going out onto the internet - cybersec 101

1 |

This document is a reference and preparation sheet for the trainer, and a companion to the lesson plan. The Learning Objectives summarize the knowledge that learners should have gained by the time they reach the end of the module. The Background and Detail for Trainer provides greater details on the content, and links to references. It will allow trainers to learn more about the topic so they can lead discussions or answer questions confidently without being limited to the classroom content. Each item in the Background supports a section in the Lesson Script.

Learning objectives

> Understanding of the risks of browsing

> Knowledge of what to look for in the browser

> Abilitytoconfigurebrowsersettings

Trainer resource

Going out onto the Internet

2 |

Background and Detail for Trainer

1 The risks in the browser

1.1 In Brief

Advertising,tracking,drive-bydownloads,man-in-the-middleattacks,typo-squattingandphishingallpresentdifferenttypesofdangerstobewaryofonline.

1.2 In Detail

TherearemanyformsofthreatontheInternet.Beingawareofcommonformscanhelpyoutoavoidsomedangersand—moreimportantly—takeactionafterencounteringathreattominimizetheharmcaused.

• Advertising

– Intermediariesandlargepublishers(suchasFacebookorGoogle),whichwewillcallplatforms,gatherandanalyzeaconsiderableamountofdataatveryhighspeed,makingitpossibletocustomizeadvertising.

– Advertiserscanbuyadvertisinginauctionswiththecostdependingon,thesimilarityofthewebpageandtheadvertisement,yourlocation,yourbrowsinghistory,orinformationyougavetotheplatformoritspartnerssuchasthroughsubscriptionquestionnaires,orinformationpostedonyoursocialnetworkingaccountposts.

– Thesenewopportunitiesgivefirmsextraincentivestoacquireandusepersonalinformationaboutconsumers,whichhasledregulatorsandconsumerstoworryoratleasttoacknowledgesomepotentialdownsidesofthesepractices.

₀ Amongthepitfallsareprivacybreachesorfraudulentuseofpersonalinformation,behaviouraltargetingandpricing.

– Asonlineadvertisinghasbecomemorepopular,criminalshavestartedtoabuseit.

₀ Malvertisingisoneofsuchactivities,whereanattackerusesadvertisingtodistributemalware.

– ➢Malvertisingcanhaveseriousconsequences,becauseanattackercanplacemalwareonpopularwebsites.Therefore,themaliciouscontentcouldreachaverylargeaudience.

– ➢Inaddition,usersmaybeunawarethattheycouldencountermaliciouscontentwhilebrowsinghighlyreputablewebsites,whichmayputthem atrisk.

• Tracking

– Third-partyonlineservicesbringtremendousvaluetotheweb:theyenablewebsitestoeasilybenefitfromadvertising,visitorcounts,integratingwithsocialnetworksandmore.

– Theyalsogiverisetoprivacyconcerns.

Trainer resourceGoing out onto the Internet

3 |

– Third-partyserviceprovidersmakeitpossibleforadvertiserstotrackyouronlinehabitsandbrowsingpatternsacrossmanywebsites,andtailoradvertisingtomatchthesepatterns.

₀ Personalizedadsareconsideredtobethefutureofwebadvertising,andalreadymakeupalargeportionoftheglobalonlineadmarket.

– ➢Thisincreasestherelevanceofadsforusersandtheirrevenuesforwebsitesthathaveadvertisingonthem.

– ➢Thiskindofadvertisinghasraisedconcernswithrespecttotheuseofthird-partiestotrackandcollectpeoples’data.

– ➢Peoplemightnotbeawareofhowtheyarebeingtrackedbetweenwebsitesor the privacy implications and terms of service of the third-party serviceprovider.

• Drive-by download attacks

– Adrive-by-downloadattackinfectsyourcomputerjustbyvisitingapage.

₀ Maliciousprogramminginthepagetakesadvantageofanyvulnerabilityinyourcomputersystem,suchasinthewebbrowseroroperatingsystemtoperformmaliciousactionsorinstallothermalware.

– Thiscanhappenwithoutyouevennoticing.

