Internet Safety

Staying safe online is essential in today's world. Use these Internet safety tips to keep
yourself and your loved ones protected.

Introduction to Internet safety

There's almost no limit to what you can do online. The Internet makes it possible to access
information quickly, communicate around the world, and much more. Unfortunately, the
Internet is also home to certain risks, such as malware, spam, and phishing. If you want to
stay safe online, you'll need to understand these risks and learn how to avoid them.

Adopting a safer mindset

Computers can often give us a false sense of security. After all, no one can physically harm
you through a computer screen. But to stay safe online, you'll want to take a more cautious
approach. Here's one way to think about it: Treat the Internet as you would a shopping
mall.

Most people don't consider a mall to be an especially dangerous place. You can go there to
shop and meet up with friends. But there are also small things you may do to stay safe, even
if you don't think about them very often. For example, you probably wouldn't leave your car
unlocked or give your credit card number to a stranger.

Apply this same mindset whenever you're online. You shouldn't be afraid to use the Internet,
but remember that it comes with many of the same risks you'd face in the real world.
Throughout this tutorial, we'll show you how to prepare for these risks so you can be online
without putting yourself in danger.

So what are you waiting for? Let's get started!

 Lesson 2: Creating Strong Passwords

Creating strong passwords

You'll need to create a password to do just about everything on the Web, from checking
your email to online banking. And while it's simpler to use a short, easy-to-remember
password, this can also pose serious risks to your online security. To protect yourself and
your information, you'll want to use passwords that are long, strong, and difficult for
someone else to guess while still keeping them relatively easy for you to remember.

Watch the video below from Safety in Canada to learn more about creating a strong
password.

https://www.youtube.com/watch?v=aEmF3Iylvr4

Why do I need a strong password?

At this point, you may be wondering, why do I even need a strong password anyway? The
truth is that even though most websites are secure, there's always a small chance someone
may try to access or steal your information. This is commonly known as hacking. A strong
password is one of the best ways to defend your accounts and private information from
hackers.

Tips for creating strong passwords

A strong password is one that's easy for you to remember but difficult for others to guess.
Let's take a look at some of the most important things to consider when creating a password.

 Never use personal information such as your name, birthday, user name, or
email address. This type of information is often publicly available, which
makes it easier for someone to guess your password.
  Use a longer password. Your password should be at least six characters long,
although for extra security it should be even longer.
 Don't use the same password for each account. If someone discovers your
password for one account, all of your other accounts will be vulnerable.
 Try to include numbers, symbols, and both uppercase and lowercase letters.
 Avoid using words that can be found in the dictionary. For
example, swimming1 would be a weak password.
 Random passwords are the strongest. If you're having trouble creating one,
you can use a password generator instead.

Common password mistakes

Some of the most commonly used passwords are based on family names, hobbies, or just
a simple pattern. While these types of passwords are easy to remember, they're also some
of the least secure. Let's take a look at some of the most common password mistakes and
how to fix them.

Password: brian12kate5
"I doubt anyone could guess my password! It's my kids' names and ages. Who else would
know that?"

Problem: This password uses too much personal information, along with common words
that could be found in the dictionary.

Solution: A stronger version of this password would use symbols, uppercase letters, and a
more random order. And rather than using family names, we could combine a character from
a movie with a type of food. For example, Chewbacca and pizza could
become chEwbAccAp!ZZa.

Password: w3St!
"My password is so simple! It's just the beginning of my street address with a few extra
characters."

Problem: At only five characters, this password is way too short. It also includes part of her
address, which is publicly available information.

Solution: A stronger version of this password would be much longer, ideally more than 10
characters. We could also substitute a nearby street name instead of her current address. For
example, Pemberly Ave could become p3MberLY%Av.

Password: 123abccba321
"My password follows a simple pattern, so it's easy to remember and type on my keyboard."
Problem: While patterns like this are easy to remember, they're also some of the first things
a hacker might guess when attempting to access your account.

Solution: Remember that random passwords are much stronger than simple patterns. If
you're having trouble creating a new password, try using a password generator instead.
Here's an example of a generated password: #eV$pIg&qf.

If you use a password generator, you may also want to create a mnemonic device to make
the password easier to remember. For example, H=jNp2# could be remembered as HARRY
= jessica NORTH paris 2 #. This may still feel pretty random, but with a bit of practice it
becomes relatively easy to memorize.

Password: BrAveZ!2
"I use the same passwords for all my accounts. This way, I only have to remember one
password!"

Problem: There's nothing really wrong with this password, but remember that you
should never use the same password with different accounts.

Solution: Create a unique password for each of your online accounts.

Using password managers

Instead of writing your passwords on paper where someone might find them, you can use
a password manager to store them securely online. Password managers can remember and
enter your password on different websites, which means you won't have to remember longer
passwords. Examples of password managers include LastPass, 1Password, and Google
Chrome's password manager.

