YEAR 9ONLINE

SAFETY AND SECURITY

Online safety Phishing

Cyberbullying Grooming

Viruses

Cookies

Socialnetworking

Worms & trojans

1 – Staying safe online!

While you are logging on, think about….

How would you explain the

following terms to your

parents….

Cyber bullying

Grooming

Sexting

Lesson objectives

In today’s lesson you will be learning about:• the risks associated with social media use and

some of the ways you can protect yourselves.• What to do if you feel threatened

Starter – what is the definition of these key words?

• Cyberbullying• Grooming• Predator• Sexting• Digital footprint• GPS tagging

http://www.kidsmart.org.uk/digitalfootprints/

Remember the sessions from last half term on sexting by Katie and Rob? This term the session

will be on grooming.

1. You have been chatting with another person you don’t know in person and they want to meet up?

2. You are on a social networking site and have seen a rude picture?

3. You see a picture of someone you don’t get on with, there is the chance to write something?

4. You notice that a friend has not protected their website, giving anyone access to their profile?

5. Your friend has been chatting to a boy/girl for a while and does not believe who they are?

6. Your friend uses IM and a webcam but there is one ‘friend’ who never turns on their webcam?

Think – Pair – Share: What would you do?

Staying Safe on the Internet

a)  

You shouldn’t really meet them at all. Don’t arrange to meet up as soon as you meet them online – get to know them better. If you do decide to meet up, go with a parent or carer and make sure you choose a public meeting place.

b) Report the picture to the website producer. There will usually be a link to report abuse; alternatively, send them a message with the page link on it.

c) Tempting as it may be, it’s best not to leave any comments. If you have nothing nice to say about the person, then don’t say anything. Social networking allows lots of people to get involved (friends and friends of friends), so writing a nasty comment could get out of control.

d)  

You let them know that their profile is unprotected and that anyone can see their information, along with yours too. Ask them to set the profile so it is only visible to friends. If they refuse, it might be best to take this person off your friends list, as your own security is being compromised.

e)  

If the girl has a webcam, ask her to turn it on as it is a good way of seeing if the person is who they claim to be. She might refuse if they have just met online, but if your friend has been chatting to her for a while, and she still declines, it might be best not to continue talking as your friend has no way of knowing if she is genuine.

f) Ask him to turn the webcam on as it is a good way of seeing if the person is who they say they are. If he continues to refuse, it is probably better that your friend stops chatting to him as there is no way of knowing if he is genuine.

Safety advice What this means in practice

Make sure you have a password that no one can guess.

Use a mixture of numbers, uppercase and lowercase letters, and symbols. It should be a minimum of 8 characters.

On social networking sites only add people that you know.

Never accept requests from people you don’t know.

Don’t send pictures of yourself to strangers because you don’t where they will end up.

Until you know you can trust someone don’t share personal details or pictures of yourself.

If someone writes something that makes you feel uncomfortable, take action.

Save the conversation and block people you don’t trust. Tell an adult.

Don’t become involved in cyberbullying. Never write anything that you would not say to a person’s face.

Never arrange to meet a person you’ve met on the Internet.

If someone you’ve met on the Internet asks if you can meet up, say no.

Use a profile picture that doesn’t show you or shows you from a distance.

Your profile picture is available for everyone to see.

Change your account settings so that your profile and personal details are not available to everyone.

This prevents strangers from learning too much about you but allows friends to see your profile.

Ask your friends’ permission before adding their photos to a social networking site.

Any photos you upload can be seen or copied by anyone.

Watermark your photos. This will deter people from copying them.

Never put up a rude or offensive picture or a picture showing any form of abuse.

This could be seen as cyberbullying and at worst it could be illegal.

Don’t put personal information online but if you do keep it brief.

Your profile could be hacked into and the information could fall into the wrong hands.

If you feel threatened online, report it!

There’s a link on many social networking

sites, search for Click CEOP or use the link on

our Moodle.

• http://www.thinkuknow.co.uk/first2amillion/• Watch the video and when you are asked, choose

which way you’d like it to go next.• Watch the videos from each character to find out

more about their point of view

First to a Million

Produce a folding leaflet, a poster, a prezi or a movie clip for young people/teenagers highlighting:

• the positive side of using social networking• the dangers of communicating online using social

networking• tips for staying safe online and what they can do to

avoid these dangers

Stay safe online

Useful links

• http://www.microsoft.com/security/online-privacy/social-networking.aspx

• http://www.teach-ict.com/gcse_new/being_online/social%20networking/miniweb/index.htm

2 – Staying safe online!

