3 Week 3: Protecting Personal Information Online
Welcome to Week 3, where we focus on a vital skill in today’s digital world: protecting your personal information online. With the internet intertwined in almost every aspect of our lives, ensuring the safety of our personal details becomes increasingly important.
This week, we’ll learn about various security measures and best practices for keeping our information safe. Through a series of vocabulary activities, grammar lessons on giving advice, and interactive scenarios, you’ll become better equipped to navigate the online world securely.
Activities and Resources
Navigating the digital landscape can be both exciting and perilous. On one hand, technology offers incredible convenience and connectivity. On the other, it exposes us to various threats that aim to compromise our personal information. To stay safe, it’s essential to recognize these dangers and understand how to guard against them.
Recognizing Common Threats
Scams and Spam
Many people have experienced a scam or spam email that tries to trick them. These messages often attempt to steal personal information or install malicious software. It’s important to be aware of these threats and know how to stay safe.
Phishing
One common threat is phishing. This happens when someone pretends to be a trusted entity to steal your personal information, like passwords or credit card numbers. For example, you might receive an email that looks like it’s from your bank, asking you to click a link and enter your account details. This is a phishing attempt. Always verify the sender before clicking on any links.
Enhancing Security
Two-Factor Authentication (2FA)
To protect your online accounts, you should use two-factor authentication (2FA). This adds an extra layer of security by requiring a second form of identification, like a code sent to your phone. Even if someone knows your password, they cannot access your account without the second factor.
Good vs. Bad Passwords
A strong password is your first line of defense. A good password is long and includes a mix of letters, numbers, and symbols. For example, “P@ssw0rd!23” is a strong password because it combines different types of characters. Avoid using easily guessable passwords like “password123” or your birthday. On the other hand, a bad password is short and simple, making it easy for hackers to guess. A bad example would be “123456” or “qwerty.” Always opt for complexity to ensure better security.
CAPTCHA and Bots
You might have noticed CAPTCHA tests when logging into websites. CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart.” It’s designed to block automated bots from accessing your accounts by asking you to identify distorted text or images. Bots are software applications that run automated tasks over the internet. While some bots are helpful, others can be harmful and used in scam operations. Recognizing and blocking malicious bots can help protect your personal information.
Protecting Your Data
Cookies and Online Tracking
Cookies are small text files stored on your computer by websites you visit. They serve various purposes, such as keeping track of your sessions, remembering login information and preferences, gathering data for website analytics, and displaying targeted advertisements.
Cookies can enhance your browsing experience by personalizing content and ensuring website functionality, but they also raise privacy concerns as they track and store personal information. This information helps advertisers learn about your interests and target ads to you, making their marketing efforts more effective. It’s important to manage your cookie settings and clear browsing data regularly to maintain your online privacy.
Encryption
Another way to protect your information is through encryption. Encryption converts your data into a code to prevent unauthorized access. For instance, when you shop online, your payment information is encrypted to keep it safe from hackers.
Data Breaches
Beware of data breaches. A data breach happens when sensitive information is accessed without permission. Companies often store personal information, and a breach can expose this data to criminals. Stay informed about breaches and change your passwords regularly to protect yourself.
Biometrics
Biometrics is another layer of security that uses your unique physical characteristics, like fingerprints or facial recognition, to verify your identity. Many smartphones now use biometrics to unlock devices, adding an extra layer of protection.
Maintaining Cybersecurity
Cybersecurity Practices
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks aim to access, change, or destroy sensitive information. Everyone plays a role in cybersecurity by being cautious online and following best practices.
Hacking
Sometimes, you might hear about a hack. A hack is when someone gains unauthorized access to a computer system. This can happen to individuals or large companies. To protect yourself, keep your software updated and avoid downloading files from unknown sources.
Avoiding Scams and Spam
Always be cautious of emails or messages that seem suspicious. They might be part of a scam designed to steal your information. Never share personal details unless you are sure of the recipient’s identity. Avoid spam emails. Spam can clutter your inbox and sometimes contain harmful links. Use email filters to reduce spam and never click on suspicious links.
By understanding these terms and following these tips, you can help protect your personal information online. Stay safe and stay informed!
Practice
Post-Reading Discussion
After reading about online security, discuss:
- What steps do you take to protect your personal information online?
- Why is it important to recognize phishing scams?
- How does two-factor authentication enhance security?
- What should you do if you suspect your computer has a virus?
- What are the benefits of using encryption and biometrics for online security?