– Thesepagescouldbecontrolledbycriminalsortheymightunderminelegitimatewebpages.

– 99%ofwebpagesareokay.

• Typo-squatting

– Typo-squattingisthedeliberateregistrationofadomainnametoexploitcommontypingerrorsmadebyuserswhotypeURLsintowebbrowsers.

– Simpleandinexpensivedomainregistrationmotivatesspeculatorstoregisterdomainnamesinbulktoprofitfromadvertisementstoredirecttraffictothird-partypages,deployphishingsites,orservemalware.

– Veryfewwebsiteownersprotectthemselvesbyregisteringtheirowntypo-squattingdomains.

– Typo-squatterstargetallwebsites,notjustpopularwebsites.

– If the legitimate site is example.com:

Typo-squatting address Type

xample.com,example.com,xemple.com

Misspelled address

WARNING:Donotvisitanyofthesesites.Someareknowntocontainmalware.

example.org,example.biz,example.info,example.ca

Differentdomain(suffix)

example.cm Confusingdomainsuffix


4 |

Trainer resource

•Man-in-the-Middle(MITM)attack

– Inman-in-the-middleattacks,anattackerreadsoraltersInternetcommunicationsbyinsertingthemselvesbetweenyouandtheintendedreceiverofyourcommunication.Possibleattacksandtheimpactofthiskindofattackinclude:

₀ Sniffing

– Sniffing,oreavesdropping,istheactofreadingtrafficand collectinginformation.

– Mostly,sniffingisusedtostealcredentialsthataresentinplainttext; withoutencryption.

₀ Malware

– Malwarecanbeinstalledinmanyways,suchasredirectingyoutoapageordirectlyexploitingavulnerability.

₀ Binarypatching

– Anattackerrewritespartofthecodeintheexecutablefiletoinstallmalwareorperformothermaliciousactions.

₀ Cookie inserting/stealing

– Bystealingcookies,theattackermightbeabletocopytheuser’ssessionandthusloginasthatuser.

₀ Cache poisoning

– Acacheiswhereadevicecantemporarilystoresomedatatospeedupfuturerequests.

– Cache poisoning happens when an attacker places forged data into the cache, which might lead to a browser connecting to the wrong IP address whenvisitingasite.

₀ Fakecertificates

– Electroniccertificatesareusedtoverifytheidentityofawebpage.Ifattackercreatesafakecertificatethatistrustedbyyourcomputer,theattackercanpretendtobeanysiteandlisteninonencryptedconnections.

₀ Sessionhijacking

– Some protocols work with sessions, which is like a formal conversation where theparticipantsandtimearedefined.Anattackercanhijackthesessionandpretendtobeoneoftheparticipants.

₀ Downgrade attacks

– Thisiswheretheattackerinterferesinthecommunicationtorestricttheuseofnewer(andsafer)protocolsorcapabilities.


5 |

Trainer resource

• Phishing

– Yourpersonalinformationcanbeveryvaluabletothieves.

₀ Inparticular,usernames,passwords,bankandcreditcarddetailscan benefitcriminals.

– Becauseofthis,criminalsputgreateffortintotrickingpeopleintogivingawaytheirvaluableinformation.

– Generallytheseeffortsarereferredtoasphishing;asinphonefishingorfishingforpersonalinformation.

– Phishingemailsoftenappeartobefromanorganizationwithwhichyouwouldhavestoredsomevaluableinformation.

₀ Theseemailswilloftencontainalinktakingyoutoapagewhereyoucanlog-inorentervaluableinformationonthepretextofcheckingsomethingorupdatingsomething.

– Viewlinksinemailtopagesaskingforpersonalinformationorforyourtosignintoanaccountwithextremesuspicion.

– Avoidclickingonanylinkinanemailfromabank(orMicrosoft,Apple,PayPal…).

₀ Ifyoureceiveanemailandwanttocheckwhetherthereisarealissuewithyouraccount,gotothewebsiteintheusualwayorcallthecompany.

₀ Donotclickontheemaillink,anddonotcopytheincludedURLintoyourbrowser.

