Safer Internet Day in the U.S. — Are You Safe on the Internet?
Security culture can achieve more than prohibition posture. — Stéphane Nappo
A Safer Internet is a Safer World
February 11, 2020 is Safer Internet Day in the U.S. Few can deny that a safer Internet creates a safer world in general. Whether to shut down access to the Internet in key ways to thwart cybercrime (especially in regard to what children can access), or stay one step ahead of cybercrime through safer Internet practices is hotly debated. Even if we do begin to filter Internet content, are we creating a sense of false security? Perhaps it’s preferable to teach the safest ways to utilize the Internet as it really exists: in the real world. This debate will no doubt shape public policy for decades to come, both here in the U.S. and globally. One thing that cannot be ignored is the critical need to raise awareness of the dangers lurking on the Internet and how to combat those threats.
As Stéphane Nappo, Global Head of Information Security, Société Générale International Banking, has stated:
Education has always been a prosperity enabler for both the individual and the corporate. This is also true for cybersecurity culture. The human factor is the easiest way to attack a system. According to some studies,
Almost 90% of Cyber Attacks are Caused by Human Error or Behavior
Having said that, it is surprising to see enterprises attempting to mitigate this risk with almost exclusive investment in technology.
Misuse, Social engineering, Negligence, Malevolence… No technology is immune to bad human use. The human factor is too often neglected, and we should not forget that people are at the center of digital transition. Whether they are Customer or User, investing in people cybersecurity awareness and training is a great investment and a fundamental need.
In our increasingly digital society, Cyber-Security Culture is a key element of the defense ecosystem. An accurate vision of digital AND behavioral gaps is crucial for consistent cyber-resilience. As examples, preferring comfort to security, connecting an infected USB key, stealing data when changing employer, underestimating spam/phishing/ransomware concern, hiding a security incident, depend largely on the human-factor’s cybersecurity culture …
It’s time for enterprises to help their employees deal with cybersecurity. It’s also time to rectify the security perception. Security is not an inconvenience. Its role must be explained, and security teams must pay close attention to the user experience and clear user information. Cybersecurity must be viewed as a convenient and essential business service.
Tips to Keep You Safe on the Internet
It’s almost breathtaking the variety of cybercrimes that exist today. In her article, “The 16 Most Common Types of Cybercrime Acts” for VoIP Shield, Erika Hernandez lists a large array of cybercrimes including: fraud, hacking, identity theft, scamming, computer viruses, ransomware, DDoS attack, botnets, spamming, phishing, malvertising, cyberstalking, and software piracy. Check out the full article, it’s sobering.
Given all the possible ways to be victimized on the Internet today, here are some safety tips excerpted from the article, “Top 10 Internet Safety Rules & What Not to Do Online” by usa.kaspersky.com:
- Keep Personal Information Professional and Limited. …You wouldn't hand purely personal information out to strangers individually — don't hand it out to millions of people online.
- Keep Your Privacy Settings On. … Major websites … have privacy-enhancing settings available. These settings are sometimes (deliberately) hard to find because companies want your personal information for its marketing value. Make sure you have enabled these privacy safeguards, and keep them enabled.
- Practice Safe Browsing. You wouldn't choose to walk through a dangerous neighborhood — don't visit dangerous neighborhoods online. Cybercriminals use lurid content as bait. They know people are sometimes tempted by dubious content and may let their guard down when searching for it ...
- Make Sure Your Internet Connection is Secure. Use a Secure VPN Connection When you go online in a public place, for example by using a public Wi-Fi connection, … you have no direct control over its security … Make sure your device is secure, and when in doubt, wait for a better time (i.e., until you're able to connect to a secure Wi-Fi network) before providing information such as your bank account number …
- Be Careful What You Download. A top goal of cybercriminals is to trick you into downloading malware — programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather …
- Choose Strong Passwords. Passwords are one of the biggest weak spots in the whole Internet security structure, but there's currently no way around them. And the problem with passwords is that people tend to choose easy ones to remember (such as "password" and "123456"), which are also easy for cyber thieves to guess … A strong password is one that is unique and complex — at least 15 characters long, mixing letters, numbers, and special characters.
- Make Online Purchases From Secure Sites. Any time you make a purchase online, you need to provide credit card or bank account information … Only supply this information to sites that provide secure, encrypted connections … you can identify secure sites by looking for an address that starts with https: (the S stands for secure) rather than simply http: They may also be marked by a padlock icon next to the address bar.
- Be Careful What You Post. … Any comment or image you post online may stay online forever … There is no way for you to "take back" a remark you wish you hadn't made, or get rid of that embarrassing selfie you took at a party …
- Be Careful Who You Meet Online. People you meet online are not always who they claim to be. Indeed, they may not even be real … Be as cautious and sensible in your online social life as you are in your in-person social life.
- Keep Your Antivirus Program Up To Date. Internet security software cannot protect against every threat, but it will detect and remove most malware … stay current with your operating system's updates and updates to applications you use. They provide a vital layer of security.
For additional advice check out the article, “Safe Internet Use” from getsafeonline.org. This article has some particularly good tips and instructions for dealing with websites that may be suspect, including:
- Check for … an address, phone number and/or email contact – often indications that the website is genuine. If in doubt, send an email or call to establish authenticity.
- Check that the website’s address seems to be genuine by looking for subtle misspellings, extra words, characters or numbers or a completely different name from that you would expect the business to have.
- Roll your mouse pointer over a link to reveal its true destination, displayed in the bottom left corner of your browser. Beware if this is different from what is displayed in the text of the link from either another website or an email.
- If there is NO padlock in the browser window or ‘https://’ at the beginning of the web address to signify that it is using a secure link, do not enter personal information on the site.
- Websites which request more personal information than you would normally expect to give, such as user name, password, or other security details IN FULL, are probably malicious.
- Avoid ‘pharming’ by checking the address in your browser's address bar after you arrive at a website to make sure it matches the address you typed. This will avoid ending up at a fake site even though you entered the address for the authentic one – for example ‘eebay’ instead of ‘ebay.’
- Be wary of websites which promote schemes that involve the recruitment of others, receiving money for other people, or advance payments.
- Be wary of websites that are advertised in unsolicited emails from strangers.
Unfortunately, there are no foolproof safeguards for traversing the Internet safely. However, using safer Internet practices, your own common sense, and your own intuition can spare you many of the nasty surprises that lurk online for those who are careless.
What to do if You Believe You are a Victim of Cybercrime
If you believe you are the victim of an online crime, the U.S. government’s Online Safety guidelines recommend reporting it to these government authorities:
- The Internet Crime Complaint Center (IC3) will send your internet-related criminal complaint to federal, state, local, or international law enforcement. In addition to filing an IC3 complaint, contact your credit card company. Let them know about unauthorized charges or if you think your credit card number was stolen.
- The Federal Trade Commission (FTC) shares consumer complaints, including online scams with local, state, federal, and foreign law enforcement. While the FTC can’t resolve individual complaints, it can tell you the next steps to take.
- EConsumer.gov accepts complaints about online shopping and e-commerce transactions with foreign companies.
- The Department of Justice (DOJ) can show you where to report internet or intellectual property crimes.
By the way, Safer Internet Day 2020 is scheduled for a live broadcast on February 11, 2020 on YouTube, be sure to check it out!
What do you think?
- Have you been a victim of cybercrime?
- What’s the worst case of cybercrime you’ve heard about?
- What suggestions do you have to create a safer Internet?