Cybersecurity Overview and PII Safety

Questions and Answers

What is the primary purpose of a scam in the context of cybersecurity?

To help individuals improve their online security

To entertain users on the internet

To promote legitimate businesses

To steal money or goods from individuals (correct)

Which of the following is a common indicator of a phishing scam?

The message is from a verified sender

It offers a legitimate business proposal

It is personalized with your name

It contains many grammar and spelling errors (correct)

When might you be asked to provide your password or PIN in a suspicious manner?

While purchasing items from a recognized website

After you request help from customer support

During a routine software update

In an unsolicited phone call or email (correct)

What action should you take if you are contacted by a stranger asking for personal information?

Ignore the request and block the contact

What is a recommended best practice for managing passwords?

Regularly update passwords and use unique ones for different accounts

Why is it important to verify emails or calls from unknown sources?

To protect sensitive personal information

Which type of scam involves scammers posing as legitimate charities to solicit donations?

Charity/Door-to-Door Scam

Which method is NOT a common practice to increase account security?

Providing your password to anyone requesting it

What is a common emotional tactic used by scammers targeting elderly victims?

Appeals to the desire for companionship

What type of scam involves fraudsters posing as government employees to threaten victims?

IRS/Government Scam

What should you be wary of when you receive extremely low prices on products?

They could be scams that seem too good to be true

What is identity theft primarily concerned with?

Stealing personal information to create an impersonation

How do cyber thieves typically conduct tech support scams?

By claiming they can fix nonexistent computer issues

Which of the following is a common feature of phishing emails?

Urgency or pressure to act quickly

What demographic is highlighted as being particularly vulnerable to identity theft?

Senior citizens and children under 18

Which of the following scams targets individuals by pretending to offer romantic companionship?

Dating/Romance Scam

What is spear phishing primarily characterized by?

Targeting individuals through known or trusted sources.

Which of the following is NOT a method used in vishing?

Sending malicious emails.

What tactic do phishers use to enhance the credibility of their calls in vishing?

Spoofing the Caller ID to show legitimate numbers.

Which of the following email subject lines most likely indicates a phishing attempt?

Update Your Password for Enhanced Security

What is a common consequence of falling victim to catfishing?

Loss of personal data and potential financial theft.

Why are individuals and companies vulnerable to spear phishing?

Through social engineering techniques that exploit human trust.

Which of the following practices can enhance password security?

Implementing two-factor authentication.

What is a key difference between traditional phishing and spear phishing?

Spear phishing is aimed at individuals known to the attacker.

Study Notes

Cybersecurity: Definition and Importance

• Cybersecurity is the protection of internet-connected systems from cyberattacks.
• Understanding cybersecurity is crucial because cybercrime impacts everyone.
• Cybercrime is projected to cost the world up to $6 trillion by 2021.
• Daily life relies heavily on internet-connected devices.
• Poor cybersecurity practices can lead to personal information theft.

Personally Identifiable Information (PII)

• PII is any data that identifies a specific person.
• Examples of PII include name, date of birth, social security number, driver's license, passwords, fingerprints, health insurance information, and credit card numbers.
• Data breaches expose PII and can be sold on the dark web leading to identity theft.
• Physical methods of PII theft include dumpster diving and shoulder surfing.

Web Browser Safety

• Web browsers are software tools used for accessing the internet.
• Common web browsers for safe browsing are Microsoft Edge, Mozilla Firefox, Google Chrome and Safari (macOS).
• Look for the “s” in the URL (https) to indicate a secure website.
• Use pop-up blockers to prevent unwanted pop-ups.
• Check for a padlock in the address bar to ensure secure mode.
• Enable automatic updates for security patches.
• Avoid using autofill and built-in password managers to prevent data theft.

Mobile Device Safety

• Mobile devices include smartphones, smart watches, laptops, tablets, e-readers and flash drives.
• Mobile devices are vulnerable to cyberattacks.
• Keep mobile device security software updated.
• Delete unused apps.
• Disable Wi-Fi or Bluetooth when not in use, especially in public places.
• Use strong passwords on mobile devices.
• Be mindful of the apps you install. Review app permissions and privacy policy.
• Log out of social media accounts when not actively using them.

How to Find My iPhone/iPad

• Use iCloud to locate a lost or stolen device.
• Use ‘Find My’ settings to track a lost or stolen iPhone/iPad.
• Activate device location service and allow sending of location when battery is low.
• Enabling offline location tracking allows locating even when device is offline.
• Lock device and display a custom message in Lost Mode to prevent unauthorized access.

How to Find My Android Device

• Use a web browser on another device to locate a lost or stolen Android device.
• Use ‘Find My Device’ on Google to locate the device.
• Can play sound on device, lock device or erase device.

Passwords

• Passwords are secret words or phrases to gain access to something or data.
• Strong passwords include a mix of characters.
• The more complex the password the harder it is for hackers to guess or crack it.
• Long passwords are more secure than short passwords.
• Passwords should be regularly changed every 12 months for improved security.
• Use password managers for better organization.
• Avoid using easily guessable passwords such as birthdays or names.

Password Creation: Strengths and Strategies

• Passwords should meet at least certain minimum length requirements.
• Passwords should contain various character types.
• Password length, complexity is important for a strong password that is difficult to guess.
• Biometrics such as fingerprints of facial recognition are also passwords.
• Base passwords should be considered and may be used in combination with other elements to create a complex password.

Two-factor Authentication (2FA)

• Two-factor authentication requires two forms of authentication to access an account.
• Something the user knows (password).
• Something the user has (token or device).
• Two-factor authentication is a security measure to protect access to an account.
• The recommended approach is using factors/types of authentication that are different from one another.

Malware

• Malware is any piece of software designed to damage or compromise a computer.
• Malicious software can make a computer slow, cause data loss, steal personal information, or block access to certain parts of a computer system.
• Examples include viruses, worms, adware, and spyware.

Internet Scams

• Scams are fraudulent activities to steal or cheat people, funds, or goods.
• Cyber scams involve use of technology for malicious purposes.
• Avoid scams by examining the signs and context for unusual requests.
• Look out for unusual offers or requests to disclose personal information, or to transfer funds.

Social Engineering

• Social engineering involves manipulation to trick people into revealing sensitive information.
• This can happen through phone calls, emails, or other online interactions.
• Common goals include theft of personal information, passwords, financial details, or other types of private data.

Phishing

• Phishing is a type of social engineering where criminals pretend to be a reliable or trusted source.
• Common email subject lines mention urgent action, update account information, or warnings of account compromise.

Online Safety Tips

• Be cautious of unsolicited communications or attachments.
• Use strong passwords.
• Update software regularly.
• Enable antivirus and firewall protection.
• Don't use public Wi-Fi networks for personal financial transactions.

Social Media Etiquette

• Social media etiquette is a set of guidelines to maintain a positive reputation, avoid unnecessary conflict, and respect other users' opinions and perspectives.
• Social media etiquette enhances constructive interaction on social media environments.

Governmental Resources

• The government provides resources and agencies to aid in instances of cybercrime or fraud.
• These resources can help in steps required to address scams, identity theft or other types of fraud.
• Helpful contact information and online resources may be useful in various instances.

Description

This quiz covers essential concepts of cybersecurity, including its definition and importance in protecting internet-connected systems. Learn about Personally Identifiable Information (PII) and the risks associated with data breaches. Additionally, explore safe browsing practices to enhance your online safety.