1.3 In Practice

DObeawareofdifferenttypesofthreatsoyoucanspotpotentialdangerstoyourinformationoryoursystem.

2 What to look for

2.1 In Brief

Browserscontaintoolstohelpyounavigatethewebsafely.Usethemconsciouslyincombinationwithcriticalthinkingforasaferwebexperience.

2.2 In Detail

•Whenbrowsing,remember:

– Trusttheicons/cuesthatarepartofthebrowseritself—NOTtheoneswithinthecontentofthepage.


6 |

Trainer resource

₀ AlockiconintheURLlineplus“https”meansthatcommunicationwiththewebsiteisencrypted.Itwouldbeverydifficultforanyonetoeavesdroponyourdataasittravelsfromyourcomputertothewebsite.Itdoesnot, however, mean thatthewebsiteitselfislegitimate.Fakewebsitescouldalsohavealockicon.Yourdatawouldbesafeastheytravel,butthenwouldendupatamaliciouswebsiteattheendpoint.

₀ AGreenextendedvalidation(EV)certificatebox/greentextmeansthatthewebsitehasgonethroughsomeextravalidationprocesstoconfirmthatitislegitimate.It’snotaguarantee,butit’sagoodcue.

₀ Combined,thelockandthegreenEVboxgivesomeassurancethatyouarevisitingalegitimatesiteandthatyourdataaresecureastheytraveltothesite.

– Allthecontentofawebpagecanbefaked.

₀ Attackerscanmakeexactcopiesoflegitimatewebsitessothatthefakeoneslook“professional.”Theyalsomakethemselveslooktrustworthybyaddingfake“seals.”

– Donotrelyonlyonthewebpagecontenttodeterminelegitimacy.Usethebrowsercues.

– TypeinURLsyourselfforknownwebsitesratherthantrustinglinks.

– Lookforthebrowsercuesbeforeenteringpersonalorfinancialdetailslikeyourcreditcardnumberorpassword.

₀ Ifthebrowserwarnsyouagainstvisitingapage…takeitseriously.Double-checktheURL,makesureyouhavetherightlocation.

• Identifyingthesecurityfeaturesofyourbrowser – InternetExplorer

₀ Thephishingfiltercanhelpprotectyoufromphishingattacks,onlinefraudandfakewebsites.

> Internet Explorer address bar with phishing warning


7 |

Trainer resource

₀ Protectedmodecanhelpprotectyourcomputerfromwebsitesthattrytoinstallmalicioussoftwareortosavefilesonyourcomputerwithoutyourconsent.

> ➢Protected Mode status indicator

– ProtectedModestatusindicator

₀ Highersecuritylevelscanhelpprotectyoufromhackersand webattacks.

₀ Thesecuritystatusbardisplaystheidentityofsecurewebsitestohelpyoumakeinformeddecisionswhenusingonlinebankingormerchants.InternetExplorernowsupportsExtendedValidation(EV)certificatestohelpmakeamorepositiveidentificationofwebsiteowners andorganizations.

> ➢Security Status Bar (right side of address bar)

– ➢InternetExplorersecuritystatusbar(rightsideofaddressbar)

₀ Whenyouvisitawebsitethatusesasecureconnection,thecolour ofthesecuritystatusbartellsyouwhetherthesecuritycertificate isvalidornot.Itdisplaysthelevelofvalidationdonebythe certifyingorganization.

₀ Thefollowingtabledescribeswhatthesecuritystatusbarcoloursmean.

Colour What it means

Red Thecertificateisout-of-date,notvalidorhasanerror.

YellowTheauthenticityofthecertificateorcertificationauthoritythatissueditcannotbeverified.Thismightindicateaproblemwiththecertificationauthority'swebsite.

White

Thecertificatehasnormalvalidation.Thismeansthatcommunicationbetweenyourbrowserandthewebsiteisencrypted.Thecertificationauthoritymakesnoassertionaboutthebusinesspracticesofthewebsite.

