1. Introduction: The growth of the Internet gave
rise to many important services accessible to anyone with a connection. One of
these important services is digital communication. While Internet allowed us to
communicate with others, this also allowed the communication with malicious
users. The Internet represents an insecure channel for exchanging information
leading to a high risk of fraud. Internet safety, or online safety, is the
knowledge of maximizing the user’s personal safety and security risks on
private information and property associated with using the Internet, and the
self-protection from computer crime in general. As the number of Internet users
continues to grow worldwide, Internet safety is a growing concern for both
children and adults. Common concerns regarding safety on the Internet include:
malicious users (spam, phishing etc.), websites and software (malware, computer
viruses, etc.) and various types of offensive content. Several crimes can be
committed on the Internet such as identity theft and more.
2. Terminologies Related to Internet Threat: The following
are some of the terminologies among the ocean of terminologies that are related
to the Internet threat or online threat.
a) Hacker: In the computer security context, a hacker is
someone who seeks and exploits weaknesses in a computer system or computer
network.
b) Computer Virus: A virus is a self-replicating
program that spreads by inserting copies of itself into other executable code
or documents. By doing this, it behaves similarly to a biological virus, which
spreads by inserting itself into living cells. The defining characteristic of
viruses is that they are self-replicating computer programs which install
themselves without the user's consent.
c) Computer Worm: Like a virus, a worm is also a
self-replicating program. It differs from a virus in that it propagates through
computer networks without user intervention and it does not need to attach
itself to an existing program. Often, it uses a computer network to spread
itself, relying on security failures on the target computer to access it.
d) Rootkit: A rootkit is a program that uses low-level,
hard-to-detect methods to subvert control of an operating system from its
legitimate operators. Rootkits usually obscure their installation and attempt
to prevent their removal through a subversion of standard system security. They
may include replacements for system binaries, making it virtually impossible
for them to be detected.
e) Trojan Horses: A Trojan horse, or Trojan, in
computing is a generally non-self-replicating type of malware program
containing malicious code that, when executed, carries out actions determined
by the nature of the Trojan, typically causing loss or theft of data, and
possible system harm. A Trojan horse is a program that seems to be doing one
thing but is actually doing another. A Trojan often acts as a backdoor,
contacting a controller, which can then have unauthorized access to the
affected computer.
f) Spyware: The term spyware refers to programs that
surreptitiously monitor activity on a computer system and report that
information to others without the user's consent. The spyware software aids in
gathering information about a person or organization without their knowledge
and that information may send to another entity without the consumer's consent,
or leading to control over a computer by third parties without the consumer's
knowledge.
g) Malware: Malware, short for malicious software, is any
software used to disrupt computer operation, gather sensitive information, or
gain access to private computer systems.
h) Botnet: The word botnet is a combination of the words robot
and network. Botnets sometimes compromise computers whose security defenses
have been breached and control conceded to a third party. Each such compromised
device, known as a “bot”, is created when a computer is penetrated by software
from a malware (malicious software) distribution. The controller of a botnet is
able to direct the activities of these compromised computers as per his/her
need.
i) Phishing: Phishing involves one program, system or website
that successfully tricks as another by falsifying data and is thereby treated
as a trusted system by a user or another program. It fools programs, systems or
users into revealing confidential information, such as user names and
passwords.
j) Email Spam: Email spam, also known as junk
email or Unsolicited Bulk Email (UBE), Unsolicited Commercial Email (UCE) is a
subset of electronic spam involving nearly identical messages sent to numerous
recipients by email. Definitions of spam usually include the aspects that email
is unsolicited and sent in bulk.
k) Keystroke Logging: Keystroke logging, often
referred to as keylogging or keyboard capturing, is the action of recording (or
logging) the keys struck on a keyboard, typically in a covert manner so that
the person using the keyboard is unaware that their actions are being monitored.