The average 12- to 15-year-old has never met one in four of their "friends" on

social networking websites such as Facebook

12- to 15-year-olds on average spend 17 hours a week on the internet

Texting is most popular among 12- to 15-year-olds, who send an average of

almost 200 texts a week, girls send the most!

Almost two thirds of 12- to 15-year-olds now own a smart phone

While you are logging on, think about these facts….While you are logging on, think about these facts….

http://www.guardian.co.uk/media/2012/oct/23/teenage-girls-send-220-texts-week

Lesson objectives:

In this lesson you will:-• Continue and complete your work from last

lesson to demonstrate your understanding of social networking safety

Starter – posting online vs freedom of speech

• Read this article and be ready to share your thoughts about whether comments posted online should be “policed” and prosecuted if offensive/abusive/false etc

• Newsbeat guide to social networks and freedom of speech

3 - Someone’s watching you online!

While you are logging on, think about….While you are logging on, think about….

What makes a secure password?

What advice would you give someone

about what a strong password should or should not include?

Lesson objectives

In today’s lesson you will:• To understand threats to online security

and how to avoid them.

Password advice • Do not choose obvious things such as your dog’s name

or your favourite football team or password• Try to use nonsense words rather than something

straight out of the dictionary, or create a nonsense word using words/numbers which mean something to you

• Try to remember your password, do not write it down• Make your password at least 6 characters long• Use a mix of letters, numbers, symbols and upper and

lower case letters• Do not use the same password for everything• Keep your password a secret – not even your best

friend should know it.

Captcha tests

• As an added level of security, some websites will get you to take a “CAPTCHA” test.

What is a CAPTCHA test?

A CAPTCHA is a short online typing test that is easy for humans to pass but difficult for robotic software programs. The purpose of a CAPTCHA is to discourage hackers and spammers from using auto-filling software programs at that web page.

What Does CAPTCHA Stand For?

It stands for "Completely Automated Public Turing test to tell Computers and Humans Apart".

How does it work?

CAPTCHAs work by asking you to type a phrase that a robot would be hard-pressed to read. Commonly, these CAPTCHA phrases are .gif pictures of scrambled words, but can also be .mp3 voice recordings. These pictures and recordings are very hard for conventional software programs to understand, and robots are usually unable to type the phrase in response to the picture or recording.

Why do we need them?

• This should prevent automated programs from:• Swaying an online poll by robotically submitting hundreds of false responses.• Accessing someone's online account by repeatedly attempting different

passwords.• Signing up for hundreds of free email accounts.• Buying an excessive number of concert tickets for a popular artist/band so that

someone can then sell these tickets on ebay for an extortionate amount of money.

Cookies, Adware and Spyware

Key vocabulary

adwarecookiespywarePhishingIdentity theft

Cookies

• A cookie is a very simple text file that gets downloaded onto your PC when you visit a website. They generally contain two bits of information: a site name and a unique user ID

• Once the cookie is on your computer, the site "knows" that you have been there before and can then use that knowledge to tailor the experience that you have eg make suggestions about things you might like to buy.

• The vast majority of commercial websites -- be they major online publishers, banks or ecommerce sites etc -- will use them.

• Cookies are used for many different functions including auto-filling forms, counting visitors, storing shopping basket items, personalising content, targeting advertising, recording user preferences and for authentication and security.

The EU Cookie Law• What is the so-called "Cookie Law"?

The "Cookie Law" stems from a change to a law from November 2009 and aims to safeguard your privacy online and protect you from unwanted marketing. Cookies can be used to build up a profile of where you have been and how you have behaved online. The law aims to make sure that any company seeking to collect information about a web user must ask for their consent first.

• You used to have to opt out of cookies being placed on your computer. Now you have to opt in to all "non-essential" cookies.

• These are any cookies which are used for analytical purposes eg to count the number of visitors to a website and cookies used to recognise the user when they return to a website so they receive a tailored greeting. Cookies which are essential for example those used in an online checkout, can still be placed on your computer without your consent.

