Atwater Library and Computer Centre

Introduction to Cyber Security

Nicola Sibthorpe, Fiona Clark, Gordon Campey, Kelley Rojas and Liz Perrin

Copyright: Atwater Library and Computer Centre 2023

Atwater Library and Computer Centre

Introduction to Cyber Security

Atwater Library and Computer Centre

Contents
Introduction ................................................................................................. 1
Internet safety tips..................................................................................... 1
Passwords .................................................................................................. 3
Keep track of your online account details .............................................. 3
Decide if a password manager is right for you ........................................ 4
Choose which apps and devices store your username and password .... 4
Viruses ....................................................................................................... 4
Virus symptoms...................................................................................... 5
Spyware ..................................................................................................... 5
Phishing ..................................................................................................... 5
How to Protect Yourself ............................................................................... 6
Software Protection ................................................................................... 6
Defensive E-mail strategies ........................................................................ 7
What does Phishing Look Like? .............................................................. 7
Identity Theft ........................................................................................... 10
Back up data ............................................................................................ 11
Some other things to watch ..................................................................... 12
How to Protect your computer with an out dated operating system? ....... 13
Disconnecting the Computer ................................................................... 13
Use a Limited Account ............................................................................. 13
Protection for Apple Computers ................................................................ 13
Social Media .............................................................................................. 14
Social Media Etiquette ............................................................................. 14
Resources .................................................................................................. 15

Introduction to Cyber Security

Atwater Library and Computer Centre

Introduction
While computing is a fun and rewarding experience for its users, that does not
mean it is without its dangers. While you are still exploring your computer and the
Internet, it is safer to not enter any personal information into a website unless
you are comfortable with computers or it is a site that you trust absolutely. As you
become more comfortable with your computer you will start to recognize which
sites you can trust and which you cannot.
In the same way that you developed the knowledge that walking down a dark
alley in the middle of the night is unsafe, you can develop Internet safety skills.
STOP, THINK, CONNECT
 STOP: Before you use the Internet, take time to understand the risks and learn
how to spot potential problems.
 THINK: Take a moment to be certain the path ahead is clear. Watch for
warning signs and consider how your actions online could impact your safety,
or your family’s.
 CONNECT: Enjoy the Internet with greater confidence, knowing you’ve taken
the right steps to safeguard yourself and your computer.
Internet safety tips
Recognise website security indicators: Check if the website address starts with
HTTP:// or HTTPS://. The “S” at the end means the connection is encrypted and
secure. Keep an eye out for this extra layer of protection when doing
transactional activities (e.g.,
making purchases, online
banking).
 The lock icon or the word
“secure,” at the left side of
the address bar, indicate a
secure Web page. Click the
icon or word for more
details.

Introduction to Cyber Security 1

Atwater Library and Computer Centre

Avoid clicking links that have no context: Practice safe clicking! Verify a link by
previewing the website address before navigating to it.
 If using a mobile device like a phone or a tablet:
o Press and hold one finger on the link, then let go to display a menu of
options. Look along the top of the menu to
view the website address (URL) to which the
link will take you.
 If using a mouse with a computer or laptop:
o Hovering on a link changes the mouse
pointer to the Hand. Look at the bottom left
of the browser window to view the website
address (URL) to which the link will take
you.
 VirusTotal analyzes "suspicious files and URLs to detect types of malware."
Visit the site, click URL, then paste the link in and search:
https://www.virustotal.com/gui/
Make use of Virtual Private Networks (VPNs). These allow users to make a secure
connection through a private network over the Internet. They enable users to
send and receive data over public or shared networks without unauthorized users
being able to see it.
o To make use of a VPN, users first have to create an account with a VPN
provider. Once the account is established, and the provider’s app has
been installed, the details can be used on a device used to connect to
the Internet.
 Android Smartphone / tablet: Settings > Connections > More
connection settings
 Apple Smartphone / tablet: Settings > General > VPN
 Windows 10 laptop / desktop: Windows 10 Settings > Network and
Internet > VPN > Add a VPN connection