Green

Thecertificateusesextendedvalidation.Thismeansthatcommunicationbetweenyourbrowserandwebsiteisencrypted,andthatthecertificationauthorityhasconfirmedthewebsiteisownedoroperatedbyabusinessthatislegallyorganizedunderthejurisdictionshowninthecertificateandonthesecuritystatusbar.Thecertificationauthoritymakesnoassertionaboutthebusinesspracticesofthewebsite. 1 2

1 2

1 http://windows.microsoft.com/en-ca/windows/know-online-transaction-secure#1TC=windows-7

2 http://windows.microsoft.com/lo-la/windows-vista/internet-explorer-at-a-glance


8 |

Trainer resource

– Safari

₀ WhenyouconnecttoawebsitewithanencryptedconnectioninSafari,youwillseeagreenlockiconinthetoolbarnexttothenameofthecompanyyouhaveconnectedto(e.g.;AppleInc.).

– Ifyouclickthelockicon,youwillseeadialogboxsayingthat“Safariisusinganencryptedconnectiontowww.icloud.com.”Thistellsyoutheconnection issecure.

> ➢Connected to a legitimate site on Safari

₀ Ifyouconnecttoawebsitethatisn’tsecure,youwillseeamessagethatsays“Safarican’tverifytheidentityofthewebsite.”Ifyouseethismessage,donotproceedorattempttosignin.12

3

> ➢An unverified site on Safari1 2

3 https://support.apple.com/en-us/HT203126


9 |

Trainer resource

– Chrome

₀ OneofthemostimportantsecurityindicatorsinGoogleChromeiswhereyou enterwebaddresses;calledthe“omnibox”becauseitwilltakeeitherasearch orawebpageaddress.

> The 'omnibox' in Chrome

– Thefirstthingtonoticeisthedomainnameofthewebsite.Thedomainnameindicateswhichwebsiteisbeingdisplayedinthecurrenttab.GoogleChromehighlightsitinaslightlydarkercolour.Forexample,thedomainnameintheimageaboveis“www.google.com.”

₀ Checkthattheomniboxhashighlightedthedomainnameyouexpect.Ifthedomainnamedoesn’tmatchwhatyouexpect,thewebsitemight befake.

– The second thing to notice is the lock icon, which is displayed to the left of thewebsiteaddressand,inthecaseabove,colouredgreen.

₀ Thisspacewilldisplaythestatusoftheconnectionandthepagecertificate.Itcandisplayanyofthefollowing:

• Greenlockicon

– Thesite'scertificateisvalid,anditsidentityhasbeenverifiedbyatrustedthird-party.GoogleChromehasestablishedasecureconnectionwiththesiteyou'reviewing.

• Orangeexclamationicon

– Thesitehasnotprovidedthebrowserwithacertificate.ThisisnormalforregularHTTPsitesbecausecertificatesareusuallyprovidedonlyifthesiteusesencryption.

• Webpage icon

– Yourconnectiontothesiteisnotencrypted.Thisisnormalforregularhttpsites.

• Lockiconwithyellowwarningtriangle

– GoogleChromecanseethesite’scertificateandyourconnectiontothesiteisencryptedbutthesiteusesaweaksecuritysetuporsomethingunwantedonthepage,soyourconnectionmightnotbeprivate.

– Thesearecommonmistakesinwebsiteconfigurations.

– Seeingthisicondoesn'tguaranteethatyourconnectionissecure.Proceedwithcautionanddonotenterprivateorpersonalinformationonthispage.


10|

Trainer resource

• Redlockicon

– Thereareproblemswiththesite'scertificateormixedscripting.

– Mixedscriptingiswhenapagecontainsamixtureofencryptedandunencryptedcontent.Itcanbehardtoknowifusingthepageissafeornot.Proceedwithcaution. 4

₀ Extendedvalidation(EV)certificate(seegreenboxoverthelockiconandthewebaddressintheimagebelow).

> An Extended validation Certificate from PayPal

• TheEVcertificatehelpsthebrowserdeterminethenameoftheorganizationthatrunsthewebsite.