• Who needs to comply with it?The law applies to all member states of the European Union. Websites outside of the EU must comply with the law if they are targeting people within member states. So a website based in the USA that sells to people in the UK will also have to comply.

• How do sites comply with the Cookie Law from 26 May?Technically, from 26 May 2012, sites must gain the consent of their web users for placing non-essential cookies on their computers. This is why you keep getting asked about cookies when you go onto a website. It might involve clicking an icon, dismissing a banner, sending an email or subscribing to a service.

• What happens if sites don't comply? Technically, the maximum penalty for not complying is £500,000 for cases where there is a deliberate breach of the law that causes substantial distress, and some lesser penalties, but this will be a very hard law to enforce.

Adware

• Adware is any software that automatically puts advertisements on websites. These could be pop up adverts or a completely separate webpage could pop up. The objective of an advert is to draw a customer in and to get them to buy the particular item that is on display.

• Unfortunately, some applications that contain adware track your Internet surfing habits in order to put up ads related to you. Have you ever noticed adverts at the side of other websites which relate to searches you’ve been doing recently?

• When the adware becomes intrusive like this, then we move it into the spyware category and it then becomes something you should avoid for privacy and security reasons.

Adware

http://www.youtube.com/watch?v=lOhoOUDkAzE

Spyware

• Spyware is software downloaded by a user, often hidden inside a program they download for another purpose.

• The Spyware can record the websites they access and some versions record keystrokes such as passwords when a user accesses secure online websites such as online banking.

• The log on details are then passed by the computer over the internet to the criminals for fraudulent use.

Spyware

http://youtu.be/cnQ_dShyU3g

Spam

What is spam?• Spam emails are emails sent to you without consent. It is email that you don’t want

and didn’t ask for, and its content can cause embarrassment and distress. • The sender generally doesn’t target recipients personally. The same spam email can

be sent to millions of people at the same time and the addresses can often be guessed.

• The law says that organisations must only send marketing emails to individuals if you have agreed to receive them.

• Many spam emails come from outside the UK.What can I do if I’m getting unwanted emails?• If you receive marketing by email from an identifiable UK company that you don’t

want, you should first use the ‘unsubscribe’ link or email the organisation to ask them to stop (remembering to keep a copy of any correspondence).

What can I do to reduce the amount of spam emails I receive?• Be careful who you give your email address to. • Consider having separate personal and business email addresses. • Choose an email address which is difficult to guess. • Don’t advertise your email address, for example by putting it on the internet. • Check privacy policies and marketing opt-outs carefully. Use them to tell the

organisation not to send you emails. • Avoid responding to spam emails. Replying indicates that your email address is live.• Don’t click on the adverts in spam emails.• Use a spam email filter on your computer. These are programs which work with your

email package to sift through new emails, separating spam emails from wanted emails and blocking them.

• Spam emails sometimes contain viruses so you should also consider using anti-virus software to protect against virus programs that can destroy computer files and are increasingly being exploited by spammers.

Cookies, adware and spyware summary

1.Give a definition of a cookie (not the chocolate chip kind)?2.Why do online retailers use cookies?3.Explain the recent European law about the use of cookies on websites.4.What are the benefits and drawbacks of cookies for customers?5.What is a third party cookie and why it can be a nuisance?6.How can you delete cookies from your computer?7.(a) What is adware? (b) What does it do?8.(a) What is spyware? (b) What does it do? (c)Why is it a problem?9.How can you protect yourself from spyware?10.(a) What is spam? (b) How can you avoid receiving it?

4 - Gone phishing….with your

identity!

While you are logging on, think about….While you are logging on, think about….

xxxWould you click the link in these

emails?

Lesson objectives

In today’s lesson you will:• Understand the online security problem of

phishing• Understand the serious issue of identity theft

Key vocabulary

PhishingIdentity theftFraudSmishingScams

Phishing videos – American!

• http://www.youtube.com/watch?v=e_TALggP0xQ• http://videos.howstuffworks.com/computer/phishing-videos-

playlist.htm#video-52305

Phishing

• The act of sending an e-mail to a user falsely claiming to be a legitimate business (eg ebay, amazon, a bank) in an attempt to scam the user into surrendering private information that will be used for identity theft.

