Today’s class is all about online safety.  We will discuss different types of malware, and how that malware gets onto your system.  We will learn how to minimize your chances of downloading malware, and will discuss what to do when you think you have it on your system.  In addition, we will discuss anti-virus programs, passwords and apps, how to stay safe and a list of resources to help if you are a victim of a breach or identity theft.   Lots of information in today’s lesson!

Malware is spread using different methods including:

• Free software offers

• File sharing

• Torrent (sharing music or movie files through a service)

• Malicious files and mobile apps

• Removable media (like thumb drives, external drives and discs)

• Phishing emails

Smartphones: Your smartphones are not immune to malware.  

• Some apps may send premium text messages running up charges.  They may also enroll your smartphone in a malicious “bot” network, which uses cellular data.

• In the wrong hands, your cellphone can get infected with malware which can steal money and credit card information, view and contact your contacts and photos, track your location, read your text messages, save your passwords, send texts in your name and more.

• You can also get malware from clicking on a link in your text

• Unsolicited calls may also result in malware (or other security problems).  Watch for people claiming to be government, utilities or tech firms.  Charities can be scam as well as calls pitching for products or services too good to be true.  Suspect any offers for free product trials, cash prizes, cheap travel, medical devices, preapproved loans, debt reduction and more. 

Social networks are also vulnerable.  

By merely receiving a notice in messenger that a friend has mentioned you, you click on it. You are taken outside Facebook to download malware.  Attacker adds the post to your timeline so others can click on it.  Malware takes over (hijacks) your browser, which is disguised to look like the real one.  The attacker captures traffic and hijacks accounts.  In the background, others scripts download which protect the malicious code from analysis and makes it invisible to antivirus software.  Attackers now own the Facebook account (and anything associated with the hijacked browser (Google drive, Microsoft One Note).

Malicious email:  

If malware is software that performs unwanted tasks, email is the vehicle that delivers it to your device. Emails can be harmful to your computer, causing you to click on sites that can leave malware on your system, or trick you into providing some personal information.  You may find yourself in an Email scam by responding to a questionable email.  Some of these include the old-fashioned fraud emails (business opportunities, health and diet, cable descrambler kits), discount software, advance fee fraud (like the Nigerian Prince), Phishing email (looking for information) or Trojan Horse emails (entice you into installing software, then turning on you).  

Malicious email attachments:  

According to a 2017 Verizon report, 66% of malware was installed via a Malicious Email attachment.  With a malicious email attachment, the attacker will fool the user into downloading malware or other things which can include invoice fraud.  Downloading the attachment alone can release the malware and do damage.

Malicious attachments that look like legitimate file attachments, usually an invoice, software update, or other file that seems urgent in nature. These attachments can infect your device with malware that can spread to other systems. Some attachments will take you to a website which asks you to enter your credentials to access the file. However, the file is bogus, and your credentials are now in the hands of the attacker.

Websites:  

Sometimes a fairly innocuous site may contain links to sites which are not to be trusted.  One way is through clickbait.  Clickbait is when you see a headline on a website, but you can’t reveal the answer until you click on it.  Clicking on the image will not give you malware, but it will send you to yet another web page, which may contain additional links which are not reputable.  Clickbait is attractive because we don’t like ambiguity, and we find it difficult to leave a site after having our interest piqued.  

Botnet: 

Hacker sends out virus or worm to infect vulnerable home computers.  This creates a slave network called botnet.  In the next stage, the hacker sells or hires out the botnet to other criminals who use it for fraud, spamming, DDS attacks and other cybercrimes.

Ad blockers: 

We don’t like those ads.  But sometimes, the ad blocker can be fake and might have the ability to remotely inject malicious code into unsuspecting customers of the ad blocker. Some browsers, such as Google Chrome, now have built-in ad blocking, which blocks negative ads such as popups, auto-playing video ads with sound, ads with a countdown and large stick ads.  If the browser suspects a website is running these ads, they may choose not to load any ads on that website. 