• Theextendedvalidationindicatorhelpsyoudetermine whichorganizationisresponsibleforthedisplayedwebpage. Forexample,theextendedvalidationindicatorfor https://www.benefitaccess.com/says“CitigroupInc.[US]. 5

2.3 In Practice

DOlookcloselyattheaddressbartoidentifysignsofsecurity.

DObecarefultomakesureyouconnecttothecorrectsite.

3 Configuringthebrowser

3.1 In Brief

Dangerouswebsitesarewrittenwiththesametoolsaslegitimatewebsites,soitisn’tpossibletoturnoffjusttheunsafetools.Learnwhatthesetoolsareandhowtomakechoicesaboutwhattoallowinyourbrowser.

3.2 In Detail

• Dangerouswebsitesarewrittenwiththesameprogrammingtoolsaslegitimatewebsites.Theyareaneasywaytostayintouchwithfriends,familyandacquaintances.

– Therearenobadtools,justbadprogrammers.

– Itisn’tpossibletoturnoffthedangeroustoolswithoutconsequence.

– Turningtoolsoffcanaffecttheoperationofdifferentwebsitesindifferentways

4 https://support.google.com/chrome/answer/95617?hl=en

5 https://chrome.googleblog.com/2010/10/understanding-omnibox-for-better.html


11 |

Trainer resource

₀ Cookies

– Awebpagesometimesstoresinformationinyourbrowser;thesepiecesofinformationarecalledcookies.

₀ Thismightbesothatthepagecanrememberwhoyouareandyourpreferences.Often,itistomakeapagemoreconvenientforyou.

– Cookiesallowthepagetogatherverypreciseinformationabouthowyouusethatpage.

– Youcandeletecookies.Youcanalsoblockcookiesusingdifferentlevels ofaggressiveness.

₀ Blockingcookiescancausesomewebsitestonotfunctionproperlybecausetheyaredesignedassumingthatyouwillallowcookies.

– Sophisticatedtechnologiesallowcompaniestotrackyouronlineactivitieswithoutusingcookies.

₀ There is no easy and reliable manner to avoid tracking by these technologies.Thesemethodsmeanthatevenifyoublockcookiesyouarenotassuredofprivacy.

– Beawareofcookies,andthattheyarenottheonlytrackingtechnology.

₀ BlockingCookies

– GoogleChrome

₀ SelecttheChromemenuicon.

₀ Select Settings.

₀ Nearthebottomofthepage,selectShow advanced settings.

₀ In the "Privacy" section, select Content settings.

₀ Select Block sites from setting any data.

₀ Select Done. 6

₀ Youcanalsoremovecookies.7

– InternetExplorer

₀ OpenInternetExplorerbyclickingtheStart button. In the search box,typeInternet Explorer,andthen,inthelistofresults,clickInternet Explorer.

₀ Click the Tools button, point to Safety, and then click Delete browsing history.

₀ SelecttheCookiescheckbox,andthenclickDelete. 8

6 https://support.google.com/accounts/answer/61416?hl=en

7 https://support.google.com/chrome/answer/95647?hl=en

8 http://windows.microsoft.com/en-ca/windows7/how-to-manage-cookies-in-internet-explorer-9andhttp://windows.microsoft.com/en-ca/

windows-vista/block-or-allow-cookies


12 |

Trainer resource

– Safari

₀ Choose Safari > Preferences, click Privacy,thendoanyofthefollowing:

• Changewhichcookiesandwebsitedataareaccepted.Selecta“Cookiesandwebsitedata”option:

– Alwaysblock:Neverstorecookies.

– Allowfromcurrentwebsiteonly:Safariacceptscookiesandwebsitedataonlyfromthewebsiteyouarecurrentlyvisiting.Websitesoftenhaveembeddedcontentfromothersources.Safari does not allow these third-parties to store or access cookiesorotherdata.

– AllowfromwebsitesIvisit:Safariacceptscookiesandwebsitedataonlyfromwebsitesyouvisit.Safariusesyourexistingcookiestodeterminewhetheryouhavevisitedawebsitebefore.SelectingthisoptionhelpspreventwebsitesthathaveembeddedcontentinotherwebsitesyoubrowsefromstoringcookiesanddataonyourMac.

