Welcome to Lesson 5 of Everyday computer skills: a beginner’s guide to computers, tablets, mobile phones and accessibility. In this lesson we will be looking at cyber security – how to stay safe and legal online. We have already looked at staying safe in Lessons 3 and 4, so this lesson will build on what you have already learned.
Key words and concepts are in bold. There is a course glossary you can refer to if any of these are unfamiliar to you.
This lesson is in four sections:
When you have completed this lesson, you will be able to:
Protect your computer from viruses.
Stay secure online and recognise scams.
Beware of fake websites and identity theft.
Identify key data protection issues.
As you discovered in Lessons 3 and 4, there are risks involved in engaging with the world wide web, including computer viruses. There are a few simple steps you can take to protect your computer and the personal information that’s stored on it. In this section, we will look at antivirus software and firewalls.
A
For example, a virus might attach itself to a program such as Microsoft Word. Each time the Word program runs, the virus runs too. A virus can reproduce by attaching itself to other computer programs, files or a hard drive, and can cause havoc.
Here are some different types of computer infections:
A
A
Here are some tips (adapted from Dell Technologies, 2020) to help you protect your computer from viruses and other malware:
Never download and install software unless you are certain it is from a trusted source.
Install antivirus software that can detect, block and eliminate all types of computer viruses.
Keep your antivirus software up to date, as well as running regular scans.
Do not open email attachments unless you have scanned them first. Even a picture can carry a virus.
Install an anti-malware program to prevent software from being installed on your device without your knowledge.
Install anti-spyware software to prevent software tracking your activities or scanning your computer for personal information.
Don’t trust modified software (cracked or hacked software), as it often contains malware.
GCFLearnFree.org explains how to protect your computer from potential threats in this short video. You can turn on captions by clicking on the subtitles icon in the bottom right corner of the video.
Antivirus software looks for and removes viruses before they can infect your computer. Have a look at PC Magazine’s guide to the Best Free Antivirus Protection for 2020.
Your internet service provider (ISP) might offer security software as part of your internet deal. There are also popular free security software programs available to download online, such as AVG or Avast. Windows Defender is also free and already built into recent Windows devices. MoneySavingExpert.com has a guide to the best free antivirus software for PCs and Macs.
If you decide to pay for your antivirus software, you may find that it offers more protection than the different pieces of free software listed above. Before you decide, check out the various options online, look at review websites or ask your local computer store for guidance.
Running a
This is a really important thing to do if you have smart technology like smart heating, smart appliances, or smart cameras (e.g., doorbells or baby/pet monitors).
Your computer will be better protected from viruses if you keep your operating system updated, because these updates often include security responses to new kinds of threats. Whether your operating system is Windows or Mac, you will receive notifications when new updates are available. You can also update your system manually.
If you’re worried that your computer is not working properly or think that it may have a virus, run a scan with your antivirus software. If that still doesn’t work, contact a computer store helpline.
This section extends what we have already learnt about email phishing in Lesson 3. Most emails sent every day are unsolicited junk mail, such as:
advertising, for example online pharmacies, pornography, dating or gambling
get rich quick and work from home schemes
hoax virus warnings
hoax charity appeals
chain emails, pretending to bring good luck if forwarded to multiple contacts.
Spammers may use automated software to generate email addresses. They can also hack into legitimate websites to gather users’ details. Sometimes, they copy addresses from regular emails that have been copied or forwarded to lots of people without using ‘bcc’.
They may also buy lists of emails from other spammers or scammers. These may be obtained through spam emails or scams encouraging people to enter their details on fraudulent websites, as we saw in Lesson 3.
Even if we take care to ensure we only enter our email address into legitimate websites, we can't guarantee that the website stores our data safely, or even that it hasn't been hacked. This means that there's no way we can stop scammers getting our email addresses (even if we can limit the risks by being careful). Because we can't guarantee our details will be safe, we need to make sure we stay alert to phishing scams.
Spam emails may feature some of the following warning signs:
You don’t know the sender.
The email includes misspellings designed to fool spam filters, such as ‘p0rn’ spelt with a zero.
The email makes an offer that seems too good to be true.
The subject line and contents of the email do not match.
The email makes a pressing offer with an urgent end date. For example: ‘Buy today and get 50% off.’
The email asks you to forward an email to multiple people and may offer you money for doing so.
The email comes with a virus warning.
The email includes attachments such as an
Be wary about clicking on an email attachment as it could release a virus that scans your computer for personal information and sends out spam email to people in your address book.
