going out onto the internet - cybersec 101...• identifying the security features of your browser...

1 |

This document is a reference and preparation sheet for the trainer, and a companion to the lesson plan. The Learning Objectives summarize the knowledge that learners should have gained by the time they reach the end of the module. The Background and Detail for Trainer provides greater details on the content, and links to references. It will allow trainers to learn more about the topic so they can lead discussions or answer questions confidently without being limited to the classroom content. Each item in the Background supports a section in the Lesson Script.

Learning objectives

> Understanding of the risks of browsing

> Knowledge of what to look for in the browser

> Abilitytoconfigurebrowsersettings

Trainer resource

Going out onto the Internet

2 |

Background and Detail for Trainer

1 The risks in the browser

1.1 In Brief

Advertising,tracking,drive-bydownloads,man-in-the-middleattacks,typo-squattingandphishingallpresentdifferenttypesofdangerstobewaryofonline.

1.2 In Detail

TherearemanyformsofthreatontheInternet.Beingawareofcommonformscanhelpyoutoavoidsomedangersand—moreimportantly—takeactionafterencounteringathreattominimizetheharmcaused.

• Advertising

– Intermediariesandlargepublishers(suchasFacebookorGoogle),whichwewillcallplatforms,gatherandanalyzeaconsiderableamountofdataatveryhighspeed,makingitpossibletocustomizeadvertising.

– Advertiserscanbuyadvertisinginauctionswiththecostdependingon,thesimilarityofthewebpageandtheadvertisement,yourlocation,yourbrowsinghistory,orinformationyougavetotheplatformoritspartnerssuchasthroughsubscriptionquestionnaires,orinformationpostedonyoursocialnetworkingaccountposts.

– Thesenewopportunitiesgivefirmsextraincentivestoacquireandusepersonalinformationaboutconsumers,whichhasledregulatorsandconsumerstoworryoratleasttoacknowledgesomepotentialdownsidesofthesepractices.

₀ Amongthepitfallsareprivacybreachesorfraudulentuseofpersonalinformation,behaviouraltargetingandpricing.

– Asonlineadvertisinghasbecomemorepopular,criminalshavestartedtoabuseit.

₀ Malvertisingisoneofsuchactivities,whereanattackerusesadvertisingtodistributemalware.

– ➢Malvertisingcanhaveseriousconsequences,becauseanattackercanplacemalwareonpopularwebsites.Therefore,themaliciouscontentcouldreachaverylargeaudience.

– ➢Inaddition,usersmaybeunawarethattheycouldencountermaliciouscontentwhilebrowsinghighlyreputablewebsites,whichmayputthem atrisk.

• Tracking

– Third-partyonlineservicesbringtremendousvaluetotheweb:theyenablewebsitestoeasilybenefitfromadvertising,visitorcounts,integratingwithsocialnetworksandmore.

– Theyalsogiverisetoprivacyconcerns.

Trainer resourceGoing out onto the Internet

3 |

– Third-partyserviceprovidersmakeitpossibleforadvertiserstotrackyouronlinehabitsandbrowsingpatternsacrossmanywebsites,andtailoradvertisingtomatchthesepatterns.

₀ Personalizedadsareconsideredtobethefutureofwebadvertising,andalreadymakeupalargeportionoftheglobalonlineadmarket.

– ➢Thisincreasestherelevanceofadsforusersandtheirrevenuesforwebsitesthathaveadvertisingonthem.

– ➢Thiskindofadvertisinghasraisedconcernswithrespecttotheuseofthird-partiestotrackandcollectpeoples’data.

– ➢Peoplemightnotbeawareofhowtheyarebeingtrackedbetweenwebsitesor the privacy implications and terms of service of the third-party serviceprovider.

• Drive-by download attacks

– Adrive-by-downloadattackinfectsyourcomputerjustbyvisitingapage.

₀ Maliciousprogramminginthepagetakesadvantageofanyvulnerabilityinyourcomputersystem,suchasinthewebbrowseroroperatingsystemtoperformmaliciousactionsorinstallothermalware.

– Thiscanhappenwithoutyouevennoticing.

– Thesepagescouldbecontrolledbycriminalsortheymightunderminelegitimatewebpages.

– 99%ofwebpagesareokay.

• Typo-squatting

– Typo-squattingisthedeliberateregistrationofadomainnametoexploitcommontypingerrorsmadebyuserswhotypeURLsintowebbrowsers.

– Simpleandinexpensivedomainregistrationmotivatesspeculatorstoregisterdomainnamesinbulktoprofitfromadvertisementstoredirecttraffictothird-partypages,deployphishingsites,orservemalware.

– Veryfewwebsiteownersprotectthemselvesbyregisteringtheirowntypo-squattingdomains.

– Typo-squatterstargetallwebsites,notjustpopularwebsites.