Introduction to Cyber Security 2

Atwater Library and Computer Centre

Passwords
When you are creating a password, it is never a good idea to reuse it, and you
should have a different password for your important websites (such as email,
banking, Facebook, etc.). Creating a strong password is not difficult. Just follow
the steps below:
A strong password
 is at least eight characters long (the longer the better)
 does not contain your username, real name, or company name
 is different from previous passwords
 contains characters that are:
o Uppercase Letters (A, B, C)
o Lowercase Letters (a,b,c)
o Numbers (1, 2, 3)
o Symbols (~, @, #, &)

A password could meet all the previous criteria and still be considered a weak
password. Passwords can be sentence length. For example, pick a phrase that is
meaningful to you, such as My son's birthday is 12 December, 2004. Using that
phrase as your guide, you might use Msbi12/Dec,4 as your password.
Substitute numbers, symbols, and misspellings for letters or words in an easy-to-
remember phrase. For example, My son's birthday is 12 December, 2004 could
become Mi$un's Brthd8iz 12124 (it's OK to use spaces in your password).
 Some websites will not allow spaces when you create a password.
 Relate your password to a favorite hobby or sport. For example, I love to play
badminton could become ILuv2PlayB@dm1nt()n.
Keep track of your online account details
Do not try to create passwords that are easy to remember. Instead, keep track of
your passwords in a way that is manageable for you.

Introduction to Cyber Security 3

Atwater Library and Computer Centre

At the very least write down the details for each of your online accounts. Be sure
to include the email address (username) you used to create the account, the
password, and any of the info you gave at the time you created the account, like a
phone number or another email address (recovery options).
Keep these details in a safe place (e.g. on paper like a notebook, electronically like
a password manager).
Decide if a password manager is right for you
 Get Cyber Safe – Password managers –
https://www.getcybersafe.gc.ca/en/secure-your-
accounts/password-managers
 Password managers (CAFC) – https://cyber.gc.ca/en/guidance/password-
managers-security-itsap30025
Choose which apps and devices store your username and password
Where and why are you signed in? Know which apps save what account details
(usernames, passwords). Consider not allowing apps like Web browsers or
websites to save passwords.
 How to access Internet browser settings –
https://www.computerhope.com/issues/ch001918.htm
 How do I enable or disable autofill in my browser –
https://www.computerhope.com/issues/ch001377.htm
 Search terms: “name of Web browser” (e.g. Chrome, Firefox, Edge, Safari) +
“manage passwords,” “clear history,” “privacy,” “security”
 Sign out of your online accounts after using them. Especially if you are using
a public computer or someone else’s device.
Viruses
"Virus" is a computer term used to describe malicious code that can infect and
possibly damage a computer. The term is often used to include “worms” and
“Trojan horses,” although "malware" is the correct term if you want to include
“viruses,” “worms,” and “Trojan Horses.”
Viruses can come from downloading program files, email attachments or
websites. They may replicate themselves, operating without your knowledge.

Introduction to Cyber Security 4

Atwater Library and Computer Centre

They can corrupt files, delete files, alter program settings and even reformat hard
drives, destroying all your data.
If you would like to know more about specific types of viruses and how they work,
there are many websites that offer information. Here are a few:
 How computer viruses work? http://www.howstuffworks.com/virus.htm
 What is a virus?
https://www.computerhope.com/jargon/v/virus.htm#:~:text=When%20the%2
0virus%20is%20executed,to%20access%20a%20host's%20computer.

Virus symptoms
You may have a virus if (non-inclusive list):
 Other people say you have one!! However, if you
received a message by email, it could well be a
hoax.
 Your computer does unusual things: peculiar messages or graphics appear
for no apparent reason and unrelated to what you are doing.
 The on-screen pointer moves on its own, or windows open and close by
themselves.
 For more detailed list of symptoms see:
http://support.microsoft.com/kb/129972

Spyware
Spyware is the term used for a wide range of unwanted programs that exploit
computers for commercial gain. They can deliver unsolicited pop-up
advertisements, steal personal information (including financial information such
as credit card numbers), monitor Web-browsing activity for marketing purposes,
or route HTTP requests to advertising sites.
Phishing
Phishing is a form of criminal activity using social engineering techniques through
email or instant messaging.

