Lesson-2-Malware.pdf

Full Transcript

EMPOWERMENT TECHNOLOGIES
Online Safety, Security,
Ethics and Etiquette

Lesson 2
After going through this lesson, you are expected to:

1. Name the various online threats;
2. Identify the online safety measures; and
3. Consider one’s and others’ reputation when using
the Internet.
 The internet has radically
changed the way people interact
with the world. They have
accounts on different online
platforms; some have unlimited
Internet access, and some are
active users of the web.

Yet along this opportunity are the
new risks or threats that the
Internet may bring. Hence, online
safety or Internet safety is an
emergent concern for children.
 Most of us use the Internet every day. Sometimes, we do not pay attention to how
much information we share online. Identify which of the following information you
have shared online and list down your answers on the separate sheet of paper.

First Name Last Name Middle Name
Address Mothers Name Fathers Name
Name of your Siblings Mobile phone number Birthday
Home Phone number

How many information you have shared?
 Online Safety and Security
The Internet, truly, is a powerful tool. It can be used to promote
your business, gain new friends, and stay in touch with the old
ones.

It is also a source of entertainment through games, online
communities, and everything in between. But like most things in
this world, there is always “other side of the coin”.

The internet is one of the most dangerous places especially if you
do not know what you are doing with it.
 Online Safety and Security
The Internet is defined as the information superhighway. This
means that anyone has access to this highway, can place
information, and can grab that information.

This is why social networking sites like Facebook continue to
improve their security features. The threat of cybercrime is
very real. Whatever information we share today could affect
our future.
Internet
Threats
 1. Malware
Short for Malicious Software. It is any program or file that is
harmful to a computer user.
It is a software used or created to disrupt computer operation,
gather sensitive information, or gain access to private
computer systems.
Malware is a general term used to refer to a variety of forms of
hostile, intrusive, or annoying software.
It can appear in the form of code, scripts, active content, and
other software.
 Usage of Malware
Used primarily to steal sensitive personal, financial, or business
information for the benefit of others.

Used against government or corporate websites to gather
guarded information, or to disrupt their operation in general.

Used often against individuals to gain personal information
such as social security numbers, bank or credit card numbers,
and so on.
Types of
Malware
 Viruses/VIRUS
(Vital information Resource Under Siege)
A computer virus is an executable piece of code that can infect computers without
knowledge or permission from the user. A malicious program designed to replicate
itself and transfer from one computer to another (internet, local networks, CDs, etc.)

– It can delete critical files within the operating system.

– It cannot replicate itself independently.

– Some viruses are time/date triggered.
 Worm
A computer worm is a self-replicating computer program. A malicious program that
transfers from one computer to another by any type of means.

It uses a network to send copies of itself to other computers on the network and it may do
so without any user intervention.

It does not need to attach itself to an existing program.

It is commonly used to send junk mail and initiate Denial of Service attacks.

– Ex. ILOVEYOU Worm - The malware originated in the Pandacan
neighborhood of Manila in the Philippines on May 5, 2000.
 Trojan Horses
A malicious program that disguises as a useful program but once downloaded or installed, leaves
your PC unprotected and allows hackers to get your information.

Trojan horses are applications which appear to be useful, legitimate applications, but run malicious,
hidden code that can be used to remote access a computer system.

Can be used to capture your logins and passwords, may result in changing desktop wallpaper,
creating pop-ups, or even deleting files.

A Trojan Horse neither replicates nor copies itself.
 Spyware
A program that runs in the background without you knowing it (thus called “spy”). It has the
ability to monitor what you are currently doing and typing through keylogging.

– Ex. Keylogger – used to record keystrokes done by the user. This is done to steal their password or any
other sensitive information. The key logger software typically uses log file to store its recording.

A type of malware installed on computers that collects information
about users without their knowledge.

Spyware is a malicious software that aims to steal:
Pictures and other files on the computer or mobile device
Credit card information
Usernames and passwords
Email address
 Adware
A program designed to send you advertisements, mostly as pop-ups.

It is an unwanted software designed to throw advertisements up on your screen,
most often within a web browser.

Some security professionals view it as the forerunner of the modern-
day PUP (potentially unwanted program).

Typically, it uses an underhanded method to either
disguise itself as legitimate, or piggyback on another
program to trick you into installing it on your PC, tablet,
or mobile device.
 How Malware Spreads?
Social network
Download infected content online (photos, other software installer,
videos, etc.)
Open unknown or infected email attachments (clicking on links found
on spam mails)

Untrusted Websites (pop-ups)

Removable media devices
 What Malware can do to you?
1. Data Loss
Many viruses and Trojans will attempt to delete files or wipe
hard drives when activated, but even if you catch the infection
early, you may have to delete infected files.

2. Account/Identity Theft
Many types of malware include keylogger functions, designed
to steal accounts and passwords from their targets.
 What Malware can do to you?
3. Botnets
Many types of malware also subvert control over the user's
computer, turning it into a "bot" or "zombie“ which is used to
execute a Distributed Denial of Service attacks.