Password: m#P52s@ap$V
"I use a password generator to create all of my passwords. They're not super easy to
remember, but that's OK; I also use a password manager to keep track of them."

This is a great example of a strong password. It's strong, long, and difficult for someone
else to guess. It uses more than 10 characters with letters
(both uppercase and lowercase), numbers, and symbols, and includes no obvious personal
information or common words. This password might even be a bit too complicated to
remember without a password manager, which underscores why they're so helpful when
creating a strong password.

Remember to use these tips whenever you create a password to keep your online information
safe and secure.
 Lesson 3: Your Browser's Security Features

Your browser's security

features
Your computer faces different threats whenever you browse the Web,
including viruses, malware, and spyware. The good news is your web
browser has a lot of built-in security features to help protect your
computer. Let's take a look at some of the most important features you
should know about, as well as some simple tips you can use to stay safe
online.

Watch the video below to learn more about your browser's built-in security
features.

https://www.youtube.com/watch?v=2ZZQlgV2Gus

Check the web address

Malicious websites often use deceptive web addresses to trick users. For
example, www.wellfargo.com looks similar to www.wellsfargo.com, but it's missing
the s in the middle.

Double-checking the domain name is a good way to ensure you're going to the real, trusted
site—not a phony site with a similar web address. Some web browsers will even try to make
the domain name easier to read. In the example below, you can see that wellsfargo.com uses
a darker color in the address bar.
Look at the security symbol
Some websites will display a lock symbol in the address bar. This is most commonly seen
with certain types of websites, like online stores and banking sites. This means the website is
using an HTTPS connection, which makes it safe to enter your personal information. You'll
also see https at the beginning of the URL.

You won't see this symbol on all websites, and that's OK—not all websites need this extra
layer of security. However, you should avoid entering any sensitive information, such as
your credit card number, if you don't see this symbol in the address bar.

Update your browser regularly

New viruses and malware are created all the time, so it's important to update your
browser regularly. Your browser will usually notify you when it has an update available,
but you always have the option to update manually. In this example, we're updating Google
Chrome to the most recent version, but the exact update procedure will vary depending on
your browser.
 Lesson 4: Avoiding Spam and Phishing

Avoiding spam and phishing

From email to instant messaging to social media, the Internet is an essential communication
tool. Unfortunately, it's also popular among scammers and cybercriminals. To protect
yourself from email scams, malicious software, and identity theft, you'll need to understand
how to identify and avoid potentially dangerous content in your inbox,
including spam and phishing attempts.

Watch the video below to learn more about spam and phishing.

https://www.youtube.com/watch?v=NI37JI7KnSc

Dealing with spam

If you've ever received unwanted email advertisements, you may already be
familiar with spam, also known as junk email. Spam messages can clutter
your inbox and make it more difficult to find the emails you actually want to
read. Even worse, spam often includes phishing and malware, which can
pose a serious risk to your computer. Fortunately, most email services now
include several features to help you protect your inbox from spam.

Spam filters

Whenever you receive an email, most email providers will check to see if it's
a real message or spam. Any likely spam messages will be placed in
the spam folder so you don’t accidentally open them when checking your
email.

Spam-blocking systems aren’t perfect, though, and there may be times

when legitimate emails end up in your spam folder. We
recommend checking your spam folder regularly to make sure you aren’t
missing any important emails.

Many email services also have a feature you can use to mark emails as
spam. In Gmail, for example, you can select the message and click the Mark
as Spam button. This helps your email provider filter out these types of
messages in the future.

Turning off email images

Spam messages often contain images that the sender can track. When you
open the email, the images will load and the spammer will be able to tell if
your email works, which could result in even more spam. You can avoid this
by turning off email images. Let's look at how to do this in Gmail, but
remember that the process will vary depending on your email service.

1. Click the gear icon, then select Settings from the drop-down menu.

2. Select Ask before displaying external images, then click Save at the bottom.

3. Whenever you open a message with images, Gmail will prevent them from
loading by default.
Phishing

Phishing scams are messages that try to trick you into providing sensitive
information. These often appear to come from a bank or another trusted
source, and they'll usually want you to re-enter a password, verify a birth
date, or confirm a credit card number. Phishing messages may look real
enough at first glance, but it’s surprisingly easy for scammers to create
convincing details.

Click the buttons in the interactive below to learn more about identifying a
phishing email.
 Logo Fraud

It's easy to make a copy of any logo. This one looks identical to Bank of America's official
logo, but it doesn't make it any more authentic.

Other common email scams

Spam and phishing are common problems, but there are many other types of email scams
you may encounter. Some will promise to give you a lot of money if you advance a small
amount upfront. Others may pretend to be from people you know in real life, and they'll
often ask you to send money or download an attached file.