Post-Listening Exercise
Reflect on a time you encountered a security warning online. How did you react? Discussing these experiences can help us learn from each other and become more vigilant.
Online Investigation
Research tips on how to create strong passwords, the importance of software updates, and ways to spot phishing attempts. Sharing what you find will help create a community of informed internet users.
Back to Top
3.2 Cybersecurity Scenarios
The Sony Pictures Hack
In November 2014, Sony Pictures was the target of a major cyberattack by a group calling itself the “Guardians of Peace.” The hackers managed to steal and leak a massive amount of data, including private emails, personal information about employees, and even unreleased films. This breach exposed sensitive details and caused significant financial and reputational damage to Sony Pictures.
The attackers used phishing emails that appeared legitimate to trick top executives into revealing their login credentials. With this information, the hackers infiltrated Sony’s network and planted malware to delete data, effectively crippling the company’s digital infrastructure. The breach highlighted the critical need for strong cybersecurity measures, including encryption and two-factor authentication (2FA), to protect sensitive information.
One key takeaway from the Sony hack is the importance of educating employees about scams and phishing attempts. Organizations must ensure their staff can recognize suspicious emails and know how to respond appropriately. Additionally, using biometrics for authentication and employing robust cybersecurity practices can help prevent similar breaches in the future.
Reading Comprehension Questions:
- What group was responsible for the Sony Pictures hack in 2014?
- How did the attackers gain access to Sony’s network?
- What types of data were stolen and leaked during the breach?
- What measures can organizations take to protect against phishing attacks?
- Why is it important for companies to educate their employees about cybersecurity?
The Cambridge Analytica Scandal
In 2018, it was revealed that Cambridge Analytica, a political consulting firm, had harvested the personal data of millions of Facebook users without their consent. This data was used to influence political campaigns, including the 2016 U.S. presidential election and the Brexit referendum.
The scandal began when it was discovered that a personality quiz app on Facebook, developed by researcher Aleksandr Kogan, collected data not only from users who took the quiz but also from their friends. This led to the unauthorized collection of data from up to 87 million Facebook users. The data included personal details, likes, and network information, which Cambridge Analytica then used to create detailed voter profiles for targeted political advertising.
Key Issues:
- Data Harvesting: The quiz app exploited Facebook’s data-sharing policies to collect vast amounts of personal information without users’ knowledge.
- Consent and Privacy: Users were unaware that their data, and that of their friends, was being collected and used for political purposes.
- Impact on Democracy: The misuse of personal data for political campaigns raised significant concerns about the integrity of democratic processes.
Measures to Protect Personal Information:
- Stricter Data Policies: Platforms like Facebook have since tightened their data-sharing policies to prevent similar breaches.
- User Awareness: Users need to be aware of what data they share and with whom, regularly review privacy settings, and understand the implications of third-party apps.
- Regulatory Oversight: Governments and regulatory bodies must enforce stricter data protection laws to safeguard personal information.
Reading Comprehension Questions:
- What was the primary method Cambridge Analytica used to collect data from Facebook users?
- How many users were potentially affected by the data harvesting?
- What were the political applications of the data collected by Cambridge Analytica?
- What changes did Facebook implement after the scandal to protect user data?
- Why is user consent crucial in the context of data privacy?
The Equifax Data Breach
The Equifax data breach of 2017 is one of the largest and most significant cases of identity theft, highlighting the vulnerabilities in data security and the severe consequences of inadequate protection measures.
In September 2017, Equifax, one of the largest credit reporting agencies in the United States, announced that it had experienced a massive data breach. This breach exposed the personal information of approximately 147 million people, including names, Social Security numbers, birth dates, addresses, and in some cases, driver’s license numbers and credit card information.
Key Issues:
- Vulnerability Exploitation: Hackers exploited a vulnerability in a web application tool called Apache Struts, which Equifax failed to patch in a timely manner, allowing unauthorized access to sensitive data.
- Scope of the Breach: The sheer volume of compromised data made this breach particularly alarming, affecting nearly half of the U.S. population.
- Impact on Individuals: Victims of the breach faced the risk of identity theft, where their personal information could be used for fraudulent activities such as opening new credit accounts, applying for loans, or filing false tax returns.
- Equifax’s Response: Equifax’s delayed response in notifying affected individuals and providing inadequate support further exacerbated the situation, leading to significant public outcry and legal consequences.
Measures to Prevent Identity Theft:
- Regular Updates and Patches: Ensure all software and applications are up-to-date with the latest security patches to close any vulnerabilities.
