Starter

Answer the following questions

  1. What else can identity theft that is used to pretend to be someone else be known as? (hint beings with f)
  2. What type of software is a virus or a worm? (hint begins with m)
  3. Write an example of a secure password

Phishing and fraud

Learning Intentions

  • Understand the risks associated with the use of computer systems in this day and age

  • Identify and describe different ways to keep ourselves safe and act responsibly when using computer systems, especially in regard to using the Internet

Success Criteria

  • I am able to identify and describe different threats to ourselves when using computer systems
  • I am able to identify ways to keep ourselves safe

What we have learned so far

  • We have covered several topics in cyber security and crime:

  • Hacking

  • Acts of Parliament that cover computer misuse

  • Password security

  • Malware

  • Anti-virus protection

     

Class competition

  • Open http://bit.ly/33SlTqm on your computer

  • Create a strong password that is less than 9 characters in length and is memorable but not easy to guess.

  • The password that takes the longest to crack with being able to be recited by the creator wins.
    You have five minutes

     

Phishing

  • As covered the last time, phishing is the process of trying to get information out of someone by pretending to be someone else to an email user. This stage is called luring.

  • Phishing normally is done by asking the user to click on a link or by asking the user to email back.

  • This email came from a lecturer Strathclyde not the IT Helpdesk.

Phishing

  • Here’s an example pretending to be from PayPal.

How do we detect phishing?

  • Often phishing is normally extremely easy to detect by following a few steps:

    1. If it sounds too good to be true, it probably is

    2. Hover over the links in the page to see where they go, if they go to somewhere you don’t expect, don’t click it

    3. Check that the sender isn’t pretending to be someone they are not e.g. someone with the email address james@hp.com is not identifying as Frank Peterson.

    4. Think about how realistic the message sounds

    5. Look for spelling and grammar mistakes

Phishing

Keyloggers

  • A keylogger is a small program that is designed to watch keypresses.

  • It’s easy to write a keylogger and a web keylogger only takes a few lines of code in JavaScript.

  • Each keypress is saved into a file on the local computer and then transmitted to a server or remote computer when the user does something (e.g. changes page)

     

Identity theft

  • Identity theft is a form of computer crime in which someone pretends to be someone else, as is often the case with phishing.

  • Committing identity theft can lead to prison sentences of an unlimited length, depending on how serious the crime is. 

     

Other forms of computer crimes

  • Extortion – extortion means to use something as leverage against someone using threats or bribery

  • Sextortion – is a form of extortion whereby someone blackmails them with images they have of a sexual nature of them.

  • Ransomware – a piece of software that prevents the computer from doing anything and requires payment to remove it

     

Complete the Task 1 on your worksheet by highlighting things would help you identify this email as fraudulent.

 

Create a poster about different threats online. You will need to include information about:

  1. Hacking
  2. Malware (viruses, worms and Trojans as well as adware and malware)
  3. Password security
  4. Phishing and fraud
  5. Keeping yourself safe online

Task

JB
Cybersecurity : 3.1 Phishing and fraud
© J Balfour
Tools