Internet Safety

1. Introduction: The growth of the Internet gave rise to many important services accessible to anyone with a connection. One of these important services is digital communication. While Internet allowed us to communicate with others, this also allowed the communication with malicious users. The Internet represents an insecure channel for exchanging information leading to a high risk of fraud. Internet safety, or online safety, is the knowledge of maximizing the user’s personal safety and security risks on private information and property associated with using the Internet, and the self-protection from computer crime in general. As the number of Internet users continues to grow worldwide, Internet safety is a growing concern for both children and adults. Common concerns regarding safety on the Internet include: malicious users (spam, phishing etc.), websites and software (malware, computer viruses, etc.) and various types of offensive content. Several crimes can be committed on the Internet such as identity theft and more.

2. Terminologies Related to Internet Threat: The following are some of the terminologies among the ocean of terminologies that are related to the Internet threat or online threat.

a) Hacker: In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.

b) Computer Virus: A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. By doing this, it behaves similarly to a biological virus, which spreads by inserting itself into living cells. The defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent.

c) Computer Worm: Like a virus, a worm is also a self-replicating program. It differs from a virus in that it propagates through computer networks without user intervention and it does not need to attach itself to an existing program. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

d) Rootkit: A rootkit is a program that uses low-level, hard-to-detect methods to subvert control of an operating system from its legitimate operators. Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security. They may include replacements for system binaries, making it virtually impossible for them to be detected.

e) Trojan Horses: A Trojan horse, or Trojan, in computing is a generally non-self-replicating type of malware program containing malicious code that, when executed, carries out actions determined by the nature of the Trojan, typically causing loss or theft of data, and possible system harm. A Trojan horse is a program that seems to be doing one thing but is actually doing another. A Trojan often acts as a backdoor, contacting a controller, which can then have unauthorized access to the affected computer.

f) Spyware: The term spyware refers to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent. The spyware software aids in gathering information about a person or organization without their knowledge and that information may send to another entity without the consumer's consent, or leading to control over a computer by third parties without the consumer's knowledge.

g) Malware: Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

h) Botnet: The word botnet is a combination of the words robot and network. Botnets sometimes compromise computers whose security defenses have been breached and control conceded to a third party. Each such compromised device, known as a “bot”, is created when a computer is penetrated by software from a malware (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers as per his/her need.

i) Phishing: Phishing involves one program, system or website that successfully tricks as another by falsifying data and is thereby treated as a trusted system by a user or another program. It fools programs, systems or users into revealing confidential information, such as user names and passwords.

j) Email Spam: Email spam, also known as junk email or Unsolicited Bulk Email (UBE), Unsolicited Commercial Email (UCE) is a subset of electronic spam involving nearly identical messages sent to numerous recipients by email. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.

k) Keystroke Logging: Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.

3. Precaution over Internet: The following precautions can be taken while working over internet.

a) Using Updated Operating System: Worms spread by exploiting vulnerabilities in operating systems. Vendors with security problems supply regular security updates, and if these are installed to a machine then the majority of worms are unable to spread to it.

b) Using Updated Browser: Some newer browsers, such as Internet Explorer 8, display the entire URL in grey, with just the domain name itself in black, as a means of assisting users in identifying fraudulent URLs.

c) Firewalls: A firewall is software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted. A computer firewall generally consists of gateways and filters that vary from one firewall to another. Firewalls also screen network traffic and are able to block traffic that is dangerous. It is advisable to keep the firewalls on while using the internet.

d) Antivirus Software: Antivirus software can detect and eliminate known viruses when the computer attempts to download or run the executable (which may be distributed as an email attachment, or on USB flash drives, for example). The license version of the antivirus and if possible the total security should be installed in the computer and it should be periodically updated.

e) Using Private Browsing: Privacy mode or “private browsing”, sometimes informally referred to as “incognito mode”, is a term that refers to privacy features in some web browsers. Historically speaking, web browsers store information such as browsing history, images, videos and text within cache. In contrast, privacy mode can be enabled so that the browser does not store this information for selected browsing sessions. This allows a person to browse the Web without storing data into the local computer that could be retrieved at a later date.

f) Using Transaction Verification: If possible, the transaction verification through mobile phone (smart phone) as a second channel for verification and authorization of banking transactions should be enabled.

g) Keep Shared Information at a Minimum: It is important to remember that information posted online may be seen by more people than is originally intended. Social networks make it simple to inadvertently share details about oneself (address, phone number, birthday, etc.). Try to avoid sharing personal information and personal history whenever possible. When creating password, avoid using anything that include any general information such as a year of birth, email address and so on.

h) Keep Passwords and PINs Personal: Passwords are often created to keep personal information and property secure. Passwords and PINs should never be shared under any circumstances. One common way that passwords may be compromised is through repeated guessing. Weak passwords make this process easier, so it is important that passwords be strong. Creating strong passwords is a way of keeping information secure. A strong password contains more than 10 characters and is a combination of upper case, lower case, number and symbol. Besides having a strong password, it is important to use different passwords for different accounts.

i) Public Computer is Public: Public computers, as opposed to personal computers, may be physically accessed by anyone within reach of the computer. Because of this, it is inadvisable to do any processes that involve sensitive information, such as online banking from a public computer. A common way unauthorized access may occur is through users from public computers not fully logging out and clearing usage data (such as cookies), and allows access of the account to the next user of the public computer. It is also possible that the public computer be infected with malware, unknown to the user.

j) Avoid Scams: Be cautious of the Internet. Avoid misleading ads, strangers with offers, strange e-mails, and questionable websites. Do research to verify the validity of these offers. If someone you know is sending you messages that don’t seem like themselves, their account may have been taken over by somebody trying to get information out of you.

k) Check Browser Address Bar: When contacted about an account needing to be “verified” (or any such other topic used by phishers), the user should look into the address bar of the browser. He/she should checked whether that address is the same address that he/she knows about the company's genuine website or not. To be more cautious, s/he typed the companys’ website address into the address bar of the browser, rather than trusting any hyperlinks in the suspected phishing message.

l) Check Originating Email: If anyone is asking for sensible information, the user should take sensible precaution to look into the originating email address. The originating email should come from the domain of the company.

m) Check Content of the Email: Nearly all-legitimate e-mail messages from companies to their customers contain an item of information that is not readily available to phishers. Some companies address their customers by their username in e-mails, so if an email addresses the recipient in a generic fashion like “Dear SBI customer” it is likely to be an attempt at phishing.

4. Conclusion: Conventional phishing techniques could become obsolete in the future, as people are increasingly aware of the social engineering techniques used by phishers. Most social networking and chat sites have a page about safety. Numerous groups, governments and organizations have expressed concerns about the safety of children using the Internet. Kindly make it a monthly routine to read a page or two on Internet Security, Web safety and so on. In all cases the user is expected to confirm that the domain name in the browser's URL bar was in fact where they intended to go.

How to Cite this Article?

APA Citation, 7^th Ed.:  Barman, B. (2020). A comprehensive book on Library and Information Science. New Publications.

Chicago 16^th Ed.:  Barman, Badan. A Comprehensive Book on Library and Information Science. Guwahati: New Publications, 2020.

MLA Citation 8^th Ed:  Barman, Badan. A Comprehensive Book on Library and Information Science. New Publications, 2020.

Badan Barman at present working as an Assistant Professor in the Department of Library and Information Science, Gauhati University, Guwahati-781014, Assam, India. He is the creator of the LIS Links (http://www.lislinks.com) - India’s most popular social networking website for Library and Information Science professionals. He also created the UGC NET Guide (http://www.netugc.com) and LIS Study (http://www.lisstudy.com) website.