– If the legitimate site is example.com:

Typo-squatting address Type

xample.com,example.com,xemple.com

Misspelled address

WARNING:Donotvisitanyofthesesites.Someareknowntocontainmalware.

example.org,example.biz,example.info,example.ca

Differentdomain(suffix)

example.cm Confusingdomainsuffix


4 |

Trainer resource

•Man-in-the-Middle(MITM)attack

– Inman-in-the-middleattacks,anattackerreadsoraltersInternetcommunicationsbyinsertingthemselvesbetweenyouandtheintendedreceiverofyourcommunication.Possibleattacksandtheimpactofthiskindofattackinclude:

₀ Sniffing

– Sniffing,oreavesdropping,istheactofreadingtrafficand collectinginformation.

– Mostly,sniffingisusedtostealcredentialsthataresentinplainttext; withoutencryption.

₀ Malware

– Malwarecanbeinstalledinmanyways,suchasredirectingyoutoapageordirectlyexploitingavulnerability.

₀ Binarypatching

– Anattackerrewritespartofthecodeintheexecutablefiletoinstallmalwareorperformothermaliciousactions.

₀ Cookie inserting/stealing

– Bystealingcookies,theattackermightbeabletocopytheuser’ssessionandthusloginasthatuser.

₀ Cache poisoning

– Acacheiswhereadevicecantemporarilystoresomedatatospeedupfuturerequests.

– Cache poisoning happens when an attacker places forged data into the cache, which might lead to a browser connecting to the wrong IP address whenvisitingasite.

₀ Fakecertificates

– Electroniccertificatesareusedtoverifytheidentityofawebpage.Ifattackercreatesafakecertificatethatistrustedbyyourcomputer,theattackercanpretendtobeanysiteandlisteninonencryptedconnections.

₀ Sessionhijacking

– Some protocols work with sessions, which is like a formal conversation where theparticipantsandtimearedefined.Anattackercanhijackthesessionandpretendtobeoneoftheparticipants.

₀ Downgrade attacks

– Thisiswheretheattackerinterferesinthecommunicationtorestricttheuseofnewer(andsafer)protocolsorcapabilities.


5 |

Trainer resource

• Phishing

– Yourpersonalinformationcanbeveryvaluabletothieves.

₀ Inparticular,usernames,passwords,bankandcreditcarddetailscan benefitcriminals.

– Becauseofthis,criminalsputgreateffortintotrickingpeopleintogivingawaytheirvaluableinformation.

– Generallytheseeffortsarereferredtoasphishing;asinphonefishingorfishingforpersonalinformation.

– Phishingemailsoftenappeartobefromanorganizationwithwhichyouwouldhavestoredsomevaluableinformation.

₀ Theseemailswilloftencontainalinktakingyoutoapagewhereyoucanlog-inorentervaluableinformationonthepretextofcheckingsomethingorupdatingsomething.

– Viewlinksinemailtopagesaskingforpersonalinformationorforyourtosignintoanaccountwithextremesuspicion.

– Avoidclickingonanylinkinanemailfromabank(orMicrosoft,Apple,PayPal…).

₀ Ifyoureceiveanemailandwanttocheckwhetherthereisarealissuewithyouraccount,gotothewebsiteintheusualwayorcallthecompany.

₀ Donotclickontheemaillink,anddonotcopytheincludedURLintoyourbrowser.

1.3 In Practice

DObeawareofdifferenttypesofthreatsoyoucanspotpotentialdangerstoyourinformationoryoursystem.

2 What to look for

2.1 In Brief

Browserscontaintoolstohelpyounavigatethewebsafely.Usethemconsciouslyincombinationwithcriticalthinkingforasaferwebexperience.

2.2 In Detail

•Whenbrowsing,remember:

– Trusttheicons/cuesthatarepartofthebrowseritself—NOTtheoneswithinthecontentofthepage.


6 |

Trainer resource

₀ AlockiconintheURLlineplus“https”meansthatcommunicationwiththewebsiteisencrypted.Itwouldbeverydifficultforanyonetoeavesdroponyourdataasittravelsfromyourcomputertothewebsite.Itdoesnot, however, mean thatthewebsiteitselfislegitimate.Fakewebsitescouldalsohavealockicon.Yourdatawouldbesafeastheytravel,butthenwouldendupatamaliciouswebsiteattheendpoint.

₀ AGreenextendedvalidation(EV)certificatebox/greentextmeansthatthewebsitehasgonethroughsomeextravalidationprocesstoconfirmthatitislegitimate.It’snotaguarantee,butit’sagoodcue.

₀ Combined,thelockandthegreenEVboxgivesomeassurancethatyouarevisitingalegitimatesiteandthatyourdataaresecureastheytraveltothesite.

– Allthecontentofawebpagecanbefaked.

₀ Attackerscanmakeexactcopiesoflegitimatewebsitessothatthefakeoneslook“professional.”Theyalsomakethemselveslooktrustworthybyaddingfake“seals.”

– Donotrelyonlyonthewebpagecontenttodeterminelegitimacy.Usethebrowsercues.

– TypeinURLsyourselfforknownwebsitesratherthantrustinglinks.