You may even get a phone call from someone claiming to be from a well-known software company like Microsoft. The person calling will tell you that there’s a problem with your computer and that they need to get access to it. This is intended to include access to your personal details. Legitimate IT companies never contact customers in this way. If you receive a scam call, hang up immediately.
Spam or junk email may contain viruses and spyware and can be a vehicle for online fraud, such as phishing. Unwanted email may contain offensive images and clutters the inbox. Never reply to a spam email as this would confirm to the spammers that your email address is active.
Take a look at this visual guide from DigitalLearn.org on recognising scams.
Make notes in the space below about some of the signs to watch out for.
Here are some questions that you should ask yourself:
Can you tell who the email is from?
Have you heard of the person or organisation?
Does the email look professional?
Are they asking for your money or information?
Do they claim they can fix your computer?
Are they trying to rush you into a quick action?
Is it too good to be true?
The word ‘cyber’ broadly refers to computing, internet networks, online spaces and the digital world. When we refer to cyber security or information technology (IT) security, we mean the protection of computer systems and networks from theft or damage. Cyber security is also meant to ensure that online services are free from disruption or misdirection.
Smartphones, computers and other online devices have become an essential part of everyday life. From online banking and shopping to email and social media, more and more of our personal and financial information is stored online. This makes it more important than ever to take steps to prevent cyber criminals getting hold of our data.
In this section we will look at two common scams to be aware of. These are
There are plenty of websites out there that will take advantage of consumers looking for a quick fix for minor to serious health issues. Health and medical product scams offer you products at much lower prices than high street pharmacies. You may or may not receive the product after you’ve paid for it or you might receive a product that is poor quality and possibly even harmful to your health. Some websites will make false claims that certain products, medicines and treatments can bring about a ‘miracle’ health cure.
Scammers have been known to set up fake pharmacy websites designed to look like legitimate operators. Medicines and drugs are offered at very cheap prices or without the need for a prescription from a doctor. Prescription-only medicine requires a doctor or other qualified healthcare professional. You should not use medicine that hasn’t been prescribed for you as it may be dangerous. Even if you buy a medicine you have been prescribed, what you receive from these websites may not be the real thing.
Unsolicited emails offering cheap or hard-to-get pills or treatments.
Pharmacy websites based overseas or that do not include a contact telephone number or street address, making it difficult to sort out an issue if anything goes wrong.
Whether there is any scientific evidence to back up the claim that the product actually works.
DO NOT access an online pharmacy site through a link in an unsolicited email. Delete it.
BE SUSPICIOUS of uninvited emails or pop-up boxes offering you unbelievable deals. Delete them.
DO NOT OPEN suspicious or unsolicited emails (spam) and do not click on or open any files attached to them. Delete them.
All pharmacies in the UK, including those providing internet services, must be registered with the General Pharmaceutical Council and meet their standards for registered pharmacies.
The General Pharmaceutical Council maintains an extensive pharmacy register. If you click on the Registered Pharmacy logo on a website, it will take you to a web page where you can verify if the website is legal. If it’s not, you can report the suspected scam.
There is also an EU-wide scheme. The EU logo looks like this:
Online dating can be safe but it’s wise to be careful, because people have been exploited through online relationships. We will explore two types of friendship or dating scams: catfishing and revenge porn.
A relationship starts online and after trust has built up, the scammer asks you to transfer them money. They may say they have lost their credit card, or they are stuck abroad and need funds to cover their travel home. This is often called a romance scam or
The second kind of romance scam may be a relationship or just a brief online exchange during which images or video of nudity or sexual acts are taken. The scammer then threatens to post the content online unless payment is received. This kind of scam is often referred to as
If you have been a victim of a romance scam, report it.
Police Scotland has information on romance fraud on its website.
If you think you’ve been a victim of an online scam, do not suffer in silence and don’t be embarrassed to report it. Which?, a consumer rights organisation, has a useful guide to where to report different types of scams.
If you feel you need emotional support and would like to talk to someone about your experience of being scammed, you can contact Victim Support (UK).
Call 0808 168 9111 or email
Look again at the different types of online scams in this section and choose one. Then have a look at ‘How to spot a fake, fraudulent or scam website’ on the Which? website. Use the space below to make notes on what you would do if you were a victim of a similar scam.
Here are some ideas:
You could report phishing or email scams to your email provider (such as Gmail) as spam or junk mail. If the email claims to be from a genuine company, such as your bank, tell them so they can let other customers know that it is a scam.
If you think your identity has been stolen, report it to your bank or credit card provider immediately.
Financial scams can be reported to Action Fraud, the UK’s national fraud and crime reporting centre.