3. Precaution over Internet: The following precautions can be
taken while working over internet.
a) Using Updated Operating System: Worms spread
by exploiting vulnerabilities in operating systems. Vendors with security
problems supply regular security updates, and if these are installed to a
machine then the majority of worms are unable to spread to it.
b) Using Updated Browser: Some newer browsers, such as
Internet Explorer 8, display the entire URL in grey, with just the domain name
itself in black, as a means of assisting users in identifying fraudulent URLs.
c) Firewalls: A firewall is software or
hardware-based network security system that controls the incoming and outgoing
network traffic based on applied rule set. A firewall establishes a barrier
between a trusted, secure internal network and another network (e.g., the
Internet) that is not assumed to be secure and trusted. A computer firewall
generally consists of gateways and filters that vary from one firewall to
another. Firewalls also screen network traffic and are able to block traffic
that is dangerous. It is advisable to keep the firewalls on while using the
internet.
d) Antivirus Software: Antivirus software can detect
and eliminate known viruses when the computer attempts to download or run the
executable (which may be distributed as an email attachment, or on USB flash
drives, for example). The license version of the antivirus and if possible the
total security should be installed in the computer and it should be
periodically updated.
e) Using Private Browsing: Privacy mode or “private
browsing”, sometimes informally referred to as “incognito mode”, is a term that
refers to privacy features in some web browsers. Historically speaking, web
browsers store information such as browsing history, images, videos and text
within cache. In contrast, privacy mode can be enabled so that the browser does
not store this information for selected browsing sessions. This allows a person
to browse the Web without storing data into the local computer that could be
retrieved at a later date.
f) Using Transaction Verification: If possible,
the transaction verification through mobile phone (smart phone) as a second
channel for verification and authorization of banking transactions should be
enabled.
g) Keep Shared Information at a Minimum: It is
important to remember that information posted online may be seen by more people
than is originally intended. Social networks make it simple to inadvertently
share details about oneself (address, phone number, birthday, etc.). Try to
avoid sharing personal information and personal history whenever possible. When
creating password, avoid using anything that include any general information
such as a year of birth, email address and so on.
h) Keep Passwords and PINs Personal: Passwords are
often created to keep personal information and property secure. Passwords and
PINs should never be shared under any circumstances. One common way that
passwords may be compromised is through repeated guessing. Weak passwords make
this process easier, so it is important that passwords be strong. Creating
strong passwords is a way of keeping information secure. A strong password
contains more than 10 characters and is a combination of upper case, lower
case, number and symbol. Besides having a strong password, it is important to
use different passwords for different accounts.
i) Public Computer is Public: Public computers, as opposed to
personal computers, may be physically accessed by anyone within reach of the
computer. Because of this, it is inadvisable to do any processes that involve
sensitive information, such as online banking from a public computer. A common
way unauthorized access may occur is through users from public computers not
fully logging out and clearing usage data (such as cookies), and allows access
of the account to the next user of the public computer. It is also possible
that the public computer be infected with malware, unknown to the user.
j) Avoid Scams: Be cautious of the Internet.
Avoid misleading ads, strangers with offers, strange e-mails, and questionable
websites. Do research to verify the validity of these offers. If someone you
know is sending you messages that don’t seem like themselves, their account may
have been taken over by somebody trying to get information out of you.
k) Check Browser Address Bar: When contacted about an account
needing to be “verified” (or any such other topic used by phishers), the user
should look into the address bar of the browser. He/she should checked whether
that address is the same address that he/she knows about the company's genuine
website or not. To be more cautious, s/he typed the companys’ website address into
the address bar of the browser, rather than trusting any hyperlinks in the
suspected phishing message.
l) Check Originating Email: If anyone is asking for sensible
information, the user should take sensible precaution to look into the
originating email address. The originating email should come from the domain of
the company.
m) Check Content of the Email: Nearly all-legitimate e-mail
messages from companies to their customers contain an item of information that
is not readily available to phishers. Some companies address their customers by
their username in e-mails, so if an email addresses the recipient in a generic
fashion like “Dear SBI customer” it is likely to be an attempt at phishing.
4. Conclusion: Conventional phishing techniques
could become obsolete in the future, as people are increasingly aware of the
social engineering techniques used by phishers. Most social networking and chat
sites have a page about safety. Numerous groups, governments and organizations
have expressed concerns about the safety of children using the Internet. Kindly
make it a monthly routine to read a page or two on Internet Security, Web
safety and so on. In all cases the user is expected to confirm that the domain
name in the browser's URL bar was in fact where they intended to go.
How to Cite this
Article?
APA Citation, 7th Ed.: Barman, B. (2020). A comprehensive book on Library and Information Science. New
Publications.
Chicago 16th Ed.: Barman, Badan. A Comprehensive Book on Library and Information Science. Guwahati:
New Publications, 2020.
MLA Citation 8th Ed: Barman, Badan. A Comprehensive Book on Library and Information Science. New
Publications, 2020.

No comments:
Post a Comment