like a cyber cafe or a public Wi-Fi:- If you want to be safe then don’t login to your banking or any other sites while using public Wi-Fi or in an open network because an attacker may use man in the middle attack (MITM) to get your session Id or username and password. As there are many apps which can hijack and sniff on network and also capture packets transferring through your connection. Choose an account with two factor authentication:- Two-Factor authentication provides an additional security layer and makes it harder for an attacker to gain access to a person account because knowing victim password is not enough for taking over full account. Here are some types of 2F authentication: Something the user knows, such as a password, PIN or shared secret. Something the user has, such as an ID card, security token or a smartphone. Biometrics something the user is. These may be personal attributes mapped from physical characteristics, such as fingerprints, face and voice.
  • 86. 86 Systems with more demanding requirements for security may use location and time as fourth and fifth factors. For example, users may be required to authenticate from specific locations, or during specific time windows. Like google smart lock. Create a strong password:- A strong password has 12 characters of length which also includes number, characters, symbols, Capital letters, and a Lower case letters and it shouldn’t be your first name or your DOB. Some examples of strong passwords are:- 1Ki77y,.Susan53,&m3llycat Secure your computer and keep it up-to-date:- Always remember to keep a password on your computer and also update it regularly so that any new vulnerabilities found can be patched with that update. Tips for securing your computer: 1. Use an anti-virus. 2. Remember to update virus protection.
  • 87. 87 3. Keep a password on your computer. 4. Lock your private files and folders. 5. Update your computer regularly.  Avoid clicking through emails Avoid clicking to unsuspicious emails Phishing Phishing is the term for sending emails (considered the bait) with a link to a fake website. Once on the site, the user is tricked into giving sensitive information. For example, the link takes you to a fake site that looks like your bank, and you try to log in with your username and password. The bad guy has now captured your login info. And if he’s clever then it would redirect you to the real site afterward. You’d probably be none the wiser. Malware or “virus” downloads The link may take you to a website that infects your computer with malware like ransomware or a keylogger (a “virus” that captures everything you type into your computer like passwords and credit card numbers). Or it might even download the virus directly without going to a web page. Malicious web pages are the most common way that I see computers get infected in my day job. Why It’s Hard To Tell the Real from the Fake Most of the emails you get will be fine. The trouble is, do you know which is which? Some bogus emails are obviously fake to most people, full of misspellings and shady suggestions. But some of them look very professional. Take these for instance. They’re both fake. Would you be able to tell the difference?
  • 89. 89 Phishing Example 2 These would fool most people. But besides looking legitimate, there are other ways to fool us.
  • 90. 90 Hacked email account If a spammer hacks an email account, he can send out an email blast to all the contacts stored in the account. This is dangerous because you may get a phishing email that’s actually sent from the real account of someone you know. Unless the email seems out of the ordinary, you’ll have no way of knowing. Email address spoofing Spoofing is essentially “faking”. It’s possible to spoof the sender’s address so it looks like it’s coming from someone you know, when in reality it’s coming from the bad guy’s email account. It can be very hard or impossible to tell if an email address is spoofed. It requires digging through the email header which is, itself, prone to tampering. Forwarding a phishing email Sometimes people are just naive and forward an email to you that has a malicious link in it. They might not realize it’s there, and have possibly become a victim themselves. I see it happen. Which Email Links Can I Click? Well, if you don’t click any of them you won’t have a problem. But that’s not realistic. Very few people will ever take that advice. The good news is you don’t have to. I suggest treating links like attachments. Only click it if you’re expecting it. Examples of when to click You just ordered something from Amazon. Feel free to click the shipment tracking link in the email they send you. Just make sure it’s exactly what you’re expecting. If you get a tracking link that you weren’t expecting, or for a product you don’t recognize, delete the email right away. You just signed up for an account on a website. If they send you a link to confirm your email address, it’s okay to click it. But again, make sure it’s exactly what you’re expecting and you specifically remember requesting it.
