How to Stay Safe Online: Safeguarding Against Internet Threats

Introduction

There are many threats that internet users face, including encrypted messaging as mentioned in the article. However, preventive actions can be taken to counter these problems. Such threats include phishing, child online safety, and clickjacking, which will be explained further in this essay on how it can cause personal information to be revealed and breaches of data. A threat is defined as a potential risk to one’s assets leading to a loss of value. This essay will explore other internet threats that can be prevented through the use of certain programs. Internet security must be in place to deter any harm or danger that comes your way when using the internet and to learn how to stay safe online. It relies on specific resources to safeguard the data that is transferred online. The following paragraphs will explain more in depth of the threats and what strategies can be taken to deter these problems.

Encrypted Messaging: Online Safety and Risks

Encrypted messaging is one of the threats as mentioned in the article where people do not have a profound knowledge of. It is to avoid data from emails, text files and images being stolen or lost. Encryption do not allow unauthorised access to your data from emails to WhatsApp messages by keeping communication secure and maintain privacy between the parties involved as any information that travels over the internet can be intercepted and read by unknown strangers (Lee, 2017). It disguises a message to hide its contents which involves a set of complex algorithms that transform data into blocks or streams random, alpha-numeric characters. However, it can be decrypted by using a password or recovery key to convert it back to readable form which is called decryption. Encryption can be categorised into 2 types which is symmetric and asymmetric. Symmetric encryption uses only one key for encrypting and decrypting messages and electronic information which is held by both sender and recipient. By using algorithms supported by symmetric encryption, data is converted to a form that cannot be understood by a third party that does not have the key. Once the intended recipient who possesses the key has received the message, the algorithm alters back the message to its original and readable form (Smirnoff and Turner, 2019). Asymmetric decryption also known as public key cryptography, uses two different keys, a public key and private key. The public key is used to encrypt the data while the private key is used to decrypt the message (Almeida, 2019). It is said that asymmetric encryption is more secure than symmetric encryption as it reduces the need to send the key over the internet where it may be intercepted. However, there several limitations and the disadvantage is that it is a slow and complex encryption process. As mentioned earlier, encryption and decryption require a password where if forgotten, you must do password recovery which is a very tedious process. In the worst-case scenario, the password cannot be recovered, and the data cannot be retrieved. One may use a very simple password so that they will not forget but that makes the encrypted data less secure (Vandersteen, 2019). Ransomware which is a type of malware can also be embedded inside encrypted messages that would bypass firewalls and antivirus software. This malware targets your personal files which in turn becomes inaccessible.

Dangers of Phishing

Another threat faced by internet users is phishing. Phishing is a form or social engineering that disguises itself as an email or website which allows the attacker to retrieve sensitive and personal information. The attacker may use information on social networking sites like user interests and hobbies to create an attractive email, fooling the victim into clicking the attachment or website where the victim will input their login details which can be used to breach a system or account. In 2016, three employees from the University of Kansas did not receive their paycheck after falling victim of an email phishing scam. The victims were instructed to update their payroll information through the email which allows the scammers to change the account numbers in the University’s payroll system (Lowry, 2016). Apart from divulging sensitive information, scammers aim to infect the victim’s computer or device with malware like ransomware. It was estimated that 93 percent of phishing emails contained ransomware attachments (Fruhlinger, 2019). The number of phishing emails hit 6.3 million in the first quarter of this year, a 789 percent increase over the last quarter of 2015 (Korolov, 2016).The drastic growth is due to the fact that ransomware is getting easier to send and offers a quick and easy return on investments. How it works is that it encrypts important data in the device that can only be decrypted by paying a small fee which can range from a few hundred dollars to thousands which is also payable in bitcoin. The attacker may also disguise themselves as a law enforcement agent to shut down the victim’s computer due to pornography or pirated software. A fine is normally requested to enable back the computer. This makes the victims less likely to report it to the authorities. Defensive actions must be taken to prevent ransomware infections. A few examples of such practices are to keep your operation system up to date, do not install programs or give it administrative privileges unless you know very well of their intentions, and antivirus software which detect malicious programs like ransomware. As for defensive actions for phishing, companies can educate their employees on different types of malicious programs, deploy a web filter to deter malicious websites and encrypt all sensitive company information (Lord,2019).

Ensuring the Child's Safe Online

Child online safety is another internet threat that can be avoided by applying certain measures. Most children in the modern world spends most of their time on the internet and is exposed to many threats that can be found in the internet. Some common internet risks include pornography, social networks and cyber bullying. These kinds of exposure pose a risk to their mental health and well-being. Pornography can be easily accessed nowadays just by searching under a search engine. Teens going through puberty may be swayed to watch pornography as their body changes and may be curious on the bodily changes that occurs during that time. Parents may be able to tell if their children are watching elicit channels when their child quickly changes the screen on their computer when the parents enter the room. This can also be observed from their behaviours like depression and losing interests in things. Cyber bullying in social networks can also be a plausible cause. Unlike in the olden days when internet and devices are scarce and children interact face to face, the children these days depend on social networks for interaction and to keep up with the trends. This allows cyber bullying to take place rather than face to face confrontation. A survey showed that 25 to 30 percent of youngsters admitted to being cyber bullied or took part in cyber bullying but only 12 percent was involved in traditional bullying (Lohmann, 2012). Anonymity is also another issue in the internet. An individual can feel embodied or powerful as they are cloaked by the anonymity which can change the nicest of people into bullies (Tai, 2014). The bully may think that they would not get caught as their identity is not revealed online, thus, allowing themselves to bully as means of fun. This shows the risk of internet usage and it compromises the safety of children online. However, there are safety measures that can be in place to protect your children from online threats. For one, parental controls can be configured when opening a computer account for your child like web filtering to block certain websites, time limits to control the amount of usage and app restrictions to set the apps that your child can use. This allows more control over your children’s usage of the computer and internet and especially reduces the risk of your children accessing pornography or inappropriate contents. Parents need to educate themselves about cyber bullying and encourage their children to report any inappropriate behaviour that they witness online. They have to take immediate actions and ignore the online predator, avoid logging onto the website that the bullying occurred, block their email and delete their social networking account if it gets out of hand. A trusted third-party can also be brought in to mediate the situation if their children is unwilling to speak to them. Such strategies can be taken for child online safety.