As with spam and phishing scams, remember to trust your best judgment. You
should never send someone money just because you've received an email request. You
should also never download email attachments you weren't expecting because they might
contain malware that could damage your computer and steal your personal information.

Spam, scams, and phishing schemes will continue to evolve and change. But now that you
know what to look for—and what to avoid—you can keep your inbox and computer that
much safer.
 Lesson 5: How to Avoid Malware

How to avoid malware

Malware is one of the most common hazards to your computer when you're online, but it's
easy to avoid. Developing safe and smart browsing habits can protect you from malware and
other threats, like viruses. Securing your computer and learning how to identify and avoid
suspicious links are the fundamentals of safe browsing habits.

Secure your computer

Limiting your computer's vulnerability to malware is a crucial safe browsing habit. You can
protect your computer by running antivirus and antimalware software
like Bitdefender or Norton. These programs can block malware from being installed and
can remove it if it does get onto your computer. Even if you don't see signs of malware on
your computer, running regular scans can catch any malware that has escaped notice.

Many malware programs take advantage of security flaws in Windows and other
software. Keeping your OS, browser, and other programs updated is an important step
in protecting your computer. The security patches in these updates make your computer
immune to many threats.
Learn more in our lesson on How to update your software.

Back up your files

Some malware can delete or corrupt data on your drives. Preparing for the possibility of data
loss is much easier and cheaper than attempting to recover data after a malware attack. The
two most common ways of doing this are copying your data to an external drive and using
an online backup service.

Learn more in our lesson on Backing Up Your Files.

Avoid suspicious links

Most malware requires you to click something to download and install it. These links are
often disguised as something they are not. If you are aware of what suspicious links can look
like, you can avoid them. Here are some examples of misleading links concealing malware
downloads.

 Ads on websites can look like system messages or diagnostics warning you
that something is wrong with your computer, like the image below.

 Ads can look like messages saying you have won a prize and instructing you to
click to claim it.
 Pop-up windows frequently contain malware or attempt to lead you to a less
secure site. Most reputable sites don't use pop-up windows. Many browsers
block pop-up windows by default.
 If you are prompted to download something you weren't expecting—or if it
seems to be unrelated to the page you were on—it's probably malware.
 Headlines that are ambiguous and sensational that encourage you to click to
read more are called clickbait. Sites that use lots of clickbait headlines are
more likely to contain links to malware.

Identify suspicious sites

If you're ever unsure whether a website or download is safe, close it and investigate the site
before returning to it. It's always a good idea to be cautious when browsing unfamiliar sites.

 Ask your friends if the site is reputable or if they have any experiences with
the site.
 Search for information about the site. Use a search engine to find news about
the organization that runs the site, or look for posts on forums about other
people's experiences with that site.
 Check the address bar in your browser. Some malicious websites are
designed to look like other well-known sites, but your address bar will tell you
which site you're actually on. If you are no longer on the site you expected to
be, it's suspicious.
 Run a Google safe browsing diagnostic on the site. Copy and paste the URL
of a site into the search box on the diagnostic page, then click the search button.
This will display a site safety report.
 Lesson 6: Safe Online Shopping

Safe online shopping

Online shopping is a convenient way to buy almost anything from the comfort of your
home. And while there are some risks with shopping online, there are also many ways to
protect yourself and your financial information.

Watch the video below to learn more about staying safe when shopping online.

https://www.youtube.com/watch?v=el3N6qQjr-I

Shop from home

To protect sensitive information like credit card numbers, you'll want to shop from
your home Internet connection if possible. Try to avoid shopping when connected to a
public Wi-Fi network or when using a public computer, such as a library computer. Public
computers and Wi-Fi networks are at a slightly greater risk for hacking, which could put
your information at risk.

Look for HTTPS

Many websites will display a lock symbol in the address bar. This is most commonly seen
on the payment page of an online store. This means the website is using
an HTTPS connection, which makes it safe to enter your information.

You won't see this symbol on every page of an online store, and that's OK—not all pages
really need this extra layer of security. However, you should avoid entering your credit card
number or other financial information if you don't see this symbol.

Research the company or seller

Anyone can set up a shop online, so it's important to research a company or seller before
buying from the site. Make sure the business has a physical address and phone
number you can contact if there's a problem. You can also check for reviews on sites
like Yelp and Google.

Use secure payment methods

Credit cards are generally the safest way to pay for items online. Avoid options like direct
wire transfer, bank transfers, or sending cash or checks through the mail. And if you don't
like the idea of giving your credit card information to different retailers, you could try an
online payment service like PayPal or Google Wallet. Check out our What is
PayPal? lesson to learn more.
Keep a record
Always save records of your online transactions, which should include the receipt, order
number, product description, and price. You will also want to save any emails you send
or receive from a seller, which may come in handy if there's a problem later on.