– Lookforthebrowsercuesbeforeenteringpersonalorfinancialdetailslikeyourcreditcardnumberorpassword.

₀ Ifthebrowserwarnsyouagainstvisitingapage…takeitseriously.Double-checktheURL,makesureyouhavetherightlocation.

• Identifyingthesecurityfeaturesofyourbrowser – InternetExplorer

₀ Thephishingfiltercanhelpprotectyoufromphishingattacks,onlinefraudandfakewebsites.

> Internet Explorer address bar with phishing warning


7 |

Trainer resource

₀ Protectedmodecanhelpprotectyourcomputerfromwebsitesthattrytoinstallmalicioussoftwareortosavefilesonyourcomputerwithoutyourconsent.

> ➢Protected Mode status indicator

– ProtectedModestatusindicator

₀ Highersecuritylevelscanhelpprotectyoufromhackersand webattacks.

₀ Thesecuritystatusbardisplaystheidentityofsecurewebsitestohelpyoumakeinformeddecisionswhenusingonlinebankingormerchants.InternetExplorernowsupportsExtendedValidation(EV)certificatestohelpmakeamorepositiveidentificationofwebsiteowners andorganizations.

> ➢Security Status Bar (right side of address bar)

– ➢InternetExplorersecuritystatusbar(rightsideofaddressbar)

₀ Whenyouvisitawebsitethatusesasecureconnection,thecolour ofthesecuritystatusbartellsyouwhetherthesecuritycertificate isvalidornot.Itdisplaysthelevelofvalidationdonebythe certifyingorganization.

₀ Thefollowingtabledescribeswhatthesecuritystatusbarcoloursmean.

Colour What it means

Red Thecertificateisout-of-date,notvalidorhasanerror.

YellowTheauthenticityofthecertificateorcertificationauthoritythatissueditcannotbeverified.Thismightindicateaproblemwiththecertificationauthority'swebsite.

White

Thecertificatehasnormalvalidation.Thismeansthatcommunicationbetweenyourbrowserandthewebsiteisencrypted.Thecertificationauthoritymakesnoassertionaboutthebusinesspracticesofthewebsite.

Green

Thecertificateusesextendedvalidation.Thismeansthatcommunicationbetweenyourbrowserandwebsiteisencrypted,andthatthecertificationauthorityhasconfirmedthewebsiteisownedoroperatedbyabusinessthatislegallyorganizedunderthejurisdictionshowninthecertificateandonthesecuritystatusbar.Thecertificationauthoritymakesnoassertionaboutthebusinesspracticesofthewebsite. 1 2

1 2

1 http://windows.microsoft.com/en-ca/windows/know-online-transaction-secure#1TC=windows-7

2 http://windows.microsoft.com/lo-la/windows-vista/internet-explorer-at-a-glance


8 |

Trainer resource

– Safari

₀ WhenyouconnecttoawebsitewithanencryptedconnectioninSafari,youwillseeagreenlockiconinthetoolbarnexttothenameofthecompanyyouhaveconnectedto(e.g.;AppleInc.).

– Ifyouclickthelockicon,youwillseeadialogboxsayingthat“Safariisusinganencryptedconnectiontowww.icloud.com.”Thistellsyoutheconnection issecure.

> ➢Connected to a legitimate site on Safari

₀ Ifyouconnecttoawebsitethatisn’tsecure,youwillseeamessagethatsays“Safarican’tverifytheidentityofthewebsite.”Ifyouseethismessage,donotproceedorattempttosignin.12

3

> ➢An unverified site on Safari1 2

3 https://support.apple.com/en-us/HT203126


9 |

Trainer resource

– Chrome

₀ OneofthemostimportantsecurityindicatorsinGoogleChromeiswhereyou enterwebaddresses;calledthe“omnibox”becauseitwilltakeeitherasearch orawebpageaddress.

> The 'omnibox' in Chrome

– Thefirstthingtonoticeisthedomainnameofthewebsite.Thedomainnameindicateswhichwebsiteisbeingdisplayedinthecurrenttab.GoogleChromehighlightsitinaslightlydarkercolour.Forexample,thedomainnameintheimageaboveis“www.google.com.”

₀ Checkthattheomniboxhashighlightedthedomainnameyouexpect.Ifthedomainnamedoesn’tmatchwhatyouexpect,thewebsitemight befake.

– The second thing to notice is the lock icon, which is displayed to the left of thewebsiteaddressand,inthecaseabove,colouredgreen.

₀ Thisspacewilldisplaythestatusoftheconnectionandthepagecertificate.Itcandisplayanyofthefollowing:

• Greenlockicon

– Thesite'scertificateisvalid,anditsidentityhasbeenverifiedbyatrustedthird-party.GoogleChromehasestablishedasecureconnectionwiththesiteyou'reviewing.

• Orangeexclamationicon

– Thesitehasnotprovidedthebrowserwithacertificate.ThisisnormalforregularHTTPsitesbecausecertificatesareusuallyprovidedonlyifthesiteusesencryption.