Virus

Virus:  A self-replicating code.  It must be opened or executed to run it.  It looks for programs to infect.  It can live in the system (resident), which would mean it could strike again.  Or it can only be activated when clicked (non-resident).  Computers can become infected with a virus in a number of ways including:

·         Accepting software or download without reading the fine print (Trojan Horse)

·         Downloading infected software from a bad source

·         Opening email attachments containing a virus

·         Using an infected disc or thumb drive

·         Visiting a malicious site

·         Not running updates on browser, programs and operating system

·         Using a file distribution network for pirated movies/software

Signs you may have a virus:

·         Clicking on an icon or program does not work

·         Your device is crashing, freezing or rebooting by itself

·         Your antivirus and/or firewall is suddenly disabled

·         You see unexpected advertisement windows

·         You cannot print

·         You no longer have the icons on the desktop, and/or program files in your folder

·         You have major problems installing or downloading software

·         You can’t access your disk drive or hard drive

If you think a file is suspicious, you should first scan the file for viruses.  Using your antivirus program, right click on the file and select “scan for viruses”. 

If you are concerned that you are infected, use your antivirus program to run a full scan.  Open the program and select full system scan.

If a virus is found, a prompt will be given to move the virus or delete the files.  Both are ok.

If you don’t have an antivirus program installed, find a free one online by a reputable company such as Bitdefender, ESET, Trend Micro, Kaspersky or Symantec.

Clickbait

Clickbait is a technique used in websites which is designed to have you click on links that look interesting.  In fact, the goal of clickbait is for you to click on the link.  It really doesn’t care if clicking on the link provides you with a satisfactory answer.  They get paid either way!  Clickbait is not in itself malware but could direct you to a bad website. 

Examples of clickbait:

·         She dragged her plate across the pool. What happened next blew my mind

·         When you read these 19 shocking food facts, you'll never want to eat again

·         He thought it was Bigfoot's skull, but then experts told him THIS

·         87 yr old trainer shares secret to losing weight

Clicking on any of these links will only disappoint you (see the presentation).

Why are we attracted to clickbait?  It is because of our “curiosity gap”.  That is the difference between what we know and what we want to know.  This is powerful because

·         We do not like ambiguity (not knowing).  By clicking now, we will discover the answer

·         We are most likely to remember an unfinished task.  That fascinating headline will bug us until we look for the story.

We all have a fear of missing out (FOMO).  What are those shocking food facts anyway?

Adware: 

Software that provides unwanted advertising.  Includes pop-up ads, banners and in-text links.  May redirect to another website, install third party software, track or affect system performance.  May even prevent you from using ad removal software.

Spyware: 

Script which collects information about your device and transmits it to other sites.  So, these sites know where you have visited and will provide sometimes fake websites that would interest you.

Keyloggers:

Software that captures anything that you type.  Not only dangerous for your devices (think passwords) but also in terminals at gas stations and ATM machines (known as POS or point of service terminals)

RAM scraping malware

RAM scraping malware is also used for POS interactions, where data is stored unencrypted for just a couple of milliseconds.  RAM scrapers use this window of time to grab card data and save as a .txt file. 

Browser hijacking software: 

Advertising software that modifies your browser settings.  Although installing a program may result in a new default browser (not too bad), this new browser can have malicious links in it (that is bad).  Always check when installing new software for permissions. 

Ransomware: 

A particularly malicious software which blocks access to your computer until a sum of money is paid, usually in bitcoin or gift cards.  The ransomware encrypts your data in such a way that only they can unencrypt.  It is not recommended, though, that you pay the ransom.  Instead, contact a professional if this happens to you.

Hacking

Hacking is unauthorized intrusion into a computer or network.  Uses scripts or code, gains access through methods such as passwords, bundled software or email.  The hacker will find scripts, learn about hacking opportunities and share what they find on the Dark web using special browsers like Tor.  They will then share what they have found using Tor (a private browser) to set up botnets, break a security network or share sensitive documents.  There are also forums on the dark web where sensitive information is shared.  There is a site on the dark web called FreeHacks, which give tips on how to hack and example of hacks to try.

Malicious email: 

If malware is software that performs unwanted tasks, email is the vehicle that delivers it to your device. Emails can be harmful to your computer, causing you to click on sites that can leave malware on your system, or trick you into providing some personal information.  You may find yourself in an Email scam by responding to a questionable email.  Some of these include the old-fashioned fraud emails (business opportunities, health and diet, cable descrambler kits), discount software, advance fee fraud (like the Nigerian Prince), Phishing email (looking for information) or Trojan Horse emails (entice you into installing software, then turning on you). 

Malicious email attachments: 

According to a 2017 Verizon report, 66% of malware was installed via a Malicious Email attachment.  With a malicious email attachment, the attacker will fool the user into downloading malware or other things which can include invoice fraud.  Downloading the attachment alone can release the malware and do damage.

