The Ultimate Guide to Personal Cyber Security 2020 | Alexander Oni | Skillshare

The Ultimate Guide to Personal Cyber Security 2020

Alexander Oni, Web Developer & Cyber Security Expert

The Ultimate Guide to Personal Cyber Security 2020

Alexander Oni, Web Developer & Cyber Security Expert

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
33 Lessons (3h 9m)
    • 1. Personal Cyber Security Intro

    • 2. Introduction

    • 3. Connect with Me Cyber Platforms

    • 4. Personal Cyber Security What I do

    • 5. HTTP and HTTPS

    • 6. Understanding Web Cookies

    • 7. Browser Security Mozilla Firefox

    • 8. Browser Security Brave Browser

    • 9. VPNs

    • 10. Creating new accounts and logging in

    • 11. Sextortion

    • 12. Internet Privacy Tools

    • 13. Securing the Home Router

    • 14. Malware

    • 15. Personal Password Management

    • 16. Password Managers

    • 17. 2 Factor Authentication

    • 18. Backups

    • 19. Personal Disaster Recovery Plan

    • 20. Have I been Pwned

    • 21. Facebook Security

    • 22. Securing your Twitter Account

    • 23. LinkedIn Security

    • 24. Social Media Ethics

    • 25. Phishing

    • 26. Email Data Management

    • 27. Mobile Intro

    • 28. How to Identify Legit Apps

    • 29. Checking Default Android App Permissions

    • 30. How to Check for App Permissions IOS

    • 31. Understanding App Permissions

    • 32. You have Been Hacked

    • 33. Conclusion

  • --
  • Beginner level
  • Intermediate level
  • Advanced level
  • All levels
  • Beg/Int level
  • Int/Adv level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.





About This Class

The internet is a nasty place. Everywhere you go, there are hackers and malware just waiting for the right opportunity to steal your important information and corrupt your computer files. It's not just cyber criminals coming after you though, we have also got companies and advertisers invading your privacy and tracking your every move on the internet. As such there has never been a more important time for you to start taking your personal security online seriously.

In this course you are going to learn how to:

  • Create and manage the strongest types of passwords

  • Stay safe while using the internet

  • Ensure your privacy so advertisers cannot track you

  • Secure your social media accounts including Facebook and LinkedIn

  • and much much more

I will also show you real life examples of different types of hacking attacks and how best to tackle them.

There is also a special bonus section dedicated exclusively to mobile cybersecurity.

This course is perfect for students and individuals with no background in IT or cyber security.

Meet Your Teacher

Teacher Profile Image

Alexander Oni

Web Developer & Cyber Security Expert


My passion is teaching people through online courses in a fun and entertaining manner.  I have been teaching online for about 3 years now and during this period, I have created over 25 different courses on different platforms including my own personal platform - The Web Monkey Academy.

What would you like to learn?

Would you like to learn how to build and manage your WordPress website? Would you like to learn advanced skills that will make you a true WordPress developer? Would you like to learn how you can establish a successful career as a web developer? Would you like to learn the basics of information and cyber security?

 If you want to do any of these things, just enroll in the course. I'm always improving my courses so that they stay up to dat... See full profile

Related Skills

Technology IT Security

Class Ratings

Expectations Met?
  • Exceeded!
  • Yes
  • Somewhat
  • Not really
Reviews Archive

In October 2018, we updated our review system to improve the way we collect feedback. Below are the reviews written before that update.

Your creative journey starts here.

  • Unlimited access to every class
  • Supportive online creative community
  • Learn offline with Skillshare’s app

Why Join Skillshare?

Take award-winning Skillshare Original Classes

Each class has short lessons, hands-on projects

Your membership supports Skillshare teachers

Learn From Anywhere

Take classes on the go with the Skillshare app. Stream or download to watch on the plane, the subway, or wherever you learn best.