• Webpage icon

– Yourconnectiontothesiteisnotencrypted.Thisisnormalforregularhttpsites.

• Lockiconwithyellowwarningtriangle

– GoogleChromecanseethesite’scertificateandyourconnectiontothesiteisencryptedbutthesiteusesaweaksecuritysetuporsomethingunwantedonthepage,soyourconnectionmightnotbeprivate.

– Thesearecommonmistakesinwebsiteconfigurations.

– Seeingthisicondoesn'tguaranteethatyourconnectionissecure.Proceedwithcautionanddonotenterprivateorpersonalinformationonthispage.


10|

Trainer resource

• Redlockicon

– Thereareproblemswiththesite'scertificateormixedscripting.

– Mixedscriptingiswhenapagecontainsamixtureofencryptedandunencryptedcontent.Itcanbehardtoknowifusingthepageissafeornot.Proceedwithcaution. 4

₀ Extendedvalidation(EV)certificate(seegreenboxoverthelockiconandthewebaddressintheimagebelow).

> An Extended validation Certificate from PayPal

• TheEVcertificatehelpsthebrowserdeterminethenameoftheorganizationthatrunsthewebsite.

• Theextendedvalidationindicatorhelpsyoudetermine whichorganizationisresponsibleforthedisplayedwebpage. Forexample,theextendedvalidationindicatorfor https://www.benefitaccess.com/says“CitigroupInc.[US]. 5

2.3 In Practice

DOlookcloselyattheaddressbartoidentifysignsofsecurity.

DObecarefultomakesureyouconnecttothecorrectsite.

3 Configuringthebrowser

3.1 In Brief

Dangerouswebsitesarewrittenwiththesametoolsaslegitimatewebsites,soitisn’tpossibletoturnoffjusttheunsafetools.Learnwhatthesetoolsareandhowtomakechoicesaboutwhattoallowinyourbrowser.

3.2 In Detail

• Dangerouswebsitesarewrittenwiththesameprogrammingtoolsaslegitimatewebsites.Theyareaneasywaytostayintouchwithfriends,familyandacquaintances.

– Therearenobadtools,justbadprogrammers.

– Itisn’tpossibletoturnoffthedangeroustoolswithoutconsequence.

– Turningtoolsoffcanaffecttheoperationofdifferentwebsitesindifferentways

4 https://support.google.com/chrome/answer/95617?hl=en

5 https://chrome.googleblog.com/2010/10/understanding-omnibox-for-better.html


11 |

Trainer resource

₀ Cookies

– Awebpagesometimesstoresinformationinyourbrowser;thesepiecesofinformationarecalledcookies.

₀ Thismightbesothatthepagecanrememberwhoyouareandyourpreferences.Often,itistomakeapagemoreconvenientforyou.

– Cookiesallowthepagetogatherverypreciseinformationabouthowyouusethatpage.

– Youcandeletecookies.Youcanalsoblockcookiesusingdifferentlevels ofaggressiveness.

₀ Blockingcookiescancausesomewebsitestonotfunctionproperlybecausetheyaredesignedassumingthatyouwillallowcookies.

– Sophisticatedtechnologiesallowcompaniestotrackyouronlineactivitieswithoutusingcookies.

₀ There is no easy and reliable manner to avoid tracking by these technologies.Thesemethodsmeanthatevenifyoublockcookiesyouarenotassuredofprivacy.

– Beawareofcookies,andthattheyarenottheonlytrackingtechnology.

₀ BlockingCookies

– GoogleChrome

₀ SelecttheChromemenuicon.

₀ Select Settings.

₀ Nearthebottomofthepage,selectShow advanced settings.

₀ In the "Privacy" section, select Content settings.

₀ Select Block sites from setting any data.

₀ Select Done. 6

₀ Youcanalsoremovecookies.7

– InternetExplorer

₀ OpenInternetExplorerbyclickingtheStart button. In the search box,typeInternet Explorer,andthen,inthelistofresults,clickInternet Explorer.

₀ Click the Tools button, point to Safety, and then click Delete browsing history.

₀ SelecttheCookiescheckbox,andthenclickDelete. 8

6 https://support.google.com/accounts/answer/61416?hl=en

7 https://support.google.com/chrome/answer/95647?hl=en

8 http://windows.microsoft.com/en-ca/windows7/how-to-manage-cookies-in-internet-explorer-9andhttp://windows.microsoft.com/en-ca/

windows-vista/block-or-allow-cookies


12 |

Trainer resource

– Safari

₀ Choose Safari > Preferences, click Privacy,thendoanyofthefollowing:

• Changewhichcookiesandwebsitedataareaccepted.Selecta“Cookiesandwebsitedata”option:

– Alwaysblock:Neverstorecookies.

– Allowfromcurrentwebsiteonly:Safariacceptscookiesandwebsitedataonlyfromthewebsiteyouarecurrentlyvisiting.Websitesoftenhaveembeddedcontentfromothersources.Safari does not allow these third-parties to store or access cookiesorotherdata.

