340 likes | 542 Views
Privacy, reputation protection and identity theft. The dangers. Children and young people providing too much information about themselves online poses personal security threats and can lead to identity theft
E N D
The dangers • Children and young people providing too much information about themselves online poses personal security threats and can lead to identity theft • These days on the web, anybody can be a publisher, videographer or instant celebrity – which means that what young people post online might come back to haunt them by hurting their reputation and affecting future education and work prospects
Privacy issues – posting information on websites • Some young people have a false sense of privacy about social networking sites – they seem to believe that they offer a greater level of privacy and security than chat rooms do - unless a profile is set to private on MySpace, for example, much of what is said on the page can be viewed by anyone
Privacy issues – information collected by websites • Websites can invisibly collect information about children’s interests as they surf around the site - this type of information is sometimes called the click stream • Companies can send bits of software called cookies to your computer to track information and then, for example, have pop-up ads targeted at those interests appear on screen • You can set your browser to detect and reject these cookies
Privacy issues – keeping emails and computer files private • Don’t think that deleting an email from your computer means that it disappears completely - they can still be retrieved from backups, for example. If you really want to completely delete messages or files from your computer you should use a special file erasing program • If you want to be completely sure about the privacy of your emails and files then you need encryption software which scrambles messages and files - PGP is a good encryption program - www.pgp.com
Privacy issues – emails and computer files • Storage security protection software helps to prevent unauthorised access to the files on your personal computer - Steganos Security Suite (www.steganos.co.uk) is an example of this type of software
Privacy issues – surfing anonymously • Anonymous remailers are services that take out identifying information from emails before passing them onto your intended recipient – examples include Advicebox (www.advicebox.com) and Mr Smith (www.mrsmith.com) • Anonymous surfing services mask your identity as you surf the web - Steganos Internet Anonym (www.steganos.co.uk) is an example of this type of software
Privacy - password security • People worry about hackers getting into their computers to get hold of their passwords but the truth is that many people give their passwords away by being careless • The most common mistakes are choosing a password that is easy to guess, using the same password all the time and allowing other people to know passwords
Privacy - password security • Young people should never let their friends have their passwords – they may not be friends forever • Young people sometimes play pranks such as impersonating someone who has shared their password with them
Privacy - password guess attacks • There are ways that criminals use to try and crack login usernames and passwords: • Intelligent guess attack • Dictionary attack • Brute force attack • It is therefore very important to choose ‘strong’ passwords
Privacy - how to come up with a strong password • Make it at least 7 characters long • Avoid obvious ‘dictionary’ words • Pick a combination of letters and numbers that you will remember (but other people are unlikely to guess) but spell it by mixing lower and upper case characters • If you must write it down, store it somewhere that is not an obvious location
CyberSafety tips on privacy Children and young people • Never give personal details to anyone that you don't know • Never tell anyone your computer passwords • Make sure other people do not watch over your shoulder when you login to your accounts
CyberSafety tips on privacy issues • Check with an adult first before providing information to a website – even if it’s a well-known one • Look for a privacy policy - if a website does not have one then never provide them with personal information • If a site does have one, read it very carefully and only provide information if you are absolutely happy with what they say about what they do with information provided to them
CyberSafety tips on privacy issues Parents • Consider installing an outgoing filtering software program onto your computer – they make sure that certain information that a child may want to share with others, can't be shared • You first input the information into the software and if your child then tries to send their name, address or telephone number to someone via the Internet, that information does not get displayed
CyberSafety tips • Only provide the minimum of information needed to complete an online form – most sites display an asterisk next in mandatory information • When shopping online, don’t provide your payment details unless you’re satisfied that the website is hosted on a secure server – check the start of the URL - it will say https instead of http if it is a secure server
CyberSafety tips • Watch out for phishing scams • Install a site adviser – these give you a quick overview of the website before you visit it and let you know if it contains unsafe code or anything else which is dodgy – the best free one is McAfee Site Advisor