– IOS(iPhone,iPad)

₀ Settings > Safari > Block Cookiesandchooseoneofthefollowing:

₀ AlwaysBlock;

₀ AllowfromCurrentWebsitesOnly;

₀ AllowfromWebsitesIVisit;or

₀ AlwaysAllow. 9

– ➢Android

₀ OpentheChromeapp;

₀ Touchthemenu;

₀ TouchSite settings;

₀ Uncheck Cookiestopreventwebpagesfromstoringcookiesonyourmobiledevice.

₀ JavaScript

– JavaScriptprovidesadditionaltoolsfordeveloperswritingwebpages.Itcanalsoassistdevelopersofmalware.

– TurningoffJavaScriptwillmakeyourbrowsermoresecurebutitcanalsocausesomewebpagestonotfunctionproperly

9 https://support.apple.com/en-ca/HT201265


13 |

Trainer resource

₀ TurningoffJavascriptisanextrememeasure,andbestonlydonetemporarily if the risk associated with doing something is considered to beveryhigh.

– ➢GoogleChrome

₀ SelecttheChromemenuicon.

₀ Select Settings.

₀ Nearthebottomofthepage,selectShow advanced settings.

₀ In the "Privacy" section, select Content settings.

₀ Inthe“JavaScript”SectionSelect“Do not allow any site to run JavaScript.”

₀ Select Done.

– InternetExplorer

₀ Onthewebbrowsermenu,clickToolsortheToolsicon(whichlookslikeagear),andselectInternet Options.

₀ When the “Internet Options" window opens, select the Security tab.

₀ On the Securitytab,makesuretheInternetzoneisselected,andthenclick on the Custom level button.

₀ IntheSecuritySettings–InternetZonedialogbox,clickDisable for Active ScriptingintheScriptingsection.

₀ Whenthe"Warning!"windowopensandasks,"Areyousureyouwanttochangethesettingsforthiszone?"selectYes.

₀ Click OK at the bottom of the Internet Options window to close the dialogbox. 10

– Apple Safari

₀ While in Safari Click the Safari Menu >Preferences.IntheSecuritypanelunchecktheboxmarked“Enable JavaScript.”

₀ Java

– JavaisnotthesamethingasJavaScript.JavahelpstranslateJavaprogramsforyourcomputer.

₀ Thisishelpfulforprogrammersastheyonlyhavetowritetheprogramoncewithouttranslatingitfordifferenttypesofcomputers.

₀ Itisalsoveryhelpfulforpeoplewritingmalware.

– Javaisnotnecessaryformostofwhatyoudowithyourcomputer,soitshouldbedisabled.

10 ForMoreandSitespecificcontrolshttps://support.microsoft.com/en-ca/kb/3135465


14 |

Trainer resource

– YoumaynothaveJavaonyourcomputer.However,ifyoudo,turningitoffwillbeatwo-stepprocess.

₀ Step1(FindtheJavaSettingsControl)

• Windows

– LaunchtheWindows Startmenu;

– Click on Programs;

– FindtheJavaprogramlisting;

– Click Configure JavatolaunchtheJavaControlPanel.

• Windows(alternativemethodforolderversions)

– UsesearchtofindtheControlPanel;

– Press Windows logo key + W to open the Search charm to searchsettings;

OR

– DragtheMousepointertothebottom-rightcornerofthescreen, then click on the Searchicon;

– InthesearchboxenterJava Control Panel;

– ClickonJavaicontoopentheJavaControlPanel.

• Mac OS

– ClickonAppleicononupperleftofscreen;

– GotoSystem Preferences;

– ClickontheJavaicontoaccesstheJavaControlPanel. 11

₀ Step2(TurnoffJava–thesameforWindowsandMacOSs)

• In the Java Control Panel, click on the Securitytab;

• DeselectthecheckboxforEnable Java content in the browser ThiswilldisabletheJavaplug-ininthebrowser;

• Click Apply.WhentheWindowsUserAccountControl(UAC)dialogappears,allowpermissionstomakethechanges;

• Click OKintheJavaPlug-inconfirmationwindow;

• Restart the browserforchangestotakeeffect.