– AllowfromwebsitesIvisit:Safariacceptscookiesandwebsitedataonlyfromwebsitesyouvisit.Safariusesyourexistingcookiestodeterminewhetheryouhavevisitedawebsitebefore.SelectingthisoptionhelpspreventwebsitesthathaveembeddedcontentinotherwebsitesyoubrowsefromstoringcookiesanddataonyourMac.

– IOS(iPhone,iPad)

₀ Settings > Safari > Block Cookiesandchooseoneofthefollowing:

₀ AlwaysBlock;

₀ AllowfromCurrentWebsitesOnly;

₀ AllowfromWebsitesIVisit;or

₀ AlwaysAllow. 9

– ➢Android

₀ OpentheChromeapp;

₀ Touchthemenu;

₀ TouchSite settings;

₀ Uncheck Cookiestopreventwebpagesfromstoringcookiesonyourmobiledevice.

₀ JavaScript

– JavaScriptprovidesadditionaltoolsfordeveloperswritingwebpages.Itcanalsoassistdevelopersofmalware.

– TurningoffJavaScriptwillmakeyourbrowsermoresecurebutitcanalsocausesomewebpagestonotfunctionproperly

9 https://support.apple.com/en-ca/HT201265


13 |

Trainer resource

₀ TurningoffJavascriptisanextrememeasure,andbestonlydonetemporarily if the risk associated with doing something is considered to beveryhigh.

– ➢GoogleChrome

₀ SelecttheChromemenuicon.

₀ Select Settings.

₀ Nearthebottomofthepage,selectShow advanced settings.

₀ In the "Privacy" section, select Content settings.

₀ Inthe“JavaScript”SectionSelect“Do not allow any site to run JavaScript.”

₀ Select Done.

– InternetExplorer

₀ Onthewebbrowsermenu,clickToolsortheToolsicon(whichlookslikeagear),andselectInternet Options.

₀ When the “Internet Options" window opens, select the Security tab.

₀ On the Securitytab,makesuretheInternetzoneisselected,andthenclick on the Custom level button.

₀ IntheSecuritySettings–InternetZonedialogbox,clickDisable for Active ScriptingintheScriptingsection.

₀ Whenthe"Warning!"windowopensandasks,"Areyousureyouwanttochangethesettingsforthiszone?"selectYes.

₀ Click OK at the bottom of the Internet Options window to close the dialogbox. 10

– Apple Safari

₀ While in Safari Click the Safari Menu >Preferences.IntheSecuritypanelunchecktheboxmarked“Enable JavaScript.”

₀ Java

– JavaisnotthesamethingasJavaScript.JavahelpstranslateJavaprogramsforyourcomputer.

₀ Thisishelpfulforprogrammersastheyonlyhavetowritetheprogramoncewithouttranslatingitfordifferenttypesofcomputers.

₀ Itisalsoveryhelpfulforpeoplewritingmalware.

– Javaisnotnecessaryformostofwhatyoudowithyourcomputer,soitshouldbedisabled.

10 ForMoreandSitespecificcontrolshttps://support.microsoft.com/en-ca/kb/3135465


14 |

Trainer resource

– YoumaynothaveJavaonyourcomputer.However,ifyoudo,turningitoffwillbeatwo-stepprocess.

₀ Step1(FindtheJavaSettingsControl)

• Windows

– LaunchtheWindows Startmenu;

– Click on Programs;

– FindtheJavaprogramlisting;

– Click Configure JavatolaunchtheJavaControlPanel.

• Windows(alternativemethodforolderversions)

– UsesearchtofindtheControlPanel;

– Press Windows logo key + W to open the Search charm to searchsettings;

OR

– DragtheMousepointertothebottom-rightcornerofthescreen, then click on the Searchicon;

– InthesearchboxenterJava Control Panel;

– ClickonJavaicontoopentheJavaControlPanel.

• Mac OS

– ClickonAppleicononupperleftofscreen;

– GotoSystem Preferences;

– ClickontheJavaicontoaccesstheJavaControlPanel. 11

₀ Step2(TurnoffJava–thesameforWindowsandMacOSs)

• In the Java Control Panel, click on the Securitytab;

• DeselectthecheckboxforEnable Java content in the browser ThiswilldisabletheJavaplug-ininthebrowser;

• Click Apply.WhentheWindowsUserAccountControl(UAC)dialogappears,allowpermissionstomakethechanges;

• Click OKintheJavaPlug-inconfirmationwindow;

• Restart the browserforchangestotakeeffect.

₀ Privacy mode

– Manybrowsersofferaprivacymodedesignedtooffersomeprivacytouserswhosharecomputers.

11 MoredetailandalternativesforAppleSafari:https://support.apple.com/en-us/HT202447


15 |

Trainer resource

₀ Thebrowserwillnotkeepthehistoryforthesession.

₀ Thisisnotperfectprivacy.Youwillnotbeanonymouswhilein thissession.

₀ Theprivacyofferedbythismodeisonlylocal,anddoeslittletomaskyouridentitytotheworld.