Introduction to Cyber Security 5

Atwater Library and Computer Centre

Phishers attempt to fraudulently acquire other people’s personal information,

such as passwords and credit card details, by masquerading as a trustworthy
person or business in an apparently official electronic communication.

How to Protect Yourself

Software protection
Install (or activate) AntiVirus Software such as Norton, McAfee, ESET or Avast.
Windows 10 and 11 come with security software already installed. The following
packages provide both antivirus and antispyware protection.
 Bitdefender: https://www.bitdefender.com/
 ESET: https://www.eset.com/ca/
 Norton: https://ca.norton.com/?lsModal=1
 Windows Security: https://support.microsoft.com/en-us/windows/stay-
protected-with-windows-security-2ae0363d-0ada-c064-8b56-
6a39afb6a963#:~:text=Windows%20Security%20is%20built%2Din,called%20W
indows%20Defender%20Security%20Center).
Make sure you have a Firewall. A firewall is a security system that acts as a
boundary between your computer and the outside world. Firewall software sets
restrictions on what information is allowed to pass to and from your computer.
Zone Alarm software is a good example. You can download this at Zone Alarm:
http://www.zonelabs.com. The free download is highly rated.
 Recent versions of Windows operating systems have a Windows Firewall built
into the system. To verify if it is active, check the settings by going into Control
Panel and then Security Center.
 KEEP THEM UP TO DATE!!! New viruses are invented every day. Your software
only protects you from those that existed the last time it was updated. You can
set it to automatically deliver the latest virus definitions from the Web.
Certain kinds of virus protection software only provide 12 months of updates.
When your protection nears its expiration, you will be prompted to submit
payment to subscribe for another 12 months.

Introduction to Cyber Security 6

Atwater Library and Computer Centre

Defensive email strategies

 DO NOT OPEN emails whose senders may be suspect.
 Suspect every attachment. You will know more about an email attachment if
you can see the file extension showing what type of file it is. You can make the
file extensions visible by going to My Computer. Using the Tools menu (or the
Organize button) and Folder Options, under the View tab, make sure that
“hide file extensions” is not checked off.
 Give your email address to commercial websites only when you have to. If you
are signing up for something, check if there is a statement about sharing your
email with others.
 Be aware that phishing scams exist. If asked for personal information or
passwords, do not click on any of the links or attachments unless you have
verified that it is an authentic email.
 Set the level of junk mail you are willing to accept. You can also choose to
block specific senders. Most mail providers, such as Gmail, have an option to
block or flag suspected phishing messages.
What does Phishing look like?
 Most Phishing emails will disguise themselves as legitimate companies or
banks claiming that you must act to verify personal information before being
able to use the service, or in the case of bank information, access your
account.

Introduction to Cyber Security 7

Atwater Library and Computer Centre

Phishing Email

Points to note:
 The email claiming to be from BMO is made to look like it is legitimately
from the institution. Always verify the email address with the bank itself if
you are unsure of the sender.
 Banks or other financial and government institutions will NEVER ask you
for your log-in credentials via email. Legitimate requests will arrive via a
message in a secure inbox located on their site which requires a separate
sign-in process. When in doubt, call the organization in question using
contact info gathered from a source other than the suspicious email.
 What should you do if you receive a phishing email? – NEVER click on any
link located in the email. You may proceed to delete it from your inbox.

Introduction to Cyber Security 8

Atwater Library and Computer Centre

 If you would like to take action about these messages, you may do the
following:
o Report it as a phishing email to your email provider, such as Gmail. You
may do this by clicking the “Spam” button. This way, you can “train”
your email client to detect similar messages and alert you to potential
threats in the future.
o Report it to the service being impersonated so they are aware that
their name is being used to potentially swindle individuals out of
money or their personal information.
o Begin by searching for the company’s correct contact information. You
may do a simple Google search to locate the contact details. NOTE: Be
sure you are clicking on a legitimate website to get this information.
Searching for Contact Information

Searching for Contact Information

Introduction to Cyber Security 9

Atwater Library and Computer Centre

Reporting the Phishing Email to a Financial Institution

Identity Theft
 Use strong passwords with eight or more characters that include a
combination of numbers, letters, and symbols.
 Do not reveal personally identifiable information online such as: your full
name, telephone number, address, social insurance number, insurance policy
number, credit card information etc.
 Don’t open emails from strangers and don’t click on links for unfamiliar sites.
 When making online donations, make sure any charity you donate to is a
legitimate non-profit organization and that you type in the website address
instead of following a link.
 Shred bank and credit card statements before throwing them in the trash; talk
to your bank about using passwords and photo identification on credit cards
and bank accounts.
 Check bank and credit card statements monthly for unusual charges.