1. Personal Cyber Security Intro: the Internet can be a very scary place. Everywhere you go, you've got hackers, cyber criminals and mall way, all looking to either co opt your competent, your files or just till your data. But it's not just about the hackers or the mall way. You've also got thought parties like companies and advertisers, invading your privacy and tracking your every move online just so they can gather as much information as they can about you. Hi, my name is Alex, and I'd like to welcome you to this course, the Absolute Beginner's Guide to personal Cybersecurity. Now this is a course I have designed specifically to help individuals like you protect your computer, but that your files against hackers and malware but also to ensure your privacy whenever you use the Internet. So coming up in this cause, I'm gonna introduce you to a wide variety of strategies and tools that you can adopt to protect yourself from hackers and malware, but also to ensure your privacy. When using the Internet, we'll be talking about how you can create and manage the strongest passwords employed. Effective medications prevent phishing attacks and also how you can secure your social media accounts. There is also a special bonus section of L B talking about mobile cybersecurity. So if you're ready to take your online security seriously and prevent yourself and fallen victim to either a hacker or mall way, then you need to involve in this course. This course is perfect for individuals who have no background in 80 whatsoever. So if you've ever felt like cybersecurity, is a very complex topic which you might not be able to understand, Don't worry, explained everything in this course in the simplest possible none out. My name is Alex once again, and I sincerely hope that you were involved in this course and learn how you can stay safe and protect yourself from hackers and malware. I hope this young inside. 2. Introduction: Well, hello and welcome to the course officially and from the bottom of my heart. Thank you for involving and thank you for taking your own personal security. Seriously, you're definitely better off than most people who don't take their security seriously. They have this misconception that no one's going to hack them, the ones going to target them conveniently forgetting that mall way and hackers do not discriminate. So what I want to do in this video, this introductory videos just to give you a few pointers on what to expect from this course . But before we do that, let me say something here, okay? Becoming security conscious on the Internet or in general isn't just a task. It's not an exercise. It's more off a habit or a lifestyle. So if this is the first time you actually taking your personal security seriously and you want to learn new methods, new strategies, it might take a little bit of some inconvenience for you to stats, which in some of the tools you've been using before two new tools and adopting these kinds of news challenges. But it's kind of like going to the gym at the very first time you want to go to the gym. U Boat is like, No, I don't want to go. I had so hard and I want to go. But then when you go the first time, he got the second time the third time, the fourth time it starts to become a little bit easier because your body is now. It's adapting, basically to you go into the gym. So it's kind of like with security become a security conscious. All right, if you've been using Google Coombe as your brother for the longest time asking you to now switch of what? Using a new type of browser could be a little bit daunting because, you know it is so used to using this particular kind of software you don't want to change. But for the sake of your security, for the sake of your personal security, you would have to make some changes. So I just wanted to give you this motivation that it might not be easy at first. But once you force yourself and once you start getting used to using these new kinds of tools, it will become second nature to you eventually. So throughout this course I'm gonna walking you through Some of the best strategies that you can adopt to protecting yourself Online will also be talking a lot about different kinds of software software for ensuring your privacy online softer to protect your email accounts, VP ends and so much more. So there's gonna be quite a lot of topics dedicated to using different kinds of tools and softer to protecting yourself from hackers and Molly. There's also going to be a special bonus section where I'll talk about briefly how you can protect your mobile phone. Typically, when people talk about cyber security or personal security, they very often think about their personal computers email accounts. But I never really think about the mobile device, which is extremely important because we spend a lot of time own our mobile devices. So there's also gonna be a few PdF documents have attached. One would be a security check list. Another one will be like a summary off, all off the most important point, this cost throughout this course. And then as time goes on, if there are new developments in the cybersecurity world, I'll be short hope they discourse with new content. New video lessons, new articles. And if you have any questions about anything with discourse in this course, please feel free to reach out to me and let me know what your questions are. I am very, very happy to answer all your questions. So with that being said, thank you so much, once again for enrolling and now let's get started. 3. Connect with Me Cyber Platforms: so welcome to this very special video. And yes, I know that I do look very different from some of the other videos that you may see in this course. But that's because this coast was made a couple of years ago. And, as you can imagine, with cybersecurity there a new technical just coming out every time and in an effort to keep the course updated and ensure that you get in the best information, I do have to go on updates. Now this particular video isn't about an actual lesson in the course. It's more about ways how you can connect with me outside off the platform where you may be taking this course in. So essentially, I would like to invite you to connect with me outside off the educational platform. And if you're on LinkedIn, I do have a London account. My name is Alexander Bony. That's me right there. You can send me a connection requests, and please just mention that you are a student of mine and I'll happily accept your connection. I also have a page on it linked in a brand new page. It's called Lab Cyber. That's actually the name off my cybersecurity Educational platform lab cyber. That's the logo right there. So I do have a page on lengthen out, encouraged to please follow the page on later. Because I do update and provide lots off news regarding cybersecurity in general. So if you go to send me connection request only, then please also follow the page lab Seiple on Lincoln as well. I do have my page on Facebook, Lap cyber as well. So if you do have a account on Facebook, it's actually ah, love cyber training. But you can just sit for lab cyber on the sidebar. Andi, I believe you will find the link for you to follow now. Very, very important. If you do have a page, I'm sorry. An account on Facebook. I would encourage you to join the group. I do have a very special are private group. It's called the Cyber Monks. So I would encourage you to follow or join a group at least that where you can reach out to me a lot faster, a lot easier. Plus, you can also learn from other students who are in the group as also anything cybersecurity relate head are we discuss it in that group. Now, when you try to join, you will be