– Openingawindowinprivacymodeisgenerallydonebyclickingthefilemenuandselectinganewprivatewindow.

Thisiscalledsomethingdifferentineachbrowser,andtherearevariationsonhowtoopenawindow.TheShortcutkeystoopenanewwindowortabarequiteconsistent.Onwindowspressthe‘Ctrl’Key,onanAppleComputerusetheCommand‘⌘’keyinstead.

Browser Privacy Mode Name Shortcut Key

Safari NewPrivateWindow Ctrl(⌘ ➢)+Shift+N

Chrome NewIncognitoWindow Ctrl(⌘ ➢)+Shift+N

Firefox NewPrivateWindow Ctrl(⌘ ➢)+Shift+P

InternetExplorer InPrivateBrowsing Ctrl(➢⌘)+Shift+P

₀ Ad blockers

– Ad blockers can be added to browsers to block the advertising content in pages.

₀ Thiscanhelpsecuritybecausesomeadvertisingcanbeusedtodistributemalware.

₀ Thesearethird-partyapplications.Wedonotrecommendanyparticularapplicationbutdorecommendthatyoubuyfromofficialvendors.

₀ Examplesandinformationcanbefoundat:

• https://getadblock.com

• https://adblockplus.org12

₀ Flash

– Flashallowsinteractivecontent.Itwasdevelopedinthelate90s,andhasbeenverypopularbecauseithasmanypowerfultools.

– Newer,bettertoolshavebeendeveloped.

– Flashisusedlessandless.Ithasbeenabusedtoinstallmalware.

12 Thisisnotanendorsementofeitheroftheseproducts.Wehavenottestedtheminanyway.


16 |


₀ Chrome

• Typechrome://plugins/intoGoogleChrome’slocationbarandpressEnter.Clickthe“Disable”linkundertheAdobeFlashPlayerplug-in.

₀ InternetExplorer

• Clickthegearmenu,andselectManage add-ons. Click the Show boxandselectAll add-ons.LocateShockwave Flash ObjectunderMicrosoft Windows Third-Party Application Component, select it, and click the Disable button.

₀ Microsoft Edge

• Click the menu button in Edge and select Settings. Scroll down to the bottom of the Settings panel and click “View advanced settings.”Setthe“UseAdobeFlashPlayer”sliderto“Off.”

₀ Apple Safari

• Click the Safari Menu >Preferences.IntheSecuritypanel,clickSecurity. Then click the Plug-in Settings button.Inthenextpanel,withAdobeFlashselectedattheleft,selectBlockfromthemenuatlowerrightofthescreen(immediatelyabovetheDonebutton).Click Doneandexitthesettingsmenu. 13

3.3 In Practice

DOdisableJavaandmakeaninformedchoiceaboutCookies,JavaScript,advertisingblockingandFlash.

DOusetheprivacymodetobrowsediscreetly.

4 Putting it into practice

4.1 In Brief

Putwhatyouhavelearnedintopractice.Remembertotakecarewiththewebpageaddress,lookforsecurityindicators,andwarningmessageswhenusinganInternetbrowser.

4.2 In Detail

• Thefollowingisanexampleofnavigatingtoapageandidentifyingapotentially dangerouswebsite.

– TypingintheURL

₀ Goto“outlook.com,”typecarefullyandcheckbeforepressingEnter.

– BEWARE of “uotlook.com.” It redirects to a potentially dangerous page.

– Look for IP addressesintheURL(numbersonly)oraddressessimilartotheoneyouwantbutnotquite.

13 http://gizmodo.com/disable-flash-1688209571

17 |

– ➢Alsolook for misspelled domain namesandsubtlesubstitutionssuchas0forOorvvforw.

– Assessing the page

₀ Anumberofcluesonthispageshowthatitisdangerous.Twoareveryclearindicators(1&2).Twoarelessclear(3&4)butaddtotheassessment.

1. Thereisnolockiconorgreenintheaddressbox.Thistellsusthatthepageisnotusingasecureconnectionandthatthereisnocertificate.Weexpectthatouroutlook.compagewouldhaveboth.

2. ThedomainnameisnotaMicrosoftname.“native-adventure.com”isnotanamethatwewouldexpecttosee.Thisindicatesthatthispageisprobablyafakeusedforphishing.

3. Threateninglanguage.Itisnotnormalforalegitimatebusinesstothreatentheircustomerswithaccountdeactivation.

4. Poorgrammar.AmajorcorporationlikeMicrosoftisunlikelytopublishapagewithpoorgrammar.

₀ Someindicatorsonthispageprovidecluesthatthepageislegitimate:


3

1 2

4

1 2 3

18 |


1. Agreenlocksymbol.Thisindicatesasecureconnection.

2. Acertificatebelongingtotheorganizationyouwouldexpecttoown thiswebsite.

3. Thedomainnameisabitodd.However,thegreenboxshowingownershipprovidesreassurance.(Live.comisabrandusedtounifyanumber ofMicrosoftservicestoassistwithliving;suchasHotmail,outlook,and MSNMessenger).