4. Financial Loss
If a hacker gains access to a credit card or bank account via a
keylogger, he can then use that information to run up charges
or drain the account.
How will I know if my system or device is infected?
Your device is running at a slower pace than usual
Your computer restarts on its own, then fails to run normally
Applications are not working correctly
You receive unusual error messages
Appearance of strange files, programs, or desktop icons
There seems to be a lot of network activity when you are not
using the network
File names are changed or files are strangely modified (hidden)
 Tips on How to Prevent Malware Infection

Install Anti-Virus/Malware Software and keep them up-to-date.
Keep your operating system updated.
Secure Your Network.
Don’t Use Open Wi-Fi.
Think Before You Click.
Be selective with your downloads and look at the file extension.
Be careful with USB drives.
Be wary about remote access.
Keep a good backup.
Keep your personal information safe.
 2. Spam
Spamming

– An unwanted email mostly from bots or advertisers. It can be
used to send malware.
Abuse of email systems to send unsolicited email to large numbers of
people
Method of marketing also used by many legitimate organizations
Completely Automated Public Turing Test to Tell Computers and
Humans Apart (CAPTCHA) for prevention
– Software generates tests that humans can pass but computer programs cannot
 3. Phishing

Its goal is to acquire sensitive personal information like
passwords and credit card details.

This is done by sending you an e-mail that will direct the user
to visit a fake website and be asked to update his/her
username, password, credit card or personal information.
 TIPS TO STAY SAFE ONLINE
Be mindful of what you share online and what site you
share it to.
Do not just accept terms and conditions; read it.
Check out the privacy policy page of a website to learn
how the website handles the information you share.
Know the security features of the social networking site
you use. By keeping your profile private, search engines
will not be able to scan your profile.
 TIPS TO STAY SAFE ONLINE
Do not share your password with anyone.
Avoid logging in to public networks/Wi-Fi. Browsing in
“incognito (or private) mode”, a feature of the browser,
will not protect you from hackers.
Never post anything about a future vacation. It is similar
to posting, “Rob my house at this date.”
 TIPS TO STAY SAFE ONLINE
Add friends you know in real life.
Avoid visiting untrusted websites.
Install and update an antivirus software on your
computer. Use only one antivirus software to avoid
conflicts.
If you have a wi-fi at home, make it a private network by
adding a password.
 TIPS TO STAY SAFE ONLINE
Avoid downloading anything from untrusted websites.
You are most vulnerable in peer-to-peer downloads
(torrents)as the download is most likely not monitored
by the site owner.
Buy the software; do not use pirated ones.
Do not reply or click links from suspicious emails.
 Computer Code of Ethics
Information stored on the computer should be treated
as seriously as written or spoken word.
Privacy should not be violated. In case of academic use,
it is known plagiarism.
Information from public viewing should not be modified
or deleted or inaccessible since these are considered as
destructive acts.
 Computer Code of Ethics
Intrusive software such as "worms" and "viruses" which are
destructive to the computer system is also illegal.
Congesting somebody’s system with a lot of unwanted
information is also unethical.
Sending obscene and crude messages through mail or chat is
also forbidden.
Sending sexually explicit content, message or pictures is also
forbidden.. Just like you are advised to say “please”
and “thank you” when you talk to others,
there is a special set of manners for the
internet users called Netiquette.
Netiquette in other word is network
etiquette, the do's and don'ts of online
communication.
The Ten Golden Rules Of Netiquette
1. The Golden Rule – Treat others as you
would like to be treated.
2. No Flaming – It is a personal insult
communicated through the internet.
Watch your posts or comments
3. Don’t Type in ALL CAPS – People may
misinterpret it because it means you’re
SHOUTING.
4. Do not Spam or Flood – Used in instant
messaging chat rooms by people who want
to disrupt the chat.
5. Don’t talk with people you do not
know – do not arrange to met anyone
you have just meet online.
6. Obey Copyright Laws – don’t steal
someone else’s idea, property, and
rights.
7. Use Proper Grammar and Spelling -
errors diminish the credibility of the
message.
8. Be HONEST / Be Yourself – tell the
truth, do not pretend to be someone
else.
9. Follow the TOS – Terms of Service
rules and policy of the sites.
10.Be forgiving of other people's mistakes –
sometimes, you will see a stupid question,
unnecessarily long response, or misspelled
words; when this happens, practice kindness
and forgiveness as you would hope someone
would do if you had committed the same
offense.
 It is the use of works protected by
copyright law without permission for a
usage where such permission is
required.

Here are some tips that could help you
avoid copyright infringement:
– 1. Always assume that the work is
copyrighted.
– 2. Do not copy, share or alter without
seeking permission.
– 3. Review and retain licensing
agreements.
– 4. Consider buying content.
– 5. Give credit to the original author of
the page or information.
What is plagiarism?
the act of using another person's words
or ideas without giving credit to that
person
http://www.merriam-webster.com/dictionary/plagiarism
Plagiarism
The practice of taking someone else's
work or ideas and passing them off as
one's own.
https://en.oxforddictionaries.com/definition/plagiarism
 Activity 2
Make a research on the “MOST DANGEROUS”
viruses/malwares ever created in the history of cyber space.

Cite at least five (5) and include on what does it do and what
was the solution made to this virus/malware.

Make your OWN reflection on what you have learned on your
research.
 Sources:
Quarter 1: Module 2: Online Safety, Security, Ethics and
Etiquette
Internet Resources:
– http://www.wipo.int/about-ip/en/
– https://en.oxforddictionaries.com/definition/plagiarism