AS and A LEVEL Information Technology 9626 Chapter 5 eSafety een ancl TNE Cae Rccry www.faisalchughtai.comSe uma ey Personal data Gee ee UMC aR Coro Wn anc Rag Cara Cte nC Ee cn eR ee information, tolidentify, contact, or locate a specific person. Personal data can be collected, processed, and stored in various formats, such as electronic records, paper documents, photographs, videos, audio recordings, and more a Re eC eRe ecb 1. Basic identification information: Name, address, date of birth, social security number, Pees Seatac ee ee ea eC em Financial information: Bank account details, credit card numbers, financial Bic tr [ele cas Bee Cu Ce Ca eae ROR aCe Health and medical information: Medical records, diagnoses, prescriptions, etc. Biometric data: Fingerprints, facial recognition data, DNA samples, etc. Online identifiers: IP address, cookies, device information, user IDs, etc. Social media and online activity: Posts, comments, likes, shares, browsing history, etc. Personal preferences: Interests, hobbies, preferences, lifestyle choices, etc. irae SR Un eRe eel e eRe od identified. So, even if personal data has been de-identified, encrypted or pseudonymized, itis still classed as personal data. De+identtification) also known as anonymization or pseudonymization, refers to the Pee Ce nee i ee es ae ME cs ae oo eee ee Crd individuals from the data, while still retaining its usefulness for analysis and research ere Cee Co eer Seen CC RUC ae oy ene Dee Sen ae remove identifying information, making it more difficult to directly link the data to an individual without additional information. When data is pseudonymized, identifiable Ret Regen eon ater eer ses Ce Pe Eee oR oe CeO Ue a) security while still allowing for data analysis and processing. If, however, the data has been amended to make it appear anonymous in such a way that, Tae one aR ce ee) Keeping personal data confidential ee We a renee TO Ue Ce Ee a ay RE Cn een Ceemu Cerca Coo UR ae We Cae eI Mt ue RAUL oe UCM i aL NU ee kee ee Re So ee a eee RUS eeu Cte ea ec aaa er CS Cnn CO Re Seca CS Und responsibilities. ete A Se Ree eC ee CRE eC od Coce ee en Stee RE eet ae ee en RR ‘passwords include characters, numbers and symbols and are not a recognizable word. Od oe RU ak personal data that you can store on your computer. POS RS Le De Ev See oer eee UU uC A Le LC cd that is used to identify a virus on a computer and remove it. CE RA ek ee aC ee ole Meee i) le ee eT ono) A OAC Te CRON nee Rr oe CS enn Se ooo Se RUS re neu ROC MWe ac ne LUT Ce ee U hRuao e Be DES eR eh ee UCR eo Ra TERN renee OU eee RUT Ree Re ret eee enero Se rece Oe ae Oe aa enc eee playing games. Pee ee eee eg eu iat Core ei Ret ete How is personal data collected? There are several ways that an unauthorized person can try and collect your data. These ecSe uma ey Phishing Ce eeu Ne cee ye ea eee ec econ eRe Od Ree kU Rae a eno Lan ccc eg account details or credit/debit card details). SRE Ne cee one Cae ee ea See ae ee eee a eee cause any harm. If suspicious emails are deleted or not opened, then phishing attacks Penge Poe ng tess Cen bios Cec Pees eos) Peers Cie Cote it email is totally authentic Ser eS eRe oneness Oe PCR We eRe cee uae hc This identifies any content which could be interpreted as phishing contained in Rss nar ‘* It is a good idea to always have anti-virus and anti-spyware software running on a computer, and to update it at regular intervals. See eer cea re) CO ec for users to look out for these. Dee ra cu ee en RR ad oc Ue ee cee ee casSe uma ey See Re ase ae eee Ed ‘be treated with caution, as should emails asking the recipient to confirm their personal or financial information. Personal and financial information should never be sent in an crm TTS eee eae a eC ad some other reason why they will benefit financially, it is likely to be a fake, Oe res ee eee eek Ice URLand the best way of checking this is for the user to place the mouse cursor over Ree eee eee eee ete eed cere Ca ST eee es ee ee ORL Ce ce Ne ee Unlike phishing, the user doesn’t actually need to take any action fort to be initiated. The ee eee ee io une Often the website appears to come