₀ ➢Also,notethelackofgrammarerrorsorthreateninglanguage.

₀ Apagelikethisisaclearwarningthatthepageisdangerous.Thispageisshownwhenthebrowserhasidentifiedthepageasaproblem.PresstheBackbuttonandavoidthewebsite.

₀ Ifyouthinkyouhavemadeamistake,changeyourpasswordsimmediately.

– Iftheaccountwasforabank,checkyourstatementsandcontactyourproviderifthereisanissue.

₀ Ifyouthinkyouorsomeoneyouknowhasbeenavictimoffraud,pleasecontacttheCanadianAnti-FraudCentreat:

– 1-888-495-8501orreportonlineathttp://www.antifraudcentre.ca.

4.3 In Practice

DOtakecarewiththewebaddress,lookforsecurityindicatorsandheedwarningmessages.

19 |


Glossary of Terms

BrowserAbrowserisacomputerprogramormobileappthatisusedtofindandlookatinformationontheInternet.

CacheA cache is where a device can temporarily store some data to speedupfuturerequests.

CertificateElectroniccertificatesareusedtoverifytheidentityofawebpage

CookieA small piece of information stored on a persons browser for usebyawebsite.

Domain nameThenamegiventohelpfindacomputerontheInternet(e.g.serene-risc.ca).

Drive-by downloadAdrive-by-downloadattackinfectsyourcomputerwithmalwarejustbyvisitingapage.

EncryptionAprocessofconvertinginformationtoaformunreadabletountrustedpartiesthatstillcontainstheoriginalinformationandisabletobereadbytheintendedrecipient.

Extended validation certificate

Acertificatethatshowsthatwebsitehasgonethroughsomeextravalidationprocesstoconfirmthatitislegitimateandindicatestheownerofthepage.

IP addressAnInternetProtocol(IP)addressisasetofnumbersthatadevice(computer,printer,etc.)ontheInternetusestoidentifyitself(e.g.206.167.212.121).

Malvertising Maliciousprogramshiddeninadvertising.

Malware Softwaredesignedprimarilyforamaliciouspurpose.

Man-in-the-middle attack

Amaliciousattackagainstcommunicationsexecutedbetweenthesenderandreceiver.

Operating systemAnoperatingsystemisthemainprograminacomputersuchas windows or Apple OSX that makes it possible for other programstofunction.

PhishingEmails,callsorothercommunicationdesignedtotrickyoutogiveawaypersonalinformationorpasswords.

1 |

Time Slide

Learning objectives

• Understanding of the risks of browsing

• Knowledge of what to look for in the browser

• Ability to configure browser settings

— : — 0

1. The risks in the browser 2 : 00 1

Advertising, tracking, drive-by downloads, man-in-the-middle attacks, typo-squatting and phishing all present different types of dangers to be wary of online.

— : —

DO be aware of different types of threat so you can spot potential dangers to your information or your system.

Notes:

lesson plan


2 |

lesson plan

2. What to look for 3 : 00 2

Browsers contain tools to help you navigate the web safely. Use them consciously in combination with critical thinking for a safer web experience.

— : —

DO look closely at the address bar to identify signs of security.

DO be careful to make sure you connect to the correct site.

Notes:

3. Configuring the browser 2 : 00 3

Dangerous websites are written with the same tools as legitimate websites, so it isn’t possible to turn off just the unsafe tools. Learn what these tools are and how to make choices about what to allow in your browser.

— : —

DO disable Java and make an informed choice about Cookies, JavaScript, advertising blocking and Flash.

DO use the privacy mode to browse discreetly.

Notes:

Time Slide


3 |

lesson plan

4. Putting it into practice 3 : 00 4

Put what you have learned into practice. Remember to take care with the webpage address, look for security indicators, and warning messages when using an Internet browser.

— : —

DO take care with the web address, look for security indicators and heed warning messages.

Notes:

Time Slide

Practice

Discussion Questions:

> Is personalised advertising a good thing or a bad thing?

> Have you ever felt like advertising is following you around the Internet?

> Is it easy to make a mistake typing in an address, have you done it?

> Have you received a suspicious email and what made you think it was odd?

> Does a better-looking web page mean that it is a more reputable company?

> Do you always check the address bar for a security indicator before buying things?

> What would you do if you accidentally clicked to a bad page?


4 |

lesson plan

Glossary of Terms

BrowserA browser is a computer program or mobile app that is used to find and look at information on the Internet.

CacheA cache is where a device can temporarily store some data to speed up future requests.

CertificateElectronic certificates are used to verify the identity of a webpage

CookieA small piece of information stored on a persons browser for use by a website.

Domain nameThe name given to help find a computer on the Internet (e.g. serene-risc.ca).

Drive-by downloadA drive-by-download attack infects your computer with malware just by visiting a page.

EncryptionA process of converting information to a form unreadable to untrusted parties that still contains the original information and is able to be read by the intended recipient.


A certificate that shows that website has gone through some extra validation process to confirm that it is legitimate and indicates the owner of the page.