• The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organisation already has. The Web site, however, is bogus and set up only to steal the user’s information

• Because bank security is so good, fraudsters rely on getting information directly from customers.

• Examples of phishing emails.• http://www.banksafeonline.org.uk/phishing_example

s.html.

• What should make a customer suspicious?

Identity Theft• Identity theft

– It is the misuse of the identity (e.g. name, date of birth, current or previous addresses) of another person without their knowledge or consent.

– It occurs when sufficient information about an identity is obtained so that the fraudster can carry out identity fraud, the victim could be alive or dead.

– Can cost the person concerned a lot of money, could affect their chances of getting things like credit/mortgage, could falsely give them a criminal record, could stop them getting a job etc

• Identity Fraud– This is the use of a false identity. Can be used to do things

that are usually legal but not if you are using a false identity! Eg to open accounts, (fraudulently) obtain social security benefits, (in the case of individuals), apply for credit and/or obtain goods and services.

– Can also be used to carry out illegal activities eg to obtain goods or services by deception

What is all the fuss about? What is identity theft?(http://www.identitytheft.org.uk/what-is-identity-theft.asp)

How does identity theft happen?• Identity Stolen when a person goes through your bins

looking for bills or other papers with your personal information on it. SHRED your waste!

• Identity Stolen via Phishing• Identity Stolen via Skimming - this occurs when someone

steals your credit card or debit card number through a special device when processing your payment.

• Identity Stolen via Change of Address - your address for billing statements or credit card accounts is changed by the identity thief to divert your billing statements to another address.

• Identity Theft via Pretexting - occurs when false pretences are used by the thief to obtain personal information through telephone companies, financial institutions, surveys, or other sources.

• Identity Theft via Stealing - Your identity may be stolen by means of old fashioned stealing.

Credit Card Fraud and Identity TheftThe credit card fraud which has increased the most

is where the card is not actually with the person making the purchase. They have obtained all the details of the card and its owner in order to make

the purchase without the card.

Online card fraud

• The vast majority of credit card fraud involves the use of card details that have been fraudulently obtained through methods such as skimming – for example where your PIN/other details are collected electronically while you use your card in an ATM, data hacking, or through unsolicited emails or telephone calls.

• The card details are then used to undertake fraudulent “card-not-present” transactions.

1. Keep your credit cards safe and never let your card out of your sight if paying in a restaurant or shop.

2. Do not use your card if anything suspicious is attached to an ATM/self serve payment machine

3. Shred anything with your credit card number on it.4. Don't sign blank credit card receipts.5. Avoid giving out your credit card information to anyone

who calls you requesting it for a purpose you don’t know anything about.

6. Be safe with your credit card online - Don't click on email links from anyone pretending to be your bank, credit card company, or other business who uses your personal information, even if the email looks legitimate. This is phishing! To be sure a website is secure before making a purchase, look for a lock in the lower right corner of your internet browser.

7. Report lost or stolen credit cards immediately.8. Review your billing statements each month.

How to avoid credit card fraud

What to do now..

• Log onto Moodle• User name: ictmoodle password: ictmoodle• Go to ICT > Year 9 > Health, safety and security

in ICT• Go to the Online safety and security section• Click the link to the resources• Open and save to your area the 2 worksheets

below, and then complete them and print: 1. Email scams

2. Identity theft

5 – Protect your computer

While you are logging on, think about….While you are logging on, think about….

What links these

images?

Lesson objectives

In today’s lesson you will:• to understand the security risks to your

computer and how to avoid them.

Computer Worms

http://www.tech-faq.com/computer-worm.html http://www.youtube.com/watch?v=sptJsIG6zy0

Computer viruses

http://www.youtube.com/watch?v=qy0-X7CTqss

Trojans

http://www.youtube.com/watch?v=buZHcUWE1HU

How to protect your computer

What to do now..

• Log onto Moodle• User name: ictmoodle password: ictmoodle• Go to ICT > Year 9 > Health, safety and security

in ICT• Go to the Online safety and security section• Click the link to the resources• Open and save to your area the 2 worksheets

below, then complete them and print: 1. Viruses2. Trojans, worms and hoaxes3. Protecting your computer

5 & 6 – Online security Presentation

While you are logging on, think about….While you are logging on, think about….