CyberSafety tips • Always set strong passwords • Consider using a password manager – examples include www.roboform.com and www.keepass.info • If you need to provide an email address to a website in order to, for example, activate a service and do not want to give away your main email address, get a disposable one – this is an email address that forwards to existing email address but expires after a very short period of time (www.gishpuppy.com is an example)
CyberSafety tips • Use a disposable payment card – www.cahoot.com offer such a system • Their web card lets you set a limit on each online payment and generates a unique set of card details for each transaction, keeping the real ones secure
Reputation protection • Increasingly, videosharing and social networking sites along with personal blogs are being used for background checking by employers and universities
Reputation protection • Posting sexually provocative pictures or images involving alcohol or illegal drugs may seem cool or fun at the time • Young people need to understand the legal, academic and future employment consequences of illegal or unethical behaviour
Reputation protection • They need to be aware of the ‘you can't take it back’ issue • Videos, photos and comments posted online can instantly be passed along and archived on the web virtually forever, beyond the original uploader's control
Identity theft • Definition: • “The crime of obtaining the personal or financial information of another person for the purpose of assuming that person's name to make purchases or to commit a crime”
Identity theft • Identity theft is the fastest-growing online crime • Thieves use both online and offline methods to carry out their activities
What identity thieves want • They want to be able to pretend to be you • This means they can buy things using your cards, get your money out of your account, commit crimes in your name
Identity theft is an issue for young people as well as adults • Although it is a problem that mainly affects adults, identity theft can cause problems for children and young people as well • If they can steal the login of a young person they can pose as them and cause problems
Personal information that is valuable to an identity thief • Name and address • Has a value but not normally enough in itself to do anything with • Telephone number • Relatively low risk to an identity thief as long as the number is unlisted. If listed, the phone number can be used to obtain an address as well. • Credit card numbers • Valuable to an identity thief – a credit card is the safest way to buy anything online as it has the strongest fraud protection. The only time you should provide your credit card number online is when you are buying from a secure website
Personal information that is valuable to an identity thief • Driving licence number • This is potentially valuable to an identity thief so never give it out online • Your birth date • Never give it out as it is very valuable – if a website you really want to use is asking for it, give a fake birth date
Personal information that is valuable to an identity thief • National Insurance or NHS number – never give this number out and don’t give out fake one either • Your mother’s maiden name or the answer to any other question that is often asked for as the answer to a secret question • The most valuable information is, of course, login details to websites such as online banks
How identity thieves can get hold of this kind of information • Viruses • a piece of computer code that is secretly introduced into a system in order to corrupt it or destroy data. Often viruses are hidden in other programs or documents and when opened, the virus is let loose • Trojan horses • this is a computer program that disguises itself as another program - similar to a virus, these programs are hidden (they differ from viruses because they are normally not designed to replicate like a virus) • Worms • this is a special type of virus that spreads without any user help, typically by exploiting a flaw in software • Physically getting access to your computer
How identity thieves can get hold of this kind of information • Getting personal information that has been posted to a website • Giving it away yourself by being tricked by a fake website • Trying to guess login details and passwords
CyberSafety tips • Always check your bank and credit card statements • Check your credit rating regulatory credit reference agency – Experian.co.uk, Callcredit.co.uk and Equifax.co.uk • If you suspect that someone has stolen your credit card details contact your credit card company immediately
CyberSafety tips • You are entitled to some compensation under section 13 of the data protection act if an organisation has lost your details and you have suffered financial damage • If you fail to get compensation you also have the right to go to court to retrieve the money you’ve lost
CyberSafety tips • Buy a shredder and use it to dispose of any bits of paper that contain personal details • Keep any documents with personal information in a safe place and shred them when you have no further use for them
CyberSafety tips • If your identity is stolen you’ll find a wealth of information on what to do on a special Home Office web site – www.identity-theft.org.uk