Revenge porn (or sextortion) can be reported to Police Scotland.
You can also report a scam to your local Citizens Advice centre, who may pass it on to Trading Standards staff.
Scammers and online fraudsters can create fake, fraudulent or scam websites that look official. They are good at creating convincing websites that may look like a government department, your internet provider or your bank’s website. Fake websites will look very similar to the genuine bank website, and only a few tiny details may be different.
Scam websites are created to mislead you into providing personal or financial information. For example, a fake bank website may ask you to update your account or security information.
You might also come across websites that are set up to look like a service offered by one of the government websites. For example, there are websites that offer to help you apply for a passport renewal or a new driving licence. Although they are not necessarily illegal, these websites charge a fee to use them. You can avoid paying by going directly to the official government department. Your first stop should be GOV.UK, the government’s official website. See Lesson 4 for more information about online public services.
In its online guide, Which? lists eight steps to test whether a website is legitimate or not. You covered most of them in Lesson 4, aside from ‘Can you trust a trust mark?’.
One of the main reasons for setting up a fraudulent website is to steal identity details.
The online world has opened up new sources of information for fraudsters. Even security-conscious people can fall victim to malware designed to detect your personal information. We have seen in Lesson 3 how phishing attacks can persuade users to divulge personal information. In Lesson 4, we learned how hackers can steal millions of personal records by attacking online retailers.
Online identity theft may pass unnoticed for some time, allowing great damage to be done to your finances. Some useful signs to watch out for include:
unexplained bank withdrawals or credit card charges
bills and other expected official letters don’t arrive
cards or cheques are declined
fraudsters making contact about debts you know nothing about
receiving notice that your information was compromised by a data breach at a company where you do business or have an account
your bank or credit card provider making contact about suspicious behaviour on your bank account.
Now that you have gained some insights into identity theft, what can you do to protect yourself from it?
This animation from OpenLearn gives some useful tips on how to keep your information safe online.
The information superhighway: a bustling place, bumper-to-bumper with cat videos and baby photos and statue lols.
Every day, millions of people – young and old – use it to connect and share with each other.
But watch out! Sometimes sharing can be hazardous.
Say hello to Tony. He loves to snap a cheeky selfie with his intelligent telephone.
Gosh. This one must be for his lady friend.
Careful now... Oh, Tony! It looks like the whole world just got to see your gearstick!
Estimates show that some 11,000 teenagers die of embarrassment every week.
And it’s not just the nation’s youths at risk:
Miss Jenkins loves her new, electronomical jogging tracker.
But wait! The privacy settings! That route is being broadcast publicly!
Oh no, Miss Jenkins! Your beautiful ornaments!
Yes, careless sharing is a very real danger. It may already have affected someone you know.
And who can say how far its consequences may yet reach?
Don’t have a bad share day. Take our free online test and find out if you’re a safe sharer.
This message was brought to you by the Ministry of Sharing. All Instagram and Facebook activity is undertaken at your own risk. Please do not retweet.
There is a short quiz for you to take at the end. How well did you do?
Data protection regulations are meant to ensure that you are treated fairly and openly. For example, your right to have control over your own identity and your interactions with others – so long as these do not have an adverse impact on the wider interests of society.
Technological innovation makes data protection increasingly important. Data protection laws and regulations are meant to establish public trust in how personal data is used and stored by both the private and public sectors.
In the UK, data protection is set out in the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018.
The General Data Protection Regulation (GDPR) came into effect in the UK on 25 May 2018. The regulation sets out guidelines for collecting and processing personal information from people who live in the European Union (EU). The reach of the GDPR applies beyond the EU and will still apply during Brexit negotiations. In this section we will look at some of the contents of the GDPR.
These principles shape how personal data should be processed and are meant to lie at the heart of organisations that provide services to EU citizens. The principles are:
Fairness and transparency.
Limiting how much data is required for the intended purpose.
Minimising data.
Accuracy.
Limits of storage.
Integrity and confidentiality.
Accountability.
The GDPR addresses what organisations must and must not do with your data. For example, you have the right to be informed about how your data is collected and used. You also have a right to know an organisation’s purpose for processing your personal data, how long they retain it and who they will share it with. Ultimately, you have a right to concise, transparent, intelligible and easily accessible information that uses clear and plain language.
The GDPR includes eight individual rights:
The right to be informed.
The right of access.
The right to rectification.
The right to erasure.
The right to restrict processing.
The right to data portability.
The right to object.
Rights in relation to automated decision-making and profiling.