  • 91. 91 Examples of when NOT to click You get an unexpected email from your bank. Maybe it says that you need to log in and take care of something important. Don’t click the link they give you. If you didn’t know it was coming, there’s no guarantee it’s a legitimate email. Your friend sends you a link that you weren’t expecting. Don’t click it. Remember, the sender’s address can be spoofed or their account hacked. Yeah, I know, this is all awfully annoying, so is there anything else we can do? What To Do Instead of Clicking Links In the case of your bank or other institution, just go to the website yourself and log in. Type in the address manually in the browser or click your bookmark. That way you can see if there’s something that needs taken care of without the risk of ending up on a phishing site. In the case of your friend’s email, chances are that they copied/pasted the link into the message. That means you can see the full address. You can just copy/paste the address into the browser yourself without clicking anything. Of course, before doing that make sure you recognize the website and that it’s not misspelled. Make sure it looks like this: http://www.youtube.com/adgasLKUkjFJos&odgs and not like this: http://www.yuutube.com/adgasLKUkjFJos&odgs Other Things To Consider It’s up to you how far you want to take this. For instance, I’ve made a rule never to click links in emails notifying me that my paycheck has been deposited. Yes that really happens, and I get one every week, but automated recurring emails can be dangerous. They’re commonly faked because the bad guys know we’re expecting them.
  • 92. 92 The bottom line is that unless you explicitly know and trust it, avoid it. That’s all there is to it. Make this a habit and you can avoid one of the biggest mistakes in internet safety. Monitor your accounts regularly:- Learn How Banks Track Suspicious Activity We trust our banks to keep a watchful eye out for suspicious activity. That involves trust. It’s either that or we can choose to tuck all our money away in a sock beneath our bed— hopefully safely. But taking that route, for the vast majority of Americans, isn’t an option. Banks do tend protect the nation’s assets with vigilance, and they put a great deal of effort into preventing and catching suspicious banking behaviour that can indicate identity theft on a person’s account. The following behaviours are signs that could raise the red flag for banks:  Suspicious, frequent transactions. Banks keep a close eye out for transactions that are made in frequent, short periods of time, especially if there are large deposits and withdrawals made in cash or by check. Banks can rationalize the transactions by customers’ occupations and patterns of conducting business.  Numerous transactions that are made in different branches on the same day—for the same account. If these transactions are below an established bank threshold, it could mean the transactions were made to go undetected.  Activities that deviate from a person’s normal banking habits. Your bank likely has a policy in place to contact you if they detect any suspicious activity on your account. They may even choose to freeze or cancel your debit or credit card as a result. If you become a victim of identity theft or
  • 93. 93 fraud, there are steps that you can take to “right” the wrong and get back on the path of recovery. It’s not the bank’s responsibility to monitor each transaction to determine if it’s an instance of identity theft. You are the only one who can truly track each purchase and deposit to confirm it’s authorized – and if it’s not, it could be a sign of identity theft. As a consumer, it’s up to you to regularly check your bank statements & monitor your credit card reports for signs of identity theft. Furthermore, early detection of suspicious activity may help you to recover more quickly if there’s an indication of fraud on your credit report. Change your internet banking password at periodical intervals:- The Theory of Regular Password Changes Regular password changes are theoretically a good idea because they ensure someone can’t acquire your password and use it to snoop on you over an extended period of time. For example, if someone acquired your email password, they could log into your email account regularly and monitor your communications. If someone acquired your online banking password, they could snoop on your transactions or come back in several months and attempt to transfer money to their own accounts. If someone acquired your Facebook password, they could log in as you and monitor your private communications. Theoretically, changing your passwords regularly — perhaps every few months — will help prevent this from happening. Even if someone did acquire your password, they’d only have a few months to use their access for nefarious purposes. Save and check all receipts against your statement:- Every time you make a transaction at the bank or ATM, you’ll receive a receipt. Be sure to save your receipts and write the information in your transaction register. That’s a small notepad you’ll receive when you open your account. Add your deposits, subtract your withdrawals, and keep
  • 94. 94 track of your current balance — the exact amount you have in your account right now. Keeping track will help you avoid spending more than you have in your account. That’s called an overdraft — and the fees and penalties can be expensive! At the end of the month, the bank will send you a statement. It lists your balance at the beginning and end of the statement month, and all of the transactions that the bank has processed during the statement month. Every month, review your statement along with your register and your receipts to make sure that your records and the bank’s records agree. And if your bank offers online banking, you won’t have to wait for your statement to review your account activity. Online banking gives you access to review your accounts any time. The keys to account management: Save your transaction receipts. Record every transaction in your register Avoid spending more than you have. Review your statement every month. Make sure your records and the bank’s records agree.