How to be Safe on the Internet

In our last article, we went over some of the different types of Internet security threats that are out there, and some of the horrible stuff that they can do.  However, that information is by no means meant to make you afraid of the Internet; in fact, avoiding many of these types of Internet threats is actually a lot easier than you may think.  Remember that most cyber-criminals rely on automated computer programs to do their dirty work for them, and these programs can't think for themselves (at least, as far as we know).  So, as long as you know how a malicious program behaves — with the most important aspect being how it makes it onto your computer in the first place — you can safely work around it while using the Internet.

6 Internet safety tips to stay safe online

Here are some general precautions that you can take to make your Internet experience fun instead of frightful.  We'll be going into more detail with many of them in later tutorials.

1. Find and use a trusted piece or suite of antivirus software.

Most viruses and malicious programs that can't be dodged with the rest of the precautions below are relatively minor ones that can be dealt with by antivirus software.  This is a program or set of programs that you can install on your computer to detect and outright block many viruses and other malicious programs that try to enter your computer from the Internet.  Many of these programs also have measures for isolating viruses that do happen to make it onto your computer so that they can't do damage, and then you can either delete them or find a way to fix the infected file(s) from there.

NOTE: This is an absolute must-know tip for Windows users, since most viruses are designed to attack Windows-capable computers.  However, it's also good to know for Apple users, since there are some viruses that can attack Apple computers as well.

2. Use your passwords wisely.

Many of your accounts on the Internet (and some programs or systems on your computer) require a password — and perhaps other user credentials — in order to access them.  Passwords are an essential line of defense against identity thieves on the Internet, so it's important to know how to use them properly.  Create passwords that are easy for you to remember, but would be difficult for others to guess, and try not to use the same password for every account.  Change your passwords periodically (say, every 3 to 6 months), and reset them if you think someone is using one of your accounts who shouldn't be.  Write down your passwords so that you'll remember them, but put them in a place where only you can get at them.  Or, consider using a password manager program to help keep your different passwords in order.

We'll have an entire course on how to use passwords effectively in the future, so stay tuned!

3. If a website or email looks fishy, delete it or otherwise get away from it.

We explained that certain types of Internet dangers — such as Trojan horses or phishing scams — are designed to trick victims into doing something dangerous that they otherwise wouldn't.  However, many of them aren't all that clever or convincing, if you look closely at them.  There are often dead giveaways that you can look for to know that you're dealing with a phony website or email, such as advertising that seems too good to be true, numerous spelling and grammar mistakes, weird-looking or misspelt email sender addresses or web addresses, or direct requests over email for personal information or money (most legitimate businesses will never do this).

If you run into a website like this, get out of it as soon as you can, and don't click any links on it.  Similarly, if you get an email like this, delete it as soon as you can; don't click any links in it, and definitely don't open any attachments on it.

4. Control how much personal information you put on the Internet.

Cyber-criminals can't steal your identity or financial information over the Internet if you don't put it there for them to find in the first place.  Doubtless, though, there will be some websites where you are required to input personal information, such as if you are buying or selling things.  Use the guidelines in tip #3 to only give your personal information to websites that can be trusted to keep it secure.

Things get a little bit murkier when it comes to social networks and websites.  You want to express yourself and let other people get to know you, but putting information onto a place like Facebook or Twitter makes it easy to find and/or spread.  Fortunately, many of these websites have privacy features that you can use to limit who can see information that you post.  However, before you share information in the first place, it's a good idea to ask yourself if you'd be willing to let a total stranger — or at least a friend of a friend — see it and share it.

5. Only make payments on trusted websites.

Following tips #3 and #4, if you're going to use trusted e-commerce websites to buy goods and services, make sure to pay for your stuff through the specific website that you're using at the time, if you can.  This ensures that a trusted website has a record of your transaction, and can help you out if something goes wrong. 

Some third-party sellers attempt to have customers make payments for items outside of the websites that they sell them on.  Not only do many e-commerce websites disallow this (because it cheats them out of commission fees), but even if a site does allow it, you probably shouldn't go for it.  It's a very easy way to get scammed, since nobody with the proper authority will have a paper trail to help you track down and punish the scammer.

6. Log out of websites and other Internet-based programs when you're done using them.

This is a really important precaution if you use public computers, but it's not a bad idea in general.  If you're using a website where you have to log into a user account, be sure to log out of your account once you're finished using the website.  Also, disable any features of that website that allow you to stay logged in if you close your web browser or don't do anything while logged in for a little while.  Forgetting that you're logged into a website or Internet-based program could mean that a stranger could sit down at the computer you were using, and find that they're able to access your account without even cracking your user name or password.  That's a very easy way to have your confidential information stolen.

 

Again, we'll be going over many of these precautions in greater depth in our upcoming tutorials and courses.  In fact, our next set of tutorials in this course deal with our very first precaution: antivirus software!


Dangers of the Internet

Like crimes in real life, dangers that threaten your Internet security come in several different forms.  Some have rather immediate and apparent consequences, while others work more subtly, without you catching on until it's too late.  We'll be going into detail about specific types of Internet dangers in later courses and tutorials, but for now, we'll outline some of the general Internet security threats that you should be aware of.