from a trusted source and can lead to fraud and ens ete ree rst hid coors ‘+The user should always be alert and look out for clues that they are being redirected to Ssemu Cerca ROR EC en Ca aac ol ORNS cee CeCe en Re a eee aed SRNR UR Ue oR MC eC ROR RUM CB Ura BOC Cos Ge UU eR ey loaded. It is sensible to use a trusted, legitimate internet service provider (ISP). eet ee Ue ROR ea i ce DUS Ue RES Eu he oe AU Loe ee a ee ee to erence eno Rec em Se CO ceo Samer acres eae) Ree Cae rua ence ul Smishing is short for ‘SMS phishing’ It uses the SMS system of mobile phones to send out Cee Ree Te TT) ec em enn eer Cnn gee aes Dee ee ee If they do, they will be asked to supply personal details such as credit/debit card numbers. Ces Se ee a oS ed SE ec Ra eae i ea rod Ree Methods used to prevent smishing attacks: Se ene ce cs ee eae ee red a eae Mae ue ne ean) eure SOU Ue ee SIUC CoN eae RUC ee UC oR LE personal information included in it. * Asensible action isto check the sender's phone number against the phone number of BR ke Recent ea Seine annua ueu ene en) Cole eee Rice eee oe ec Oeics Peer hese eee eRe Cee ne a Ciericmcky aurke lm oR Bl cel ieemu Cerca aS 2 (voicemail phishing) is another variation of phishing. BUS SR uC he Se a oe Ce Le eee a ee Ree na BL SE AU a Re AL eu Oooo Mele tee ee cea RCM Une uC a Pree cee eee eee ec The automated system could be replaced by a real person who will try to convince the user Cee ue ae eae aa ae ce Snr ure hae eas See ee Woe Le Se ese ed Dee eg ee oe SCT err Seen ee aki Poor ee eae ankle CLES Ree a chute Roce ce Ca Ce eee a eR Re ne ce NESE ra Care eee ne Cee cece which have been created with the deliberate intention of causing damage or disruption, or Co etc a ne ee. aoe DEON ee ee emcee ec cect mS [tireless iiemu Cerca ‘Viruses are programs or program code that replicates (copies itself) with the intention of Cee eee ee eee cea deleting .exe files, filling up the hard drive with useless data, and so on). Viruses need an active host program on the target computer or an operating system that ne eet ee eed ‘to be executed by some trigger to start causing any damage). Ue ecu Cee a co ete er eo eeu Fe eed Se Ce no tC uN ee Cac cs cc BO ee Ue Rh Re CLE aCe OU NN ee eee ee Roe a ol] Pee eee eect eee ec) streamline the process. Se eee Ren cee eT oe Per ek Cnet esteem een ce Rec ce nee eee cet ie ates One ene ace es ee nee eeu ee eee aie ie ete aa saci ene eee ence ear * Download software, files, and media from trusted sources only. Avoid downloading SR Nee Re UE ee co oe aoa he Seer ene eee can Pye cnt eg ena Bere Segoe ee eR UROL Sr Se eae RCo ae) clicking on suspicious links or downloading files from unfamiliar sources. Peer et aa aca eu Rene cect kee lem l(c) eae Nee RR et Re CRC CM Ur a eee eacurt ce Colter Peco eo enact RO Curt’ FOO Dee Ene cu ee en ‘software, but contains malicious instructions embedded within it A Trojan horse replaces all or part of the legitimate software with the intent of carrying out some harm to the user's computer system. They need to be executed by the end-user and therefore usually arrive as an email Pe ae re eee ke aes cea eetSe uma ey RO hE Ce tee i ance ee eee aaa Cog eee IC Ee nc eo cam The user will be invited to run fake anti-virus as part of a free trial, Once the user does this, Ree ae Once installed on the user’s computer, the Trojan horse will give cyber criminals access to Sea Ree eC eee i See) Ru eC) eee cs a Cc neu i RRR eee core Cee Mea ee ee een ee cea Ce ccd RESO Cure sue uc ete ces Oe ee ao acum ue ue So cme ted eet eee a ec eC Ca SOC AR Re ae Marat cee ees Pee eure PR ennai t Rear ores Bete Re eee eect ae erence Sen AU RM eee es eee cen ee Mc eee ee eee LE CO ecu Rn eau IS Dt Pee RSC U enn eee ese Their intention is to spread to other computers and corrupt whole networks. Unlike viruses, they do not need an active host program to be opened in order to do any damage, they remain inside applications, which allows them to move throughout Talc Tea eR re We Rg rely on security failures within networks to permit them to spread unhindered, Worms frequently arrive as message attachments and only one user opening a