Cybersecurity Overview and PII Safety

Questions and Answers

What is the primary purpose of a scam in the context of cybersecurity?

• To help individuals improve their online security
• To entertain users on the internet
• To promote legitimate businesses
• To steal money or goods from individuals (correct)

Which of the following is a common indicator of a phishing scam?

• The message is from a verified sender
• It offers a legitimate business proposal
• It is personalized with your name
• It contains many grammar and spelling errors (correct)

When might you be asked to provide your password or PIN in a suspicious manner?

• While purchasing items from a recognized website
• After you request help from customer support
• During a routine software update
• In an unsolicited phone call or email (correct)

What action should you take if you are contacted by a stranger asking for personal information?

Ignore the request and block the contact (A)

What is a recommended best practice for managing passwords?

Regularly update passwords and use unique ones for different accounts (A)

Why is it important to verify emails or calls from unknown sources?

To protect sensitive personal information (C)

Which type of scam involves scammers posing as legitimate charities to solicit donations?

Charity/Door-to-Door Scam (A)

Which method is NOT a common practice to increase account security?

Providing your password to anyone requesting it (B)

What is a common emotional tactic used by scammers targeting elderly victims?

Appeals to the desire for companionship (B)

What type of scam involves fraudsters posing as government employees to threaten victims?

IRS/Government Scam (C)

What should you be wary of when you receive extremely low prices on products?

They could be scams that seem too good to be true (D)

What is identity theft primarily concerned with?

Stealing personal information to create an impersonation (B)

How do cyber thieves typically conduct tech support scams?

By claiming they can fix nonexistent computer issues (C)

Which of the following is a common feature of phishing emails?

Urgency or pressure to act quickly (B)

What demographic is highlighted as being particularly vulnerable to identity theft?

Senior citizens and children under 18 (D)

Which of the following scams targets individuals by pretending to offer romantic companionship?

Dating/Romance Scam (A)

What is spear phishing primarily characterized by?

Targeting individuals through known or trusted sources. (D)

Which of the following is NOT a method used in vishing?

Sending malicious emails. (D)

What tactic do phishers use to enhance the credibility of their calls in vishing?

Spoofing the Caller ID to show legitimate numbers. (C)

Which of the following email subject lines most likely indicates a phishing attempt?

Update Your Password for Enhanced Security (A)

What is a common consequence of falling victim to catfishing?

Loss of personal data and potential financial theft. (B)

Why are individuals and companies vulnerable to spear phishing?

Through social engineering techniques that exploit human trust. (D)

Which of the following practices can enhance password security?

Implementing two-factor authentication. (A)

What is a key difference between traditional phishing and spear phishing?

Spear phishing is aimed at individuals known to the attacker. (B)

Flashcards

Cyber Scams

Fraudulent activities using the internet to steal money or goods.

Scam Characteristics

Features of a scam that help identify it: too-good-to-be-true offers, requests for personal information from strangers or seemingly trusted contacts, immediate payment demands, unusual payment methods, requests for passwords or PINs, and communication from suspicious sources.

Spotting a Scam

Recognizing suspicious online contact attempts or offers that should raise suspicion.

Online Hotspot Data Use

Using a hotspot might lead to high cellular data usage and increased service provider charges.

Phishing

A type of cybercrime that involves tricking a victim into revealing personal information.

Malware

Short for malicious software; software designed to harm or give unauthorized access to a computer system.

Antivirus Software

Software designed to detect and remove malware from a computer.

Updating Antivirus

Keeping antivirus software up-to-date to protect against the latest threats.

Computer Infection Signs

Indicators that a computer might be infected with malware, which may include unusual performance or behavior.

Safe Online Shopping

Practices to follow when shopping online to protect oneself from fraud or scams.

Phishing

Tricking someone into revealing personal information, often through fake emails or messages.

Spear Phishing

A type of phishing that targets specific individuals, pretending to be from someone they know or trust.

Vishing

Using phone calls to trick people into revealing personal information.

Caller ID Spoofing

Making a phone number appear to be from a different location or company to trick someone.

Anti-aging Product Scam

Scammers target elderly people's desire to look younger, selling worthless or harmful products.

Internet Scam

Scammers exploit seniors' limited tech knowledge using phishing, fake antivirus, etc.

Charity/Door-to-Door Scam

Fake charities use high-pressure tactics to extract money during crises, often making false claims.

Dating/Romance Scam

Criminals pose as partners to gain money from potential victims' desire for companionship.

Tech Support Scam

Scammers pose as tech support to trick victims into paying for unnecessary services or fixes.

IRS/Government Scam

Scammers posing as government officials threaten fines or imprisonment to extort money.

Identity Theft

Criminals steal personal information to create a fake identity for financial gain.