Malicious attachments that look like legitimate file attachments, usually an invoice, software update, or other file that seems urgent in nature. These attachments can infect your device with malware that can spread to other systems. Some attachments will take you to a website which asks you to enter your credentials to access the file. However, the file is bogus, and your credentials are now in the hands of the attacker.

Do not open any attachments that you were not expecting.  Documents, PDFs, images and other attachments might be dangerous.  When in doubt, contact the sender and ask.  But don’t contact by using the reply, as it might be malicious.  Call and ask if they did indeed send you an attachment.

There is no sure way to tell if it is malicious.  Still, here are some things to consider:

·         Your email provider should be scanning for malicious attachments.  If a virus is included in the attachment that you are trying to send, you will see a “Virus detected”” error message.  You can choose to send without an attachment.  If the virus is attached to an email sent to you, they should reject the message and let the sender know.  If the virus is found in an attachment in your inbox, you won’t be able to download the attachment.  This is true in theory, but things can still get through.  So, keep reading!

·         Filenames:  avoid bizarre filenames and misspelled words.  Spreadsheets are usually not named a random string of symbols (this would be suspicious as well)

·         EXE files:  These are executable files.  Only open if you have downloaded them from a reputable source.  Do not open an EXE file in an email attachment.

·         Zipped files:  If you have any doubt, confirm by phone or email (but not replying to this email because you are not sure if it is legitimate)

·         Office documents:  These can contain hidden macros or scripts that will “allow macros” without knowing what you are allowing to run.  Macros can then enable installed malware.

Can you get a virus from an app?

No, but you can get other forms of malware which may steal money, steal credit card information, steal contacts and sensitive photos, track your location, read text messages, save passwords, send SMS messages, and spend your money.

Can you get malware from an App from the Apple App store?

Unlikely, although it has happened.  To be sure, only install apps from the Apple App store.  These apps go through thorough testing and verification prior to release.  Your iPhone is protected as long as you did not jailbreak it or use third party apps. Apps outside the Apple App store require that you jailbreak the phone.

Can they be trusted? Short answer no!

·         Not necessarily safe if in the Google or Apple App store

·         Definitely can be unsafe if not on the Google or Apple App store

·         Who makes the app?  Special caution for beauty apps, VPN apps, and antivirus apps

Tips on how to tell if an app is safe:

·         Find out how the app uses your personal information.  If it is sharing with others, it could be malicious. How do you know?  First, if it is free, they are not obligated to disclose their advertising and tracking service, so it is probable they are tracking you.

·         Permissions:  The app may require permission for certain features.  For example, a heart rate workout tracker would want access to your health access, and you might have to enable certain aspects of that health data.  Once set up, the permissions are made and the data will be exchanged. Make sure it makes sense.  A flashlight app will need access to the camera flash, but nothing else.  A book app does not need access to the camera.  On an Android device, app permissions are included in settings.  ON the iPhone, clicking on the app in settings will show you what it has access to.  Beware of apps which ask for lots of permission (such as managing files, using contact information from friends, or camera).

·         Understand when and why the app will track your location.  This information would be part of the license agreement that we often scroll past.

·         More research on the app:

o   Look at the developer’s name right under the app’s name.  You can do a Google search to find more information about the developer such as a website.  If they have created a number of apps (well-reviewed), then it is probably safe.

o   Look how many times it has been downloaded.  The more downloads, the safer it may be (to an extent of course!)

o   Look for an app that has been around for a while, but has been recently updated.  In the Google Play store, you can find this information under “read more”. 

o   Read reviews.   There should be lots of reviews, and they should have some positive and some negative points in them.

o   Spelling and grammar errors:  Since often apps are created in other countries, the grammar or spelling may be incorrect.  This is a red flag.

o   Unbelievable discounts:  If it seems too good to be true, it probably is!

·         Avoid third-party apps:  These are ones which are found outside the App Store or the Google Play Store.  Third party apps bypass security measures making it easier for a hacker to infect your device with a bad app. 

·         NOTE:  If you suddenly have lots of ads after downloading an app, you may be a victim of “targeted advertising”.  Although not malicious, they can be annoying and might slow down the phone.  Delete any apps which seem to get these ads. 