worm- RU ree eR um Ra RR ie A uel Minimizing the risk of a worm CeCe eeu rn Me ce eae ce Beet ie ee eke et ee Se ea Cee ne i MeO neu rieeaUco Keep the software up to date and enable automatic scanning and real-time protection clr as Cee enn cnet Mae ae ec er pee on ene CR ee ec ec a Cee Ren ce es eau ten aCO eC ey Ne eo ee eee eee sea Le Ma ee eck Re Cee ee toe SER SE eS Case see er Se Cee a Ree eae Ce Rei ee ec ce eC Re een Re See ee cd “monitoring a user's keyboard activities carried out on their computer. eee EE een re Cri ae RR DOD EE cy + Only download files and software from trusted sources, Avoid downloading from Mee oe en Re Cucina Ceres iO ee set Meee er ace Seu ee Oe Ru nana ak We ec eS ‘companies can sometimes list in the small print that you are consenting to allowing Re One RO a CC eee Me erste ag clauses about sharing your data with third parties. eR eee een CRC sd ST Me Cy keg eae eee en Seo ‘* Anti-malware software can be used to scan your computer to see if any key logging Ree ces Adware COO aC ea Co ae with unwanted advertising. For example, it could redirect a user’s browser to a fake DTS ar ec een ae SR a ec en ay RT Trane ciaSe uma ey Pe ne age ae OO eee te eae See RCM Cae Ueno tee ae cd ee eRe SR eee renee ae cc cee ae Minimizing the risk of adware ‘* When installing software, carefully read the terms and conditions and the installation Pr Me eet Crea en ei Rg ro cee eur ae re Re Pe Ce Mec eC ce ee tee a McC ee rent) CEN Rec Desens ee cS DERI nae tne acar RCO ien ito * Adware can be spread through malicious advertisements or deceptive links. Avoid Clicking on suspicious ads, pop-ups, or links on websites, especially those offering questionable downloads or promising unrealistic deals. Ce TR tee oe CU eee ec come RCM cae a eared rig Dean Re ee Ra a ene ery Cee aa eR Ce ee EAC Coen RU Meer Cimcon Ca It gives the attacker continuous privileged access to a computer and hides its presence Cee enue cue eee Ac rece cg LR ola oe BO Ca Rem ene Ee Rete) details. ee ee REN UA) eee Ron AL LE hacker could gain administrator privileges and install it remotely. The rootkit can change any security software such as an anti-virus to\convince it that it is not there. It is also capable of removing the anti-virus software. Minimizing the risk of a rootkit eee Ue a Rome laa mee mel eee system, applications, and online services. * Only download software and files from trusted sources, Avoid downloading from unverified websites or clicking on suspicious links in emails or other messages. OSU UC Ce Ue ee Wl eG eee Tee ele oo) eRe ae Ul Re Ler iSe uma ey Seen ne eto cum ey eae rad Pee ue eee a Me eee ee eC] erode Malicious bots Cee tema Ue Cee Ure CL A ceca) ca Pea ACRE a ee ed Citta Unfortunately, there are many malicious bots. Like a worm, a malicious bot can replicate itself and is designed to feed back to a server, this is called a botnet, because it is in control Cem onc Reece Se ence ee en cae cnr Ces They are capable of gathering information from different websites, such as date of birth Ree MC nic eet etc es Ue Bre re ee eek tena ee Minimizing the risk of bots ORE er ene eo mee ne eu Rica same way that phishing is carried out. Avoid clicking on any links without knowing who they are from and that they will ink you to a trusted and reputable source. Reese ica Ree eR ae eee ce data when chatting online, Oe ose no eee Cee hc eee TTR ecules Ue De ee resent aa ea Le a eee traffic created by the bot. TTC) ee ACD ee ee ae Ce eR) Fa ren ect ce Sete Sear aa Rae aaa CT eur Ree Cee a Ae Ck eee nee acer Co CUCU Reh The malware restricts access to the computer and encrypts all the data until a ransom is Poe Oe e Cee cee OC ae cT Onecareemu Cerca DC cle Le es ea Cn maak Rd eS i RR Ree Ecce Minimizing the risk of ransomware Pee cea u Meu eis kee econ Td Cerne ear seer eee neue eet eee Rea Seas and remove ransomware and other malicious programs. Oe ee ac a cue ctu te Rec Cmd ene eee aCe Tec OO ACR Cee reoccur Oe nen cetera CueT) downloading files, as they are often used to distribute malware. ‘* Regularly back up your important files and data to an external storage device or cloud- Pree eaves ST as eect