Study Notes

Cybersecurity: Definition and Importance

• Cybersecurity is the protection of internet-connected systems from cyberattacks.
• Understanding cybersecurity is crucial because cybercrime impacts everyone.
• Cybercrime is projected to cost the world up to $6 trillion by 2021.
• Daily life relies heavily on internet-connected devices.
• Poor cybersecurity practices can lead to personal information theft.

Personally Identifiable Information (PII)

• PII is any data that identifies a specific person.
• Examples of PII include name, date of birth, social security number, driver's license, passwords, fingerprints, health insurance information, and credit card numbers.
• Data breaches expose PII and can be sold on the dark web leading to identity theft.
• Physical methods of PII theft include dumpster diving and shoulder surfing.

Web Browser Safety

• Web browsers are software tools used for accessing the internet.
• Common web browsers for safe browsing are Microsoft Edge, Mozilla Firefox, Google Chrome and Safari (macOS).
• Look for the “s” in the URL (https) to indicate a secure website.
• Use pop-up blockers to prevent unwanted pop-ups.
• Check for a padlock in the address bar to ensure secure mode.
• Enable automatic updates for security patches.
• Avoid using autofill and built-in password managers to prevent data theft.

Mobile Device Safety

• Mobile devices include smartphones, smart watches, laptops, tablets, e-readers and flash drives.
• Mobile devices are vulnerable to cyberattacks.
• Keep mobile device security software updated.
• Delete unused apps.
• Disable Wi-Fi or Bluetooth when not in use, especially in public places.
• Use strong passwords on mobile devices.
• Be mindful of the apps you install. Review app permissions and privacy policy.
• Log out of social media accounts when not actively using them.

How to Find My iPhone/iPad

• Use iCloud to locate a lost or stolen device.
• Use ‘Find My’ settings to track a lost or stolen iPhone/iPad.
• Activate device location service and allow sending of location when battery is low.
• Enabling offline location tracking allows locating even when device is offline.
• Lock device and display a custom message in Lost Mode to prevent unauthorized access.

How to Find My Android Device

• Use a web browser on another device to locate a lost or stolen Android device.
• Use ‘Find My Device’ on Google to locate the device.
• Can play sound on device, lock device or erase device.

Passwords

• Passwords are secret words or phrases to gain access to something or data.
• Strong passwords include a mix of characters.
• The more complex the password the harder it is for hackers to guess or crack it.
• Long passwords are more secure than short passwords.
• Passwords should be regularly changed every 12 months for improved security.
• Use password managers for better organization.
• Avoid using easily guessable passwords such as birthdays or names.

Password Creation: Strengths and Strategies

• Passwords should meet at least certain minimum length requirements.
• Passwords should contain various character types.
• Password length, complexity is important for a strong password that is difficult to guess.
• Biometrics such as fingerprints of facial recognition are also passwords.
• Base passwords should be considered and may be used in combination with other elements to create a complex password.

Two-factor Authentication (2FA)

• Two-factor authentication requires two forms of authentication to access an account.
• Something the user knows (password).
• Something the user has (token or device).
• Two-factor authentication is a security measure to protect access to an account.
• The recommended approach is using factors/types of authentication that are different from one another.

Malware

• Malware is any piece of software designed to damage or compromise a computer.
• Malicious software can make a computer slow, cause data loss, steal personal information, or block access to certain parts of a computer system.
• Examples include viruses, worms, adware, and spyware.

Internet Scams

• Scams are fraudulent activities to steal or cheat people, funds, or goods.
• Cyber scams involve use of technology for malicious purposes.
• Avoid scams by examining the signs and context for unusual requests.
• Look out for unusual offers or requests to disclose personal information, or to transfer funds.

Social Engineering

• Social engineering involves manipulation to trick people into revealing sensitive information.
• This can happen through phone calls, emails, or other online interactions.
• Common goals include theft of personal information, passwords, financial details, or other types of private data.

Phishing

• Phishing is a type of social engineering where criminals pretend to be a reliable or trusted source.
• Common email subject lines mention urgent action, update account information, or warnings of account compromise.

Online Safety Tips

• Be cautious of unsolicited communications or attachments.
• Use strong passwords.
• Update software regularly.
• Enable antivirus and firewall protection.
• Don't use public Wi-Fi networks for personal financial transactions.

Social Media Etiquette

• Social media etiquette is a set of guidelines to maintain a positive reputation, avoid unnecessary conflict, and respect other users' opinions and perspectives.
• Social media etiquette enhances constructive interaction on social media environments.

Governmental Resources

• The government provides resources and agencies to aid in instances of cybercrime or fraud.
• These resources can help in steps required to address scams, identity theft or other types of fraud.
• Helpful contact information and online resources may be useful in various instances.