Trust your instincts

In the end, use your common sense and trust your instincts. If a deal seems too good to be
true, it probably is. And if anything seems suspicious, remember that you don't have make
the purchase.
 Lesson 7: Understanding Browser Tracking

Understanding browser tracking

Whenever you use the Internet, you leave a record of the websites you visit, along with each
and every thing you click. To track this information, many websites save a small piece of
data—known as a cookie—to your web browser. In addition to cookies, many websites can
use your user accounts to track browsing activity. While this type of browser tracking
doesn't pose a serious risk to your online security, it's important to understand how your
online data is tracked and used.

Watch the video below to learn more about browser tracking.

https://www.youtube.com/watch?v=6EHSlhnE6Ck

Why do websites track browsing activity?

There are many reasons a website might track your browsing activity. In some cases, it's
simply to make your browsing experience faster and more convenient. But this data can also
be used to determine your browsing habits and preferences—information that is frequently
used by advertisers in determining what ads to show you online. Here are a few common
examples of when a website might track your online activity.

 Video sites like YouTube and Netflix collect information on the videos you
watch, which helps them suggest more videos you might like.
 Online stores like Amazon and eBay keep a record of the different items you
view and purchase, which helps them suggest other products you may want to
buy.
 Search engines like Google keep a record of the things you search for. This can
help them suggest more relevant searches, but it can also be used for
advertising purposes. For example, if you search for a coffeemaker on Google,
you might see ads for coffeemakers on other websites in the future.

How do cookies work?

Cookies can store specific information on the websites you visit and the things you click on
different sites. If you don't have an account on a particular site, this information is typically
saved in a cookie to your web browser. For example, a news website might use cookies to
see if you've previously visited its site—and what articles you read on your last visit—so it
can suggest more articles based on your previous choices.

Watch this video from Adversitement to learn more about cookies and how they work.

https://www.youtube.com/watch?v=I01XMRo2ESg

Should I be worried about cookies?

Generally speaking, cookies don't pose a serious risk to your online security—you're
unlikely to acquire malware or expose sensitive financial information by using cookies. Still,
if you don't like the idea of websites collecting information about you this way, there are
options for limiting cookie tracking on your computer.

How to avoid cookie tracking

There are a few different ways to avoid cookie tracking. Some websites actually give you
the option to disable cookie tracking on their site, although this may also disable certain
site features.

If you want to opt out of cookies entirely, you could try enabling the Do Not Track setting
in your browser. Most web browsers disable this feature by default, but it can usually be
activated from the privacy settings.
Note that participation in the Do Not Track program is voluntary, so some sites may not
honor this request. If you'd prefer to avoid cookies altogether, you could use a private
browsing mode whenever you go online. This will prevent any cookies from being saved to
your web browser.

Private browsing mode won't protect against every kind of browser tracking. To learn
more, check out our lesson on Browsing Privately.
Account tracking
Even if you never allow websites to store cookies, there are other ways your browsing habits
can be tracked. For example, when you create an account with a site
like Facebook or Google, you're also giving them permission to track and save information
on your activity. Instead of saving this information in a cookie, it's stored by the company
and associated with your account.

In many cases, this information is then provided to third-party advertisers, who can use this
information to deliver personalized ads across the Internet. And while you can usually
disable these tracking settings, they will be enabled by default.

Check out our lessons on Adjusting Your Facebook Privacy Settings and Understanding
Google Privacy to learn more about controlling the information you share with these service
providers.
 Lesson 8: Social Media Privacy Basics

Understanding social media privacy

Social media sites like Facebook, Instagram, and Twitter have made it easier than ever to
share things online. But sharing something on social media is a bit different from other types
of online communication. Unlike email or instant messaging, which are relatively private,
the things you share on social media are more public, which means they'll usually be seen
by lots of other people.

Think before you share

While social media sites offer privacy tools to help you limit who can see the things you
share, it's important to realize that they are fundamentally more open and social than
traditional communication tools. Whether or not you realize it, the things you share online
also can affect how you're perceived by others. That's why you'll always want to think
carefully about what you share over social media.

Watch this video from Google to learn more about why it's important to think before you
share.

https://www.youtube.com/watch?v=BcdZm3WAF4A

Review your privacy settings

As we mentioned above, all social networking sites have privacy settings that allow you to
control who you share with. For example, whenever you share something on Facebook, you
can choose to share with just a few people, all of your Facebook friends, or publicly with
everyone on Facebook. That's why it's so important to understand how your privacy settings
work and how to control them.

Watch this video from our Facebook 101 tutorial to learn more about how sharing works
on Facebook.

https://www.youtube.com/watch?v=emzaUABF2WU