Introduction to Cyber Security 10

Atwater Library and Computer Centre

Back up data
 Make a habit of saving your work regularly; say every 15 minutes, when you
are working on a document or database. Some software, such as Access, saves
the data as you go along, but others such as Word may only save when you
click on Save. If there is a power cut, for example, you may only have the
version you last saved.
 If you use Word, check the settings for automatic backup and recovery, which
you will find under the File menu: select Options and the Save tab. Make sure
the Save AutoRecover is checked, then find out where the AutoRecover files
are saved by looking under the File Locations tab.
 Back up important files somewhere other than on your hard drive. Save a
second copy to a cloud storage account, USB flash memory or second hard
drive and store it separately. This avoids a lot of pain if the computer is stolen
or the main hard disk crashes.
 Specific items you should back up:
Your major programs can be restored from their original disks or by
downloading from the Internet. It should not be necessary to back up the
entire hard drive. The most important items to back up are those you have
created yourself:
1. First there are the Word, Excel and database files you have created. If you
have saved them all in the My Documents folder and its sub-folders, it will
be easy to back them all up in one action by backing up the entire My
Documents folder.
2. Your email address book. Locate and back up the file that contains your list
of contacts.
In Gmail: Select the Contacts button to view all of your email addresses.
Select the More button and select Export from the drop-down menu.
3. Bookmarks. Your favorite Web pages are located in your bookmarks list. To
back up the list of your bookmarks, go into bookmark manager and select
organize. Then, from the drop-down list, select Export Bookmarks to HTML
File.

Introduction to Cyber Security 11

Atwater Library and Computer Centre

4. Some people advise backing up the Windows folder, which includes your
operating system and the computer's Registry, but this will require large
storage capacity.
Some other things to watch
 With either a cable or a broadband Internet connection, your computer is
online (and therefore accessible to hackers) all the time it is switched on
(unless you are able to lock it with your firewall). Switch the computer off
when you are not using it.
 Your computer should be configured to automatically accept Windows updates
because patches are developed to fix security weaknesses in the original
release. To check the setting on your computer, from the Start button go to
the Control Panel and choose Security Center. If you have not been keeping
Windows up to date, you can look for available updates in the Settings app.
 Internet Browsers – ensure that the Web browser you use always gets the
most recent security updates.
o Manage extensions or add-ons (only available for desktops or laptops).
Extensions are added features that allow us to customize our browser
experience.
 Pay attention to the permissions that some extensions require.
 Use the fewest extensions possible. Uninstall or remove unused
extensions.
 Only install extensions from credible Web stores hosted by one of the
big four browsers.
 Clear browsing history and cookies. Erase the list of websites visited (browsing
history), and the small amount of text-only information saved on our devices
while we browse a website (cookies).
o Chrome, Edge, Firefox and Opera allow us to manage history and cookies
from within the browser app.
o Safari allows us to manage history and cookies from within the browser app
(Safari menu bar > Safari > Clear History ... (desktop / laptop)) or the
Settings app (smartphone / tablet devices).

Introduction to Cyber Security 12

Atwater Library and Computer Centre

Protection for outdated computers

Microsoft has discontinued its support of older operating systems (Windows XP,
Vista, Windows 7, Windows 8). While you will still be able to start up and use your
older computer, it will no longer be able to benefit from Microsoft technical
support or security updates. This means that your computer may be more
vulnerable to viruses or other types of malware.
Aside from upgrading your operating system to Windows 10 or 11 or purchasing a
new computer, there are some ways you can use your older computer with fewer
security risks:
 Antivirus programs – having an antivirus program may not be enough to
protect your computer. You must make sure that the software you install
protects against the current threats to computer operating systems.
Disconnecting the Computer
Removing Internet access also removes security threats originating from the
Internet.
Use a Limited Account
Administrator accounts hold the keys to all areas of your computer. By using a
limited-user account for regular day-to-day Web surfing, you may prevent
malware from infecting your main, administrator account.