It’s important to

properly delete any

personal information

before you sell or

dispose of your

computer/tablet/phone

so that it cannot be

accessed by anybody

else either by mistake

or for malicious

purposes. How can you

do this?

How to delete your data

• Physical destruction - This involves physically destroying the media so that it can no longer be used. Once destroyed, data on the media will not be recoverable except using specialist, expensive equipment.

• Secure deletion software - This involves using software to overwrite data one or more times. Simple and cheap. The media can be reused once the overwriting is complete.

• Restore to factory settings - Many devices offer a function to ‘Restore to factory settings’. This will return the device to the state in which you bought it. You should check with the device manufacturer to determine if this is sufficiently secure

• Send to a specialist - There are many organisations which will securely delete data from a range of devices and types of media. These organisations will destroy or overwrite your data on your device. Make sure they are a trustworthy company!

• Formatting - Formatting media recreates the data structures and file system and deletes the data, but re-formatting may mean that data can still be obtained using freely available software programmes.

What is phishing?a) The act of catching fishb) When a computer virus captures your personal details and Internet passwords and sends these to fraudstersc) The process of attempting to acquire confidential information by sending out emails or other kinds of messages

that direct you to bogus websites or phone linesd) When a fraudster steals personal documents, such as cards, chequebooks or passportsHow can you help minimise the risk of lost or stolen card fraud? a) Report any lost or stolen cards immediatelyb) Only carry the cards you needc) Avoid placing cards in your pockets, where they can easily fall outd) All of the aboveWhen does identity theft occur?a) When you order a new card and it's stolen in transitb) When fraudsters use your personal information to take out bank accounts, financial products, state benefits and

documents in your namec) When fraudsters use your credit or debit card details to make purchases over the Internet or by phone, fax or

maild) When you pretend to be someone else for a while, such as at a fancy dress partyHow can you protect yourself from telephony fraud on your mobile?a) Install the latest anti-virus softwareb) Keep your mobile software up to datec) Set up a password or PIN on your mobiled) All of the aboveWhy do banks deactivate your access to Online Banking if three unsuccessful attempts are made to log

in using your details? a) To make sure that you change your login details regularlyb) To drive you crazy when you forget your login details, so that you don't do it againc) No specific reason - it's just the way our systems are set upd) To stop fraudsters making repeated attempts to get into your account(s)How can you protect yourself from identity theft? a) You can't - it's impossible to keep your personal details safe nowadaysb) Keep your cards, passwords, PINs, documents and personal information secure c) Get everything sent to you by email, since stolen mail is one of the prime causes of identity theftd) Always respond to unsolicited emails that ask you to verify personal details, such as PINs and Online Banking

passwords

While you are logging on, think about….While you are logging on, think about….

While you are logging on, answer these questions and be ready to share your answers1.What is phishing?2.How can you help minimise the risk

of lost or stolen card fraud? 3.When does identity theft occur?4.How can you protect yourself from

telephony fraud on your mobile?5.Why do banks deactivate your

access to Online Banking if three unsuccessful attempts are made to log in using your details?

6.How can you protect yourself from identity theft?

Lesson objectives

In today’s lesson you will:• to demonstrate your understanding of the

security risks to your computer and how to avoid them in a presentation, video, prezi or other document.

Stay secure online

• Many older people have started to use the internet to shop, socialise and bank online. However they are vulnerable to identity theft and other online security problems.

• Can you help explain the risks and how to avoid them of the security issues we’ve been discussing?

• Produce a presentation, prezi, movie clip or other document aimed at the older generation (60+) to cover the points on the next slide.

Stay secure online

1. Give some advice on choosing a secure password

2. Explain what a CAPTCHA test is and why we need them.

3. Explain the meaning of phishing

4. Explain how to deal with a phishing email and what the consequences could be

5. Explain what identity theft is

6. Explain how can identity theft take place

7. Explain how to avoid the risks

8. Explain how to avoid credit card fraud

9. explain what is meant by a computer virus, a Trojan and a worm and how they can cause havoc.

10. Give 4 pieces of advice to protect your computer and your important data

11. Explain how data should be deleted before selling or getting rid of an old computer/phone etc

12. You could also add some extra information from the work you did on adware/spyware/cookies etc

While you are logging on, think about….While you are logging on, think about….

xxx

Lesson objectives

In today’s lesson you will be: