Unit 3: OPERATING

ONLINE
___________

Teacher:
Kikambi John Bosco

OPERATING ONLINE 1
TOPICS TO COVER
• Topic Six: Risks to Data and Personal
Information
• Topic Seven: Impact of the Internet

• Topic Eight : Online Communities

• Topic Nine: The Impact of Digital

Technology
• Topic Ten: Online Information
OPERATING ONLINE 2
 Topic Six:
Risks to Data
and Personal
Information
OPERATING ONLINE 3
 Overview
The amount of data communicated online in order to
carry personal and financial information is almost
unimaginable. For example;-

OPERATING ONLINE 4
INTRODUCTION
• Huge amounts of data are transmitted and stored
digitally, and a lot of this data contains personal or
financial information.

• Because of this, digital systems are targeted by criminals

who try to access data so that they can use it to commit
fraud or identity theft.

• You need to be aware of the risks to your data when

operating online. You also need to know about the
methods that are used to secure data in order to prevent
unauthorized access and use.
OPERATING ONLINE 5
 OBJECTIVES OF TOPIC SIX

Objective 1: Be aware of risks to data and

information. Including but not limited to;-
 Unauthorized access
 Deliberate damage by malware
 Accidental deletion
 Theft of personal data:
• phishing,
• pharming
OPERATING ONLINE 6
Objective 2: Know about methods available to secure

data and personal information online:

 Firewalls
 Encryption
 passwords, PIN and Biometrics
 CAPTCHA tests and security questions
 anti-malware, anti-virus, antiadware and anti-
spyware
 access rights and file permissions
 secure websites
 not opening email attachments or following web links
 backup procedures
OPERATING ONLINE 7
Objective 3: Know about online payment
systems:
 Third party payment systems such as
PayPal, bank cards, contactless cards
using NFC – and
 How payments are protected: VeriSign,
HTTPS

OPERATING ONLINE 8
Risks to Data and Personal Information
• UNAUTHORISED ACCESS: is when the users access the
networks when they are not permitted to access them. They
attempt to gain access to networks directly by themselves.
• Sometimes, devices on a network can be targeted by
unauthorized users in order to be used as botnets.
• Botnets are groups of computers that have their resources
used for harmful purposes, such as spreading malware.
• DELIBERATE DAMAGE BY MALWARE: malware (malicious
software) is a software that is created with the intention to
do harm. Malware can show messages, play sounds, delete files
or reprogram systems to perform tasks that will harm the
system and the connected hardware.

OPERATING ONLINE 9
Ransomware • Some malware (known as ransomware)

threatens to delete a user’s files or

places restrictions on a user’s access

to software or resources until money

is paid, usually to an anonymous

account. These messages are usually

very threatening and distressing for

users. They are often written in a way

that makes the user believe that they

must pay quickly. This puts pressure

on the user to act before they have

time to think clearly about the threat

and how to manage it.

OPERATING ONLINE 10
• ACCIDENTAL DELETION: Users can
sometimes delete files or even the entire
contents of a drive by mistake.
• This can happen if:
• they press a key on a keyboard by
accident
• they format media on the wrong
storage device
• their device loses power unexpectedly.
OPERATING ONLINE 11
THEFT OF PERSONAL DATA: Criminals use a number of methods to
steal personal data.

a) PHISHING: Phishing is a technique used by criminals to get

personal information and payment details from users.

Phishing is defined as the criminal activity of sending emails that is

intended to trick someone into giving away personal information such as
their bank account number or their computer password; which is then
used to get money or goods.

It involves sending large numbers of messages that appear to be from

real organizations, such as shops, banks or charities. Phishing messages
are often sent as emails.

These emails ask the user to provide their information by replying to

the message or following a hyperlink that opens a webpage into which
the user is asked to type their personal details.
OPERATING ONLINE 12
Phishing

Phishing messages can also be sent via SMS or instant

message apps so that users open the fake webpage in a
mobile browser.
SMS phishing is sometimes referred to as smishing.

OPERATING ONLINE 13
• b) Pharming: Like phishing, pharming is a
technique used by criminals to gain personal
information and payment details from users.
Criminals create fake versions of trusted
websites to trick users into entering their
login details, which are then used by the
criminals to access users’ accounts.

OPERATING ONLINE 14
 Methods by which users are directed to a pharming site.

• There are two main methods by which users are directed to a pharming

site.

• Internet traffic going to the real website is redirected to the fake

website, so that users think they are visiting the real thing. Criminals do

this by altering the domain name servers to make internet traffic go to

their fake site. They can also use malware to redirect web requests.

• Often, the URL of a pharming website is designed to be very similar to

the URL of the real website. This means that if a user misspells the

URL when typing it into the address bar of their web browser, they

could go to the pharming site by mistake.

OPERATING ONLINE 15
• Figure 6.4: A fake webform, linked from an
SMS message and opened in a mobile
browser
OPERATING ONLINE 16
• Figure 6.5 Users should always check the URL of
websites that they visit to make sure that they are
not fake websites
OPERATING ONLINE 17
Pharming terms
• Webform a data entry form on a web page

• Internet traffic data transferred between

computers connected to the internet

• Domain name server a computer connected

to the internet that translates domain
names, such as pearson.com, into IP
addresses
OPERATING ONLINE 18
 METHODS TO SECURE DATA AND PERSONAL INFORMATION ONLINE

• Much of the data transmitted online is sensitive and valuable, and

it is important to protect that data from unauthorized access.
There are several different methods used to secure data and
personal information. These include
 Firewalls
 Encryption
 passwords, PIN and Biometrics
 CAPTCHA tests and security questions
 anti-malware, anti-virus, antiadware and anti-spyware
 access rights and file permissions
 secure websites
 not opening email attachments or following web links
 backup procedures
OPERATING ONLINE 19
METHODS TO SECURE DATA AND PERSONAL INFORMATION ONLINE

• FIREWALLS: a firewall is a network security system that

monitors and controls incoming and outgoing network traffic
based on predetermined security rules. They examine the
network addresses and ports of the data.
• The primary use of a firewall in networking is to secure the
network from cyberattacks.
• There are two types of firewalls based on what they
protect: network-based and host-based.
• Network-based firewalls, which are frequently hardware,
protect entire networks.
• Host-based firewalls, which are frequently software, protect
individual devices known as hosts.
OPERATING ONLINE 20
• ENCRYPTION: Encryption is the process of
converting data from a readable format to a
scrambled piece of information. Encryption uses a key
to scramble data into an unreadable form.

• Encryption is used to protect data from being stolen,

changed, or compromised

• PASSWORDS, PINS AND BIOMETRICS:

Passwords, PINs and biometrics are used online to
authenticate a user so that they can access an online
system, such as webmail or an online bank account.
OPERATING ONLINE 21
How to Create a Strong Password
 A password should be more than eight
characters long.
 A password should be a mix of letters,
numbers and symbols.
 Should be a mix of uppercase and lowercase
letters
 Made up of random characters (that is, not
common words, names or dates)
 Should be changed frequently
 Should be something that they have not used
before.
OPERATING ONLINE 22
Remember:-
• When entering a password or a PIN, the characters are

often masked so that anyone watching the screen cannot

see what is typed.

• Some services allow the password to be remembered. This

is not recommended for multiple users of computers with

stand-alone operating systems, as it may mean that

another user can access someone else’s accounts.

• Network operating systems are more secure and will not

allow different users to see each other’s stored

passwords.
OPERATING ONLINE 23
• CAPTCHA TESTS AND SECURITY QUESTIONS : When
users create an online account, they may be given a test
called a CAPTCHA test. CAPTCHA tests are used to make
sure that data is entered by a human and not by an
automatic software program known as a bot or web robot.

• CAPTCHA stands for Completely Automated Public Turing

Test To Tell Computers and Humans Apart.

• Some CAPTCHA tests work by asking users to enter a

randomly generated series of letters and numbers that are
displayed on the screen. Automatic software cannot read
the letters displayed, or enter them into the required
field, so this is used to distinguish human users from bots.
OPERATING ONLINE 24
CAPTCHA TESTS

• Image identification CAPTCHA tests are

another way of checking that users are
human

• CAPTCHA tests can play audio

versions for users who cannot
read the text

• CAPTCHA tests can ask users

to complete more challenging
tasks
OPERATING ONLINE 25
• NB: reCAPTCHA tests work in the same way as CAPTCHA tests,
but they use extracts of text from scanned books or a selection
of images that share common features.

• Computers read as “niis” Scanned type aged pntkm at society

were distinguished frow.”

• Computers find it difficult to interpret scanned text from books

but humans can read the text much more easily, which means that
using humans to interpret scanned text produces more accurate
outcomes
OPERATING ONLINE 26
• ANTI-MALWARE: Anti-malware prevents malware from accessing
or operating on computers. It scans computer files in real-time
and allows users to scan files, folders, disks or whole systems.

• real time: processing data within milliseconds of it being

input and making the output available almost immediately

• Virus: malware that uses networks to spread to connected

devices

• virus definitions: sequences of code that are found in

computer viruses

• Quarantine: isolate a suspected virus in a protected area

of storage where it cannot harm other files

OPERATING ONLINE 27
Anti-malware
• Anti-malware include;-
• Antivirus
• Ant-adware
• Anti-spyware

OPERATING ONLINE 28
• ANTI-VIRUS: A virus is malware that uses networks to spread to

connected devices. Viruses are spread via communication software such

as email or web browsers or by being loaded into a computer’s memory

from external storage such as USB flash drives. Viruses often look like

normal files. However, they have unique virus definitions that can be

identified by anti-virus software.

• Anti-virus software constantly checks files that are downloaded and

loaded by a computer for signs of virus definitions. If the anti-virus

software finds a match, it quarantines the file so that it cannot be run.

A virus checker can

quarantine an infected file
so that it cannot infect
other files
OPERATING ONLINE 29
• Anti-virus software has to be updated regularly because
virus code can be changed, either automatically or by
the developers of the virus. There is a constant battle
between people who create the threats to data and
people who create software to protect data.

OPERATING ONLINE 30
• ANTI-ADWARE: Adware displays unwanted adverts to users. Anti-

adware software detects, quarantines and removes adware.

• ANTI-SPYWARE: Spyware secretly monitors and records computer

data and user input. For example, a keylogger is a type of spyware

that monitors and records actions such as key presses or mouse

movements. Criminals can then analyse this information to identify a

user’s passwords for websites, or financial data such as credit card

numbers and security codes. Anti-spyware software detects,

quarantines and removes spyware.

• adware software that displays unwanted adverts

• spyware software that monitors and records data and user

input
OPERATING ONLINE 31
• ACCESS RIGHTS AND FILE PERMISSION: this
can be set to files, folders, allowing
users to read only or read and write to
the file. Permission are the settings
that provide the ability for a user to
access files, folders or drives.

OPERATING ONLINE 32