InfoSec: FAQ for Youngsters & Students

Q.1 How do I know if I am using my PC safely?

1.

First, make sure you've installed anti-malware software on your PC and check whether you have the latest malware definition file installed. You should also schedule daily scan and enable the auto-protection / real time scanning function of the anti-malware software.

2.

Next, check whether you've made any latest backup of your important data.
Remember : recover from backup is the most secure way to restore the files after a malware attack.

3.

Third, make sure you've applied / updates to all applications and OS.
For example, to get the latest patches / updates for Microsoft Windows:

1.

Select 'Start' button, then go to 'Setings'.

2.

Select 'Update & Security'

3.

Select 'Windows Update'

4.

Follow the instructions to pick updates to install.

Above are the major ones to keep your computer safe. However, doing all these doesn't guarantee you're completely safe from attack. You should take good care of your PC and data, such as secure handling of password, beware of the safety precautions during web surfing. Surf through this site for more detailed security techniques!

Q.2 How to become a smart web surfer?

1.

Update the latest patch/version for your web browser.

2.

Don't save password into your PC. Else, anyone that are using your PC can logon your account!!

3.

Scan all downloaded files before opening. And, don't download file from doubtful sources.

4.

Don't disclose / submit personal information unnecessarily, such as credit card no., personal identity no., you / your family details etc.

5.

Don't disclose / share Internet account and password to others.

6.

Disable active content options (e.g. Active X, Java, JavaScript ) in the browser in order to prevent from attack, except from a trusted source.

7.

Don't order anything online without first getting permission from your parent or guardian. Order only at reliable websites and with security protection.
(e.g. SSL)

8.

Tell your parents or guardian if you find something online that seems strange to you, or makes you feel angry or uncomfortable. Remember: it's not your fault!

9.

Be wary of people that you meet online. Don't meet your online pal in person unless a parent or guardian is with you, at least for the first time.
Remember : a person can pretend to be anyone or anything and perhaps they are being nice to you because they want something.

10.

Disconnect from Internet when not in use.

Q.3 What risks am I facing in the Internet?

Q.4 Any rules in using computer and accessing the Internet?

Should not use a computer to attack other machines / networks.

Should not download unauthorised copyrighted material e.g. MP3 music, video and software.

Should not copy materials found from the Internet directly to your assignment or treat them as your own research.

Should not create or propagate untrue message through the Internet.

Should not use a computer to steal.

Should not use a computer to harm other people.

Should not use other people's computer resources without .

Should not use or copy software that you have not paid for e.g. pirated software.

Be respectful to others.

Q.5 How to prevent me from being deceived by faked cyber shops or fraudulent emails?

There are some faked cyber shops that pretend to be popular shops, trying to get your credit card or other personal information. Moreover, there are some 'spoofed' emails which are sent in bulk with deceiving or fraudulent message. Some may even invite recipient to click the embedded links to some fraudulent websites, and deceive them to enter personal banking information such as accounts, passwords and credit card information.

1.

Not to follow URL links from un-trusted sources or emails to avoid being re-directed to malicious websites.

2.

The safest way to ensure the website being visited is the one you are looking for is to type the URL manually or follow the bookmarks you've made previously.

3.

Perform online purchase only at reliable websites and with security protection (e.g. SSL).

4.

Be wary when giving off personal or account information. Banks seldom ask for these kind of information through email.

5.

Ensure that your computer is applied with the latest security patches and malware definition file to reduce the chance of being affected by fraudulent websites or emails riding on software vulnerabilities.

Q.6 I sometimes receive emails with alert / malware warnings that asked me to forward it to EVERYBODY I know. Somebody tells me that the message may not be true. What should I do?

Some malicious individuals would send email regarding malware-related warning that is untrue, and spread away to as many people as it could via the Internet. We usually call this kind of email as 'hoax'.

Here are some key indicators of hoax

1.

Request you to forward it to EVERYBODY you know.

2.

Use technical jargons and complex technical descriptions.

You may click here for more information on hoax.

Q.7 Why my PC be infected by malware if I open the email that is...

If I receive an email sent from unknown person, and with file attachment?

YES, maybe. Be careful especially when receiving email from unknown source and with executable attachment, like .exe and .scr. You should always scan all the attachments before opening them.

How about email sent from my friend?

YES, if you are unlucky. There are some malwares that could pretend to be your friend and send an infected email to you (with your friend's email address shown in the sender field).

How about if I preview an infected email without actually open it?

YES, for some type of malware and if your PC is vulnerable to some types of attack.

How about if I receive an e-card?

YES, maybe. Watch out especially for those with attachment. Again, you should always scan all the attachments before opening them.