- Robust Authentication Methods: Use multi-factor authentication (MFA) to add an extra layer of security for accessing sensitive information.
- Credit Monitoring Services: Individuals can use credit monitoring services to receive alerts for any suspicious activities involving their credit.
- Freezing Credit: Placing a credit freeze can prevent new accounts from being opened in your name without your consent.
- Educating Users: Raising awareness about phishing scams and encouraging safe online practices can help individuals protect their personal information.
Reading Comprehension Questions:
- What was the main vulnerability that hackers exploited in the Equifax data breach?
- How many people’s information was compromised in the Equifax breach?
- What types of personal information were exposed in the breach?
- How did Equifax’s response to the breach affect public perception and legal outcomes?
- What are some steps individuals can take to protect themselves from identity theft?
Back to Top
3.3 Grammar Lesson: Modal Verbs for Giving Advice
Overview
This week, we will focus on using modal verbs to give advice. Modal verbs are auxiliary verbs that express necessity, possibility, permission, or ability. When giving advice, the most commonly used modal verbs are “should,” “must,” and “ought to.”
Key Concepts
- Should – This is used to give suggestions or advice.
- Example: You should use strong passwords to protect your accounts.
- Must – This is stronger than “should” and indicates a requirement or obligation.
- Example: You must enable two-factor authentication (2FA) to secure your email.
- Ought to – This is similar to “should” and is used to give advice, but it is less common in American English.
- Example: You ought to be cautious about sharing personal information online.
How to Use Modal Verbs for Giving Advice
- Should is often used to give friendly advice or suggestions.
- Example: You should check the URL before entering your login details to avoid phishing scams.
- Must indicates a stronger level of necessity or obligation.
- Example: You must report any suspicious activity on your account immediately.
- Ought to is less commonly used but still correct and often interchangeable with “should.”
- Example: You ought to update your software regularly to protect against security vulnerabilities.
Practice
Read the following sentences and decide whether “should,” “must,” or “ought to” is the most appropriate modal verb to use:
- You ___ always log out of your accounts when using public computers.
- To protect your data, you ___ never share your passwords with anyone.
- You ___ consider using a password manager to keep your passwords secure.
Answers:
- should/ought to
- must
- should/ought to
Activity
Now, practice writing sentences using modal verbs to give advice on online security. Use at least one sentence with “should,” “must,” and “ought to.”
Example:
- You should enable 2FA for added security.
- You must create strong, unique passwords for each of your accounts.
- You ought to be aware of the latest cybersecurity threats to stay protected.
Back to Top
3.4 Grammar Lesson: Modal Verbs for Possibility and Hypothetical Situations
Overview
In this lesson, we will focus on using the modal verbs “could” and “would.” These verbs are commonly used to discuss possibilities, hypothetical situations, and polite requests or offers.
Key Concepts
- Could – This is used to express possibility or ability in the past, present, or future.
- Example: You could use a password manager to keep your passwords secure.
- Would – This is used to talk about hypothetical situations and to make polite offers or requests.
- Example: I would recommend using two-factor authentication for better security.
How to Use “Could”
- Possibility:
- Example: You could become a victim of identity theft if you share your personal information online.
- Past Ability:
- Example: When I was younger, I could easily remember all my passwords.
- Polite Requests or Offers:
- Example: Could you help me set up my two-factor authentication?
How to Use “Would”
- Hypothetical Situations:
- Example: If I had more time, I would update all my passwords regularly.
- Polite Offers or Requests:
- Example: Would you like some help with your computer security settings?
Practice
Read the following sentences and decide whether “could” or “would” is the most appropriate modal verb to use:
- If I knew more about cybersecurity, I ___ create stronger passwords.
- You ___ avoid using the same password for multiple accounts to enhance security.
- ___ you like to learn more about protecting your personal information online?
- If you learn more about cybersecurity, you ______ help prevent data breaches at work.
Answers:
- would
- should
- Would
- could
Activity
Now, practice writing sentences using “could” and “would” to discuss possibilities and hypothetical situations related to online security.
Example:
- You could improve your online security by using complex passwords.
- If I were you, I would avoid clicking on suspicious links.
Back to Top
3.5 Writing Lesson: Crafting a Persuasive Paragraph on Online Safety
Objective: Learn to write a persuasive paragraph emphasizing the importance of online safety, using modal verbs for giving advice (should, must, ought to) and vocabulary related to online security.
Introduction: Persuasive writing aims to convince the reader to accept a particular viewpoint or take a specific action. In this lesson, students will write a persuasive paragraph on the topic of online safety, incorporating the use of modal verbs and relevant security vocabulary.