Viruses

These are some of the most common Internet dangers, and have been around even before the Internet became available to the public.  They usually come from downloading the files they're attached to, but some can come from simply visiting the wrong website.  They all copy themselves when they work; what they do beyond that varies.  They may simply copy themselves to slow a computer down or take up memory space, or they may include other code that instructs them to replace or otherwise erase other data on a computer.  Some viruses may even create openings in a computer's security system so that other viruses (or people) can get in and steal or destroy information.

There are three common types of virus-like programs: your basic computer virus, a Trojan horse, or a computer worm.

  • A basic computer virus usually hides itself inside another program, perhaps one that someone uses every day.  When the other program runs, the virus runs as well, copying itself to other programs, and then copying itself again when those programs are run.  This slows down a person's computer, and may cause other damage.

  • A Trojan horse is an advanced type of computer virus that hides itself inside another computer program that is advertised to a person as normal or useful for helping their computer work.  This tricks the person into installing it and/or running it, which releases the virus inside.  The virus then proceeds to copy itself, and perhaps cause damage.  A common version hides inside fake anti-virus software that is advertised to a person when they supposedly have a virus on their computer, when in reality they do not (this is often known as "scareware").

  • A computer worm is a type of computer virus that isn't hidden inside another computer program and, as such, does not require a program to run in order to copy itself.  Instead, part of its own code causes it to actively seek out ways to copy itself over available computer networks.  Again, like a basic computer virus, a computer worm may simply copy itself and slow networks down, or it may also perform other destructive acts.  Computer worms are among some of the most dangerous computer viruses because they can act somewhat independently (when compared to basic computer viruses and Trojan horses), but they are relatively rare.

Adware and Spyware

Some bad computer programs don't copy themselves and cause damage like viruses do.  Instead, they collect information about what you do on your computer, often without your consent or knowledge.  Some simply monitor the different websites you visit, and use those to display specific advertisements to you in your web browser, based on what they think you like.  These programs are known as adware, and most of them are relatively harmless (besides being a little privacy-invasive and irritating).  However, there are some that perform this function excessively in an attempt to slow down your computer, often by repeatedly opening pop-up windows.

Some very extreme forms of adware perform illegal surveillance, tracking things like passwords or personal and/or financial details when you type them into web pages or other computer programs.  They often do so, and then transmit what they find to their creator, without your consent or knowledge.  These kinds of programs are commonly referred to as spyware.

Spam and Phishing

As we pointed out in our Advantages and Disadvantages of the Internet article, these threats are an unfortunate consequence of how easy it is to put information — or misinformation — on the Internet.  As a result, they usually occur in email clients or on Internet message boards, or on websites where comments are allowed.  They may occur on certain other websites, though.

  • Spam refers to the practice of placing (fake) advertisements, fake warnings about new computer threats, or other trivial or useless information within emails or Internet comments.  These emails or messages are then distributed or published en masse.  The idea behind it — if not simply an irritating strategy to direct more people to a certain person's website — is to disrupt a conversation or fill up a person's email inbox, thereby slowing the conversation or email service (and Internet connection) down.  Many modern websites and email clients have measures to counteract this type of threat, but it is still seen in some places on some occasions. 

    See our How to Stop Spam Email tutorial for more information.

  • Phishing is a more dangerous (and, often, more targeted) type of spam where a person intentionally misrepresents their information in an email or chat room.  Often, the information they provide looks like it comes from a legitimate source, such as a bank, retail store, or a popular brand or website (or an employee of one of these).  The impersonator will then often tell their victim something like they've won a prize or there's a problem with one of their accounts.  The impersonator will then say that, in order to claim the prize or fix the problem, the person has to provide confidential personal or financial information, or click a link to go to a certain website. 

    The goal of phishing is to get the victim to give out information that can be used to steal their identity and/or money.  If the victim is told to visit a website, that website will often forcefully download spyware onto the victim's computer, which will then steal the victim's personal or financial information (or otherwise download a general virus to wreck the victim's computer).

    See our Phishing Scams and Advance-Fee Fraud tutorials for more information.

Hacking and other dangers

There are other nasty tricks that cyber-criminals will use to wreck people's computers, steal their information, or just otherwise annoy them.  Here are some examples:

  • Mousetrapping refers to an attempt to make it impossible for a person to leave a website.  This may be accomplished through an extreme form of adware that continuously re-opens advertisements — or copies of the website itself — in new pop-up windows.  It may also take advantage of tricks or other security flaws in a web browser to disable the browser's functions, especially ones that deal with navigating to different web pages or closing the browser.

  • Browser hijacking refers to when a cyber-criminal takes advantage of tricks or security flaws in a web browser (or perhaps uses a type of spyware) to forcefully switch a person's home page to a certain website, and prevent it from being changed.  This artificially increases the number of visitors to that website, which may be useful for advertising purposes.  It's also annoying for the victim, and it may also result in viruses or more spyware being forcefully downloaded to their computer.