Use a good antivirus program

There are many antivirus programs available.  Some are free, others have costs involved.   Unfortunately, you may find that the anti-virus program you downloaded is actually malware!  And, when googling anti-virus programs, you may end up with malignant sources as well.  The go-to site for best antivirus programs can be found at AV-Test, which is an independent IT-Security Institution.  On this site, you choose your device (mobile Android, Windows, Mac or Business) and you can see the operating systems which were tested during that period.  Sites are tested for protection, performance, and usability.  Some will receive a top billing.  For example, the top-rated antivirus programs for Windows 10 are:  Avira, Bitdefender, Kaspersky, Quick Heal and Trend Micro.  Unfortunately, among the lowest scoring for protection is Microsoft Windows Defender.   You can learn more about this by visiting their website at:  av-test.org

Use a safer browser which include certain features:

·         Web of trust (https://www.mywot.com/):  Uses community input to verify the safety of a site.  Needs to be installed on each browser.

·         Web address:  HTTPS should begin the web address if you are putting in sensitive information like address, birthday and credit card information

·         Security symbol:  Besides HTTPS, you should also see a lock someone on the browser’s address window.

·         Update your browser regularly.  Each browser has its own way of doing this, so become familiar with your browser.  (Google Chrome:  Settings > About> It will tell you if it is up to date)

Use a strong password:

·         Strong (over 8 characters include letters, numbers and symbols.  Mix letters and numbers.

·         Do not use personal information in a password

·         Use a password generator to set one up, and to store passwords. Examples include Last Pass (https://lastpass.com/) or Dashlane (https://www.dashlane.com).

·         Do not share with others

·         Don’t store them on your device.  If you must, hide and encode.

Consider using a VPN:

A VPN (virtual private network) is a method used to add security and privacy to public and private networks.  It allows the user to send and receive data across public networks, using a private network instead of the public network.  There are many types of VPNs.  Some are free, and others cost money.  It is better to pay a little, as the free ones may often violate privacy standards.  Remember if you are using your own Wi-Fi or a cellular connection, you probably do not also need a VPN.  Also, if your surfing on public Wi-Fi systems is pretty basic (web searches, basic websites), then a VPN is not necessary. Some possible suggestions:

·         NordVPN (https://nordvpn.com/):  Between $4 and $8/month, depending on how long you commit.

·         VyprVPN (https://www.goldenfrog.com/vyprvpn): A little more expensive, but can be used for multiple devices

·         TunnelBear (https://www.tunnelbear.com/):  Can connect up to 5 computers, tablets or phones.  There is a free version, which is OK if you use less than 500GB data a month, or between $5 and $7 a month.

The website whatismyipaddress.com lists a number of VPNs and includes some specifics about them.  While you are there, learn more about IP addresses, checking how sent you that email, and are you blacklisted?  Someday, we will do more on this interesting topic!

Consider using your cellular hot spot or purchasing a hot spot:

Many cell phones offer the capability of using your cellular connection for a portable Wi-Fi.  This is especially useful when you are away from home and want to access a sensitive site.  The process involves setting up your phone for this, which will include a password, then opening your other device and looking for your phone network.  You will have to enter your password on your phone onto the other device.  A purchased hot spot will be set up in a similar fashion. 

Website:  What are some common email scams and what can you do to avoid them?  This is an interesting assortment of them.  Particularly intrigued by Swatting...

Activity:  How good are you at spotting Email scams?  BTW, I took these quizzes and did miss a few.  Fun way to see how much you learned!

• Here is the Phishing quiz by Google that we did in class

• Another good phishing quiz.  It asks for your email address, but you don't have to fill it in.

• This is a nice basic quiz designed for seniors.  

Website:  All about Email scams.  Includes activities and lots of examples.  

Resource: Have you been a victim of Identity Theft? Visit the Identity Theft Government site to learn more. 

Resource: Hacking is a problem that seems to affect all of us at one point or another. Here is a great informational site on hacking. 

Interesting web article:  How does the information used by hackers become available?  Follow this story as the author goes onto the dark web to discover more about Russian hackers.  

Adware:  Learn more about adware, and then learn how to clear your browsers of adware.  

Ram scraping:  How do they do it?  This article outlines how ram scraping is done.  Maybe a little technical, but eye-opening!

Website:  The FDA offers some tips on preventing skimmers at the pump.  Very informative!

Online presentation:  At a 2018 conference, information was presented on some prominent Russian hackers.  This presentation shows what they did, how much money they made, and what was used.  Very fascinating!

Video: Street Smarts for Seniors, a presentation by the Brooklyn Police Department.  It is about 30 minutes long, but easy to follow and very useful.  

Tutorial: Avoiding Malware from GCFLearnFree

Flyer: Basic tips for online safety

News article: Sure, a VPN offers secure connections. But they are not all the same. And some are worse than public Wi-Fi! 

News article: Here are some of the more reputable VPNs (includes more information on VPNs)