₀ Privacy mode

– Manybrowsersofferaprivacymodedesignedtooffersomeprivacytouserswhosharecomputers.

11 MoredetailandalternativesforAppleSafari:https://support.apple.com/en-us/HT202447


15 |

Trainer resource

₀ Thebrowserwillnotkeepthehistoryforthesession.

₀ Thisisnotperfectprivacy.Youwillnotbeanonymouswhilein thissession.

₀ Theprivacyofferedbythismodeisonlylocal,anddoeslittletomaskyouridentitytotheworld.

– Openingawindowinprivacymodeisgenerallydonebyclickingthefilemenuandselectinganewprivatewindow.

Thisiscalledsomethingdifferentineachbrowser,andtherearevariationsonhowtoopenawindow.TheShortcutkeystoopenanewwindowortabarequiteconsistent.Onwindowspressthe‘Ctrl’Key,onanAppleComputerusetheCommand‘⌘’keyinstead.

Browser Privacy Mode Name Shortcut Key

Safari NewPrivateWindow Ctrl(⌘ ➢)+Shift+N

Chrome NewIncognitoWindow Ctrl(⌘ ➢)+Shift+N

Firefox NewPrivateWindow Ctrl(⌘ ➢)+Shift+P

InternetExplorer InPrivateBrowsing Ctrl(➢⌘)+Shift+P

₀ Ad blockers

– Ad blockers can be added to browsers to block the advertising content in pages.

₀ Thiscanhelpsecuritybecausesomeadvertisingcanbeusedtodistributemalware.

₀ Thesearethird-partyapplications.Wedonotrecommendanyparticularapplicationbutdorecommendthatyoubuyfromofficialvendors.

₀ Examplesandinformationcanbefoundat:

• https://getadblock.com

• https://adblockplus.org12

₀ Flash

– Flashallowsinteractivecontent.Itwasdevelopedinthelate90s,andhasbeenverypopularbecauseithasmanypowerfultools.

– Newer,bettertoolshavebeendeveloped.

– Flashisusedlessandless.Ithasbeenabusedtoinstallmalware.

12 Thisisnotanendorsementofeitheroftheseproducts.Wehavenottestedtheminanyway.


16 |


₀ Chrome

• Typechrome://plugins/intoGoogleChrome’slocationbarandpressEnter.Clickthe“Disable”linkundertheAdobeFlashPlayerplug-in.

₀ InternetExplorer

• Clickthegearmenu,andselectManage add-ons. Click the Show boxandselectAll add-ons.LocateShockwave Flash ObjectunderMicrosoft Windows Third-Party Application Component, select it, and click the Disable button.

₀ Microsoft Edge

• Click the menu button in Edge and select Settings. Scroll down to the bottom of the Settings panel and click “View advanced settings.”Setthe“UseAdobeFlashPlayer”sliderto“Off.”

₀ Apple Safari

• Click the Safari Menu >Preferences.IntheSecuritypanel,clickSecurity. Then click the Plug-in Settings button.Inthenextpanel,withAdobeFlashselectedattheleft,selectBlockfromthemenuatlowerrightofthescreen(immediatelyabovetheDonebutton).Click Doneandexitthesettingsmenu. 13

3.3 In Practice

DOdisableJavaandmakeaninformedchoiceaboutCookies,JavaScript,advertisingblockingandFlash.

DOusetheprivacymodetobrowsediscreetly.

4 Putting it into practice

4.1 In Brief

Putwhatyouhavelearnedintopractice.Remembertotakecarewiththewebpageaddress,lookforsecurityindicators,andwarningmessageswhenusinganInternetbrowser.

4.2 In Detail

• Thefollowingisanexampleofnavigatingtoapageandidentifyingapotentially dangerouswebsite.

– TypingintheURL

₀ Goto“outlook.com,”typecarefullyandcheckbeforepressingEnter.

– BEWARE of “uotlook.com.” It redirects to a potentially dangerous page.

– Look for IP addressesintheURL(numbersonly)oraddressessimilartotheoneyouwantbutnotquite.