In certain circumstances, you have a right to have your personal data erased – this is also called ‘the right to be forgotten’. You can make a request for erasure verbally or in writing, and the relevant organisation has one month to respond to this kind of request.
The Information Commissioner’s Officer (ICO) has a ‘Guide to the General Data Protection Regulation’ if you would like more information.
This lesson has gone into more detail about the steps you can take to stay safe online and protect your personal information, building on what you covered in Lessons 3 and 4. In this lesson, you looked at some of the precautions you can take to minimise risks, such as running an antivirus program, keeping it up to date and not responding to phishing emails.
Computer viruses and malware are rogue programs that can spread from one computer to the next. They can steal personal information and do damage to your computer. Installing trusted antivirus software on your computer is important to protect you from online risks like viruses and malware, but you should still be aware of what you click, download and open.
You also looked at how cyber criminals can take advantage of people looking for health products or relationships online. Another serious risk is identity theft, a type of fraud that uses stolen personal information to impersonate another person. You also looked at some of the ways you can spot online scams like these and what you can do to protect yourself.
Finally, you looked at some of the principles of the GDPR. These regulations are intended to protect how your personal information is used and stored by companies and organisations and gives you certain rights.
Use the space below to make notes on what you’ve learned in Lesson 5. Think about what was new to you and what you already knew.
Here are some ideas to get you started:
I have antivirus software on my computer and keep it up to date.
I know what to look out for to check if an email or website is fake or from a trusted source.
I have an idea of the protections and rights that I have under data protection regulations.
Action Fraud: report cyber crime to the police.
Dell Technologies: ‘What are the different types of viruses, spyware and malware that can infect my computer?’.
DigitalLearn.org: ‘Internet privacy: searching and visiting sites’ (online course).
GOV.UK: ‘The Data Protection Act 2018’.
Information Commissioners Office: ‘Guide to the General Data Protection Regulation (GDPR)’.
OpenLearn: Introduction to cyber security: stay safe online (online course).
Police Scotland: ‘Romance fraud’.
PCMag UK: ‘The best antivirus protection for 2020’.
WebMed Pharmacy: ‘Are you buying fake medicines online?’
You can add captions to YouTube videos by clicking on the subtitles/closed captions icon. Please note that some of these YouTube videos may have adverts.
‘GDPR explained: how the new data protection act could change your life’ (Channel 4 News).
Below is a subtitled recording of an online session delivered by Lead Scotland in June 2020. It is aimed at carers and others supporting disabled people to access the internet and stay safe online.
You should now try the quiz for this lesson. This quiz covers your learning across the whole course: if you pass it, this counts towards your digital badge.
Except for third party materials and otherwise stated (see terms and conditions), this content is made available under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 Licence.
The material acknowledged below is Proprietary and used under licence (not subject to Creative Commons Licence). Grateful acknowledgement is made to the following sources for permission to reproduce material in this free course:
Every effort has been made to contact copyright owners. If any have been inadvertently overlooked, the publishers will be pleased to make the necessary arrangements at the first opportunity.
5.1 GDPR padlock circle: Image by Pete Linforth from Pixabay
5.1 Tip icon: Image by OpenClipart-Vectors from Pixabay
5.1 Laptop firewall update: one photo / Shutterstock
5.1: Internet security: Oksana Stepanenko / 123RF
5.1: No spam: Suthee Navakul / 123RF
5.1 Cartoon scammer: MicrovOne / iStock / Getty Images Plus
5.1 Warning symbol triangle: Image by Clker-Free-Vector-Images from Pixabay
5.2 Cyber security word cloud: Image by Darwin Laganzon from Pixabay
5.2 Blue/Green Triangle: TechTarget
5.2 Nutrition expert: Elnur Amikishiyev / 123RF
5.2 Do not icon: Image by janjf93 from Pixabay
5.2 Registered pharmacy: General Pharmaceutical Council
5.2 EU registered pharmacy: General Pharmaceutical Council
5.2 Catfishing: iridi / iStock / Getty Images Plus
5.3 Fingerprint: Image by ar130405 from Pixabay
5.3 Identity theft padlock: alexmillos / 123RF
5.3 Identity theft fingerprint: razihusin / iStock / Getty Images Plus
5.3 Warning symbol triangle: Image by Clker-Free-Vector-Images from Pixabay
5.4 GDPR padlock circle: Image by Pete Linforth from Pixabay
5.4 Padlock European Union: Image by Tumisu from Pixabay
Activity 5.3 Are you safe online?: The Open University
Useful videos: Supporting others to be safe online: Lead Scotland