  • Clickjacking is a technique that often goes hand-in-hand with phishing.  It involves displaying a website or email to the victim that appears to be legitimate, and includes what appears to be a hyperlink to a legitimate web page.  Meanwhile, there is an invisible hyperlink placed on top of the fake hyperlink, and clicking it takes the victim to a malicious web page, usually to forcefully download a virus or spyware.  A way to avoid this is to have a look in one of the bottom corners of a browser; usually, when you move your mouse cursor over a hyperlink, it will display in one of these places.  That way, you can see where you're really being taken.

  • Hacking (or cracking) is when cyber-criminals take matters into their own hands, personally disabling computer security systems by exploiting their weaknesses.  However, this is usually a tedious process that is reserved for specific targets and specific purposes, such as substantial personal gain or to make a significant political statement.  It rarely happens to average people.

 

Well, now that you know about some of the different ways that people can be attacked over the Internet, let's discuss some easy ways that you can keep yourself from falling prey to a cyber-attack.


What is Internet Safety?

How safe is the Internet?

As we discussed in our Introduction to the Internet course — and in particular, our Advantages and Disadvantages of the Internet article — the Internet is a wonderful technological innovation that has made many things that we do easier and more convenient than ever.  It has also allowed us to do some things that we had never thought of before, or thought were outright impossible.  However, as useful as the Internet is, the sad truth is that not everyone uses it with noble intentions.

As more of our daily activities become easier due to the speed and scope of the Internet, so too do crime and other immoral activities become easier as an unfortunate consequence.  Some people spread misinformation on the Internet, hoping to embarrass people or lure them into traps.  Other people actively try to get around Internet security systems and steal private information.  And still others create programs to deliberately mess up people's computers and email clients, just for the fun of ruining someone else's day.

This is why it's important for people to take safety precautions when using the Internet in order to keep their information secure and well-being intact.  These precautions include using anti-virus software, coming up with strong passwords for your Internet accounts, and knowing when (and when not) to give out personal information over the Internet.  Again, it's not that the Internet is a dangerous place; it generally isn't.  But there are certain troublemakers who use the Internet's capabilities to take advantage of others, and it's important to know how to protect yourself so that you don't end up as one of their victims.

Why is Internet safety important?

The unfortunate reality is that there are many people who have bad things happen to them over the Internet because they don't take online safety seriously enough.  There are three major reasons why people think that they're safer than they are on the Internet.  We'll explain each of these mindsets, and highlight their underlying flaws.

Misconception #1 — Cyber attacks aren't very harmful

Some people tend to think that the things they do on the Internet have few, if any, real-world consequences.  At the very least, nobody can physically reach through a computer monitor from the Internet and assault them.

Why it's wrong: With how deeply digital technology is interwoven into everyday life now, there are many instances where online activity can have a big impact on your real-world functionality.  For instance, what if someone got a hold of your banking or I.D., and pretended to be you while on the Internet?  They could buy things for themselves using your money, and put you into serious debt.  Or, they could do something embarrassing or illegal that, if seen by certain people, could get you fired from your job or arrested.  And online bullying and harassment can be as psychologically damaging as when it's done in real life (or perhaps even more so), given how many platforms a victim can be attacked on (email, social media accounts, personal websites, online chat rooms or boards, etc.) and how many other people could potentially join the attack.

Misconception #2 — Other people will keep me safe on the Internet

This is a common assumption among people who don't understand how Internet safety works, or why it's important.  They assume that their computer, other people's websites, or even the entire Internet or World Wide Web are designed to keep them safe and secure while using the Internet.

Why it's wrong:  While it's true that many computers and websites have built-in safety features to protect your information, the reality is that they only go so far in keeping you safe.  There are numerous points on the Internet that are NOT covered by the security measures of a website or your computer. These places are where cyber-criminals are counting on people to get careless and either give out personal information or download a malicious program.

Misconception #3 — I'm not important enough to be a target

Many people think that cyber attacks won't happen to them because they don't have anything important enough to destroy or steal.  They think that cyber-criminals will only go after corporations, celebrities, or politicians and governments, since they have the most money or the most important information.

Why it's wrong: Just like pickpockets and other petty thieves in real life, there are some cyber-criminals who avoid high-profile targets in favour of multiple ones that are less well-guarded.  In fact, the Internet's ability to quickly spread information (or misinformation) over a wide area may make this a more attractive option.  Think of it this way: it is much easier for a cyber-criminal to use the Internet's speed and reach to steal $20 from 50,000 people who don't think they're important enough to steal from than to try to steal $1,000,000 from a person or company that has strong security measures in place because they know that they will likely be a target for theft.

 

To reiterate, we're not pointing these bad assumptions out to frighten you or slap you on the wrist if you have them.  We're simply trying to explain that these assumptions get made because people aren't aware of the precautions that they can take to keep themselves safe while using the Internet.  Once you start taking some of these precautions, you'll be able to replace these kinds of assumptions with the knowledge that you're actively working to prevent yourself from becoming the victim of a cyber attack.  And that will let you use the Internet with confidence!