13 http://gizmodo.com/disable-flash-1688209571

17 |

– ➢Alsolook for misspelled domain namesandsubtlesubstitutionssuchas0forOorvvforw.

– Assessing the page

₀ Anumberofcluesonthispageshowthatitisdangerous.Twoareveryclearindicators(1&2).Twoarelessclear(3&4)butaddtotheassessment.

1. Thereisnolockiconorgreenintheaddressbox.Thistellsusthatthepageisnotusingasecureconnectionandthatthereisnocertificate.Weexpectthatouroutlook.compagewouldhaveboth.

2. ThedomainnameisnotaMicrosoftname.“native-adventure.com”isnotanamethatwewouldexpecttosee.Thisindicatesthatthispageisprobablyafakeusedforphishing.

3. Threateninglanguage.Itisnotnormalforalegitimatebusinesstothreatentheircustomerswithaccountdeactivation.

4. Poorgrammar.AmajorcorporationlikeMicrosoftisunlikelytopublishapagewithpoorgrammar.

₀ Someindicatorsonthispageprovidecluesthatthepageislegitimate:


3

1 2

4

1 2 3

18 |


1. Agreenlocksymbol.Thisindicatesasecureconnection.

2. Acertificatebelongingtotheorganizationyouwouldexpecttoown thiswebsite.

3. Thedomainnameisabitodd.However,thegreenboxshowingownershipprovidesreassurance.(Live.comisabrandusedtounifyanumber ofMicrosoftservicestoassistwithliving;suchasHotmail,outlook,and MSNMessenger).

₀ ➢Also,notethelackofgrammarerrorsorthreateninglanguage.

₀ Apagelikethisisaclearwarningthatthepageisdangerous.Thispageisshownwhenthebrowserhasidentifiedthepageasaproblem.PresstheBackbuttonandavoidthewebsite.

₀ Ifyouthinkyouhavemadeamistake,changeyourpasswordsimmediately.

– Iftheaccountwasforabank,checkyourstatementsandcontactyourproviderifthereisanissue.

₀ Ifyouthinkyouorsomeoneyouknowhasbeenavictimoffraud,pleasecontacttheCanadianAnti-FraudCentreat:

– 1-888-495-8501orreportonlineathttp://www.antifraudcentre.ca.

4.3 In Practice

DOtakecarewiththewebaddress,lookforsecurityindicatorsandheedwarningmessages.

19 |


Glossary of Terms

BrowserAbrowserisacomputerprogramormobileappthatisusedtofindandlookatinformationontheInternet.

CacheA cache is where a device can temporarily store some data to speedupfuturerequests.

CertificateElectroniccertificatesareusedtoverifytheidentityofawebpage

CookieA small piece of information stored on a persons browser for usebyawebsite.

Domain nameThenamegiventohelpfindacomputerontheInternet(e.g.serene-risc.ca).

Drive-by downloadAdrive-by-downloadattackinfectsyourcomputerwithmalwarejustbyvisitingapage.

EncryptionAprocessofconvertinginformationtoaformunreadabletountrustedpartiesthatstillcontainstheoriginalinformationandisabletobereadbytheintendedrecipient.

Extended validation certificate

Acertificatethatshowsthatwebsitehasgonethroughsomeextravalidationprocesstoconfirmthatitislegitimateandindicatestheownerofthepage.

IP addressAnInternetProtocol(IP)addressisasetofnumbersthatadevice(computer,printer,etc.)ontheInternetusestoidentifyitself(e.g.206.167.212.121).

Malvertising Maliciousprogramshiddeninadvertising.

Malware Softwaredesignedprimarilyforamaliciouspurpose.

Man-in-the-middle attack

Amaliciousattackagainstcommunicationsexecutedbetweenthesenderandreceiver.

Operating systemAnoperatingsystemisthemainprograminacomputersuchas windows or Apple OSX that makes it possible for other programstofunction.

PhishingEmails,callsorothercommunicationdesignedtotrickyoutogiveawaypersonalinformationorpasswords.

going out onto the internet - cybersec 101

Documents