Protection for Apple Computers

It is commonly thought that Macs do not get viruses or other types of malware.
This is not true. More and more threats are coming up that impact Mac devices.
The above information should be used as a guide to protect you and your Mac.
Most antivirus producers like Sophos and Avast! also make Mac-compatible
programs.

Introduction to Cyber Security 13

Atwater Library and Computer Centre

Social Media
Protecting yourself on social media is just as important as protecting yourself on
social media can go much further than just protecting yourself with strong
passwords. Your social media accounts hold a lot of personal information, with
answers to the security questions that are usually used in replacing a password, to
the people you share your life with. You want to make sure your social media
passwords are strong and changed every few months.
Social networking means opening up and sharing information online with others,
but there’s some information you should never share online. Protecting yourself
from sharing Too Much Information (TMI) can save you from identity theft and
even protect your physical safety. So, let's start with the obvious: never share
your social insurance number (including even just the last 4 digits), your birth
date, or home address. Of course, you should protect all of your passwords, PIN
numbers, bank account and credit card information.
Facebook, for example, allows you to restrict who can see your birthday or your
home town (often the same as your city of birth). But not every site has these
options. In those cases, avoid the problem altogether by not entering information
you don’t want to share.
Be selective when accepting a friend: Do you really know that their profile is real
and not fake? Only “friend” people you know in the real world.
Exercise caution when clicking on links, even if they’re from friends. Hackers prey
on social networks because you are more likely to click on something from your
friends. Also be wary of offers with the word “free” in them, or ones that sound
too good to be true, as they usually are.
Social Media Etiquette
Remember the Internet is permanent: Assume that once you put information on a
site, it stays there forever. Even if you delete the account, you don’t know if
someone has already printed/copied your text or photos off it.
The Internet also has a long reach; sometimes the tweet you put out without
thinking can become popular and taken out of context. You don’t want something
you wrote without thinking to make its way back to your family and/or your boss.
If you wouldn’t say it to your grandmother, don’t post it on social media!

Introduction to Cyber Security 14

Atwater Library and Computer Centre

Resources
 Glossary – Get definitions for the ever-changing world of cyber security
jargon – from "administrative privileges" to "zombie" –
https://www.getcybersafe.gc.ca/en/glossary
 Know your rights: Learn more about how companies must protect your
personal information – from the Office of the Privacy Commissioner of
Canada – https://www.priv.gc.ca/en
 Protect Yourself Against Identity Theft – from the Canada Revenue Agency –
https://www.canada.ca/en/revenue-agency/services/forms-
publications/publications/rc284/protect-yourself-against-identity-theft.html
 Canadian Anti-Fraud Centre (CAFC): Recognize and report scams.
https://www.antifraudcentre-centreantifraude.ca/index-eng.htm
 Antivirus software developers (e.g., Kaspersky, Norton, etc.) and financial
institutions (e.g., Royal Bank, CIBC, etc.) offer a wide range of credible and
useful information on their websites to educate users. Search and read the
information to learn how to protect your device and information.
 Passphrases, passwords and PINs (4 words and 15 characters) –
https://www.getcybersafe.gc.ca/en/secure-your-accounts/passphrases-
passwords-and-pins
 Video – Creating a strong password –
https://www.getcybersafe.gc.ca/en/resources/video-creating-strong-
password
 How strong is your password? Five ways to evaluate –
https://www.getcybersafe.gc.ca/en/blogs/how-strong-your-password-five-
ways-evaluate
 Multi-factor authentication – https://www.getcybersafe.gc.ca/en/secure-
your-accounts/multi-factor-authentication
 Get Cyber Safe – https://www.getcybersafe.gc.ca/en/home
 Internet Safety: free online tutorial –
https://edu.gcfglobal.org/en/internetsafety/

Introduction to Cyber Security 15