IP addressAn Internet Protocol (IP) address is a set of numbers that a device (computer, printer, etc.) on the Internet uses to identify itself (e.g. 206.167.212.121).

Malvertising Malicious programs hidden in advertising.

Malware Software designed primarily for a malicious purpose.


A malicious attack against communications executed between the sender and receiver.

Operating systemAn operating system is the main program in a computer such as windows or Apple OSX that makes it possible for other programs to function.

PhishingEmails, calls or other communication designed to trick you to give away personal information or passwords.


1 |

1. The risks in the browser

2. What to look for

lesson script


2 |

3. Configuring the browser

4. Putting it into practice

lesson scriptGoing out onto the Internet

3 |

lesson script

Glossary of Terms


















1 |

1. The risks in the browser

Advertising, tracking, drive-by downloads, man-in-the-middle attacks, typo-squatting and phishing all present different types of dangers to be wary of online.

– DO be aware of different types of threat so you can spot potential dangers to your information or your system.

2. What to look for

Browsers contain tools to help you navigate the web safely. Use them consciously in combination with critical thinking for a safer web experience.

– DO look closely at the address bar to identify signs of security.

– DO be careful to make sure you connect to the correct site.

3. Configuring the browser

Dangerous websites are written with the same tools as legitimate websites, so it isn’t possible to turn off just the unsafe tools. Learn what these tools are and how to make choices about what to allow in your browser.

– DO disable Java and make an informed choice about Cookies, JavaScript, advertising blocking and Flash.

– DO use the privacy mode to browse discreetly.

4. Putting it into practice

Put what you have learned into practice. Remember to take care with the webpage address, look for security indicators, and warning messages when using an Internet browser.

– DO take care with the web address, look for security indicators and heed warning messages.


cheat sheet

2 |

Glossary of Terms

















cheat sheetGoing out onto the Internet

Title:

Year:

Author:

Call Number:

Title:

Year:

Author:

Call Number:

Title:

Year:

Author:

Call Number:

Title:

Year:

Author:

Call Number:

resource sheet


1 |

Advertising can be a potential security problem because:

a) It can carry malware.

b) You might buy things you don’t need.

c) Companies can send subliminal messages.

d) It always is spying on you.

If you make a mistake when you type a web address incorrectly, it will autocorrect.

a) True

b) False

A lock symbol on the page means that the page is safe.

a) True

b) False

There are security indicators in a bank webpage so you can tell if the page is counterfeit.

a) True

b) False

Security seals in a webpage can be faked.

a) True

b) False

Hand-out SHeet


2 |

Hand-out SHeet

If you turn off cookies, or opt out of tracking your privacy is guaranteed.

a) True

b) False

Criminals always use bad grammar in phishing pages.

a) True

b) False

Privacy mode in the browser provides:

a) Anonymity for whistle-blowers.

b) Access to your private Internet.

c) Discrete browsing by not keeping a history of browsing on the computer.

d) Absolutely private browsing by hiding all record your activity.


1 |

Advertising can be a potential security problem because: a) It can carry malware.

b) You might buy things you don’t need.

c) Companies can send subliminal messages.

d) It always is spying on you.

> Malvertising is malware distributed by the advertising in webpages.

If you make a mistake when you type a web address incorrectly, it will autocorrect. a) True

b) False

> Criminals and others will deliberately register web addresses with common typing errors to

profit from the mistake with advertising, phishing or malware.

A lock symbol on the page means that the page is safe. a) True

b) False

> A lock symbol in the browser (outside of the page) can indicate that the connection is

encrypted, but does not guarantee whom you are connected to. Be sure the lock icon is in

the browser and not in the content of the page.

Security software will solve all of your security worries. a) True

b) False

> Even with security software you will still need to keep your computer updated and to

think critically.

Hand-out SHeet anSwer key


2 |

Hand-out SHeet anSwer key

There are security indicators in a bank webpage so you can tell if the page is counterfeit. a) True

b) False

> Criminals can exactly copy the appearance of any page on the Internet quickly and easily.

Security seals in a webpage can be faked. a) True

b) False

> Criminals can wexactly copy the appearance of any page on the Internet quickly and easily.

This includes the security seals. Look for the indicators in the browser.

If you turn off cookies, or opt out of tracking your privacy is guaranteed. a) True

b) False

> There are many technologies that are used to track people online for advertising purposes.

There is no guarantee that your browsing will not be tracked.

Criminals always use bad grammar in phishing pages. a) True

b) False

> Although it is common to see language mistakes in phishing pages, perfect writing is not a

good indicator of safety.

Privacy mode in the browser provides: a) Anonymity for whistle-blowers.

b) Access to your private Internet.

c) Discrete browsing by not keeping a history of browsing on the computer.

d) Absolutely private browsing by hiding all record your activity.

> Privacy mode will not provide anonymity or absolute privacy but it will reduce the amount of

browsing tracking on the computer.


going out onto the internet - cybersec 101...• identifying the security features of your browser...

Documents