Key Concepts:
- Persuasive Writing: Writing that aims to persuade the reader to accept a particular point of view or to take a specific action.
- Modal Verbs: Words that express necessity or possibility (should, must, ought to). These are useful in giving advice or recommendations.
- Vocabulary: Incorporate security-related terms such as phishing, encryption, data breach, CAPTCHA, biometrics, cybersecurity, spam, scam, 2FA, hack, bot, and cookies.
Steps:
- Understand the Topic:
- Discuss the importance of online safety and the risks involved if one is not cautious.
- Highlight real-world examples where online safety measures could have prevented data breaches or identity theft.
- Use Modal Verbs:
- Explain how modal verbs can be used to offer advice or emphasize the necessity of certain actions.
- Examples:
- “You should always use strong passwords.”
- “Users must enable two-factor authentication to secure their accounts.”
- “We ought to be aware of phishing scams and how to avoid them.”
- Introduce Relevant Vocabulary:
- Introduce and explain the security-related terms listed above.
- Use each term in a sentence to show how it can be applied within the context of online safety.
Activity: Write a persuasive paragraph on why online safety is crucial and what steps individuals should take to protect their personal information. Use at least three modal verbs and five security-related vocabulary words.
Example Paragraph: In today’s digital age, protecting our personal information online is more important than ever. To ensure our safety, we must adopt several key practices. First, individuals should create strong, unique passwords for each account to prevent unauthorized access. Additionally, enabling two-factor authentication (2FA) adds an extra layer of security, making it harder for hackers to breach accounts. It’s also essential to recognize and avoid phishing scams by checking the sender’s email address and looking for suspicious links. Using encryption tools to secure sensitive data can protect us from potential data breaches. Lastly, we ought to be cautious about the information we share online, as cookies can track our browsing habits and help advertisers target us more effectively. By following these steps, we can significantly reduce the risk of falling victim to online scams and maintain our digital security.
Instructions:
- Brainstorming:
- Think about the importance of online safety.
- Identify specific actions individuals can take to protect themselves online.
- Drafting:
- Write a topic sentence that clearly states your position on the importance of online safety.
- Use modal verbs to give advice on actions individuals should take.
- Incorporate security-related vocabulary to enhance your argument.
- Conclude with a sentence that reinforces the need for vigilance in protecting personal information online.
- Review and Edit:
- Check for the correct use of modal verbs and security-related vocabulary.
- Ensure the paragraph is persuasive and flows logically.
- Proofread for spelling, grammar, and punctuation errors.
- Submission:
- Write your paragraph in your “Digital Literacy Journal” Google Doc.
- Share your document with your teacher’s email (provided in Canvas) by the end of the week.
Back to Top
3.6 Google Slideshow Project
This week, you’ll continue to develop your Google Slides presentation that reflects on the role of technology in your personal life. Building on the previous slides, your next task is to explore how technology helps in protecting your personal information online.
Focus of This Week’s Slide:
Your task for this week is to create a slide that details the technologies you use to keep your personal information safe. This might include using strong passwords, enabling two-factor authentication, or recognizing phishing emails.
Instructions:
- Select the Technologies:
- Choose the security technologies you regularly use to protect your personal information.
- Think about the pros and cons of these technologies and how they have impacted your sense of security.
- Create Your Slide:
- Begin with a compelling title that reflects the theme of the slide, such as “Keeping My Information Safe Online.”
- List the technologies you use, and provide a short description of each, noting why it is effective for your needs.
- Visual Enhancement:
- Use visuals like icons or photos that represent each technology.
- Ensure all visuals are relevant and add value to the information presented.
- Review and Feedback:
- Proofread your slide for clarity and grammatical accuracy.
- Share your slide with a peer for feedback to refine your presentation.
Example Slide Content:
- Title: Keeping My Information Safe Online
- Content:
- Strong Passwords: I use strong, unique passwords for each of my accounts to ensure they are hard to guess. This helps protect my accounts from being hacked.
- Two-Factor Authentication (2FA): I enable 2FA on my important accounts, adding an extra layer of security by requiring a second form of verification.
- Recognizing Phishing Emails: I am cautious with emails, looking for signs of phishing like suspicious links or requests for personal information.
Visuals: Screenshots of a strong password generator, a 2FA prompt on a login screen, and a phishing email example.
Reflection: These tools have made it easier to protect my personal information, giving me peace of mind while using the internet.
Back to Top