The Threat of Clickjacking

The last threat that is faced by internet users is clickjacking. It is when the cybercriminal tricks them into clicking a link that takes them to one place but divert them to another chosen destination for malicious purposes. Most commonly, click-jacking attempts have often been targeted at online shopping sites. For example, the scammer may create an attractive link or website which promises the user a free trip to the Bahamas. The scammer checks if the user is logged into his banking site and loads the screen that enables transfer of fund. The funds transfer is shown in an invisible frame in front of the gift page with the “confirm transfer” button over the “receive gift” button that can be seen by the user. The user then clicks the “receive gift” button but in reality, clicks the invisible “funds transfer” button. The funds are then transferred to the scammer. The user is then redirected to a page showing information about the gift but is oblivious to what had happened. There are two mitigation methods, client-side method which is also called frame busting and X-frame-option which is recommended by security experts. The first method, frame busting uses javascript to detect whether the page is running on frame and then breaking the page out of frame. However, there are some disadvantages to this method. If the javascript client is not working, then the frame busting would not work. Similarly, the scammer or attacker can also disable the javascript, not allowing the frame busting script to run at all. X-frame-option on the other hand is more secure. The website will state whether it can be rendered inside the frame by providing a special HTTP response header like ‘deny’ which restricts the page from loading in a frame, ‘sameorigin’ which only allow the page to be displayed if the frame and page is of the same origin, and ‘allow-from’ which allows you to define a trusted location from which your page can be rendered in a frame. The user can use these preventive measures whichever is compatible with their device to deter from click jacking, an internet threat.

Conclusion

In conclusion, the intricate landscape of internet threats demands proactive measures to safeguard personal and sensitive information. This essay delved into the realms of encrypted messaging, phishing, child online safety, and clickjacking, unraveling their potential risks and consequences. While encrypted messaging shields data from unauthorized access, the dynamics of phishing underscore the importance of user awareness and vigilance. Protecting children online requires a multifaceted approach, encompassing parental controls, education, and mediation. Additionally, the elusive menace of clickjacking necessitates robust defenses such as frame busting and the implementation of X-frame-options. As the digital landscape continues to evolve, understanding these threats and adopting preventative strategies will empower users to navigate the online realm with greater resilience and security.

References

1. Lee, M. (2017). What Is Encryption and How Does It Work? NortonLifeLock. https://www.nortonlifelock.com/blogs/tech-safety/what-is-encryption
2. Smirnoff, L., & Turner, B. (2019). Symmetric vs Asymmetric Encryption: What’s the Difference? Thales Group. https://blog.thalesgroup.com/cyber-security/en/symmetric-vs-asymmetric-encryption-whats-the-difference/
3. Almeida, D. (2019). What Is Asymmetric Encryption? DZone Security. https://dzone.com/articles/what-is-asymmetric-encryption
4. Vandersteen, J. (2019). Pros and Cons of Encryption. NortonLifeLock. https://www.nortonlifelock.com/blogs/tech-safety/pros-and-cons-of-encryption
5. Lowry, C. (2016). University warns of fake payroll email phishing scam. The University Daily Kansan. https://www.kansan.com/news/university-warns-of-fake-payroll-email-phishing-scam/article_528a4a4e-0f2d-11e6-8ae4-6b67356c9b49.html
6. Fruhlinger, J. (2019). Phishing explained: How it works and how to protect yourself. CSO Online. https://www.csoonline.com/article/2117843/what-is-phishing-how-this-cyber-attack-works-and-how-to-prevent-it.html
7. Korolov, M. (2016). Ransomware, phishing and cyber attacks scare business officials. CSO Online. https://www.csoonline.com/article/3177660/ransomware-phishing-and-cyber-attacks-scare-business-officials.html
8. Lord, N. (2019). 5 Ways to Protect Against Ransomware. Dark Reading. https://www.darkreading.com/risk/5-ways-to-protect-against-ransomware/a/d-id/1336155
9. Lohmann, R. (2012). Teens and Cyberbullying: Study Reveals Surprises. HuffPost. https://www.huffpost.com/entry/teens-and-cyberbullying-s_b_1392962
10. Tai, Z. (2014). Anonymity on the Internet Makes People Less Kind and More Hostile. Scientific American. https://www.scientificamerican.com/article/internet-anonymity-makes-people-less-kind-more-hostile/
11. Lord, N. (2019). 4 Strategies to Prevent Child Online Bullying. Dark Reading. https://www.darkreading.com/edge/theedge/4-strategies-to-prevent-child-online-bullying/b/d-id/1335869
12. Lohmann, R. (2012). Teens and Cyberbullying: Study Reveals Surprises. HuffPost. https://www.huffpost.com/entry/teens-and-cyberbullying-s_b_1392962
13. Sood, A. (2014). Online Shopping Sites Prone to Clickjacking Attacks. Symantec Blogs. https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/online-shopping-sites-prone-clickjacking-attacks