acts. Two questions first is you'll be execute from that you have purchased one of my courses or that you enrolled in anyone. One, of course, is say yes. And then, please, the second question you'll be asked. Okay. Name one of the courses. Please ensure that you answer these two questions. If you don't, there is a possibility that I might not let you into the group. This is just to ensure that you are who you claim to be, because I don't people from outside who haven't and all that any of my courses to join the group. So it's not the most effective way, but at least it does help in in a certain way. So please do ensure that you answer those questions. And finally, I do have a brand new YouTube channel. It's called Lab Cyber Brand new. I just publish this channel about two days ago, so they consider. Right now it's still new. Only have three videos, but by the time you watch in this particular video, I might already have probably will have already are some other videos in there is also, if you if you want to learn more about cybersecurity because there's just so much so much happening in seven security, it's hard for me to make a course out of it. So I have referred making videos on YouTube and just to explain to you what's going on and things like that. So if you're interested, it will help encourage you to subscribe to the channel and also hit the bell S O that you notified whenever I upload a new video. So that's basically it's you can connect with me on LinkedIn, Facebook and YouTube. So that's a thank you so much. Now let's continue with the vest off the course. 4. Personal Cyber Security What I do: Alright, so welcome to this very special video where I would like to talk to you on a very personal level. This course is all about personal cybersecurity. And I want to show you the things that I do personally to protect myself, protect my data from malware and hackers. Now this is not the complete guide on how alex protects himself. These are the major points and throughout this course, we're going to talk about all these things in more depth. But what I wanna do here is to give you a quick summary because I feel that condensed and all of these tools and applications into one single video would also be very, very effective. Alright, so let's start off first of all with emails. Emails play a very, very important part in our daily lives. And when it comes to email accounts, I have three email accounts. I have my work email that I use for everything work related. I have an account with Google Gmail account that I would use with my friends, family. If I need to send up on websites where I visit quite often and I really do care about that website. I would use my Gmail account, right? But then I also have my Yahoo account that I used for experiments. If I need to send up to a website just to see what's going on in there as an experiment, I will use Yahoo. I would also use my Yahoo account because sometimes you may want to read an article on the internet on a particular website. And that website will require that you actually log in, that you actually have an account. For those kinds of websites I would use Yahoo for search. So it's kinda like my guinea pig can have email account is an account I really don't care that much about and yeah, that's what I use Yahoo for. So that's it. I do have three email accounts, work email, Gmail, and of course, Yahoo mail. Speaking of emails, fishing, very, very important. Phishing emails are becoming more and more sophisticated if you didn't want efficient email is don't worry. We'll talk about them later on in this course. But please be very, very wary about phishing emails when you receive an email from Microsoft, from PayPal, from stripe, from Facebook, from whatever claim in the, oh, they've detected suspicious activity in your account. You need to login, blah, blah, blah, stuff like that. Do not fall, fall. It always keep in mind that hackers who is phishing emails will always try to scare you when you receive an email. That's very, very scary. Thing twice is this legit or not. If you're not entirely sure whether it's efficient email or if it's actually real. Do not login directly form the email. Go to the website, like for example, with PayPal goal to and then login there. Don't login from the link provided in the email. Please. Be very, very wary of phishing. Emails are becoming more dangerous, more advanced. Be very, very wary, okay? When it comes to using the Internet, I used the Brave browser. I use Chrome it on a walk with my Gmail account or YouTube because it's easy use up once and then. You have access to your YouTube account and of course your Gmail account. So I would use Gmail for YouTube and for my Gmail. Everything else are Internet-related. I used a bric Brazil talk about grave in more details later on in this course. And then of course, also use a VPN service. I use Nord VP and I think in my humble opinion that the best VPN provider in the world does just known opinion. Now I don't use a VPN all the time and I'm at home right now. I'm not gonna use a VPN. I don't need to. However, if I'm in a coffee shop, I'm at the airport while I'm using any kind of public Wi-Fi out there, I will use my ignored VPN. I've got not VPN, not just on a computer, but also on my mobile device as well. The only instance where I would use not VPN at home is if I'm trying to watch Netflix, I wanna get content from another country, then I would use my not VPN service will talk about not VPN a bit later in the course. Now, at this point, let me just quickly mentioned one thing about personal cybersecurity. Becoming cybersecurity conscious is a way of life. It's a process. Okay? The very first time you use a VPN, it may seem kind of awkward. You know, we're so used to just jumping on the Internet immediately, right? But now before you can use the internet, you have to launch a VPN to connect. And then you can use the internet when it seems like a step before actually using the internet. It might seem Suez the first time, the second time, the third time. But I guarantee you that if you begin doing this things using the Brave browser, using a VPN, all those kinds of things. When you begin to do this on a consistent basis, it will become part of your life. It will become like a force of habit. You won't even have to think many times when I go to the coefficient right now or the airport, without thinking, I'm launching my VPN. It's part of me right now at this point. That's exactly how personal cybersecurity is. It becomes your way of life to become it. You don't even have to think about it anymore, you just do this thing, so please keep it consistent the first few weeks. Tough, you know, you because he hadn't all distances are not used to, please, if you're really concerned, if you really care about your personal cybersecurity, do this Denzin in time. It'll become second nature to you. Okay, let's move on. Next year is two-factor authentication methods. Whether it's my bank account, my Facebook account, my Gmail account, whatever. I always deploying two-factor authentication whenever possible. There's generally two ways of Dennis. You can either get your SMS text on your phone, which is the second factor. It's not the most is not the best way to do so the better way would be to use an authentication application on your phone. So for a very, very important websites, your bank account, your social media accounts, your MLA counts it as impossibility to send up for two-factor authentication, please do so. Okay, you're much better off it a two-factor authentication than just a single factor authentication. It's not enough to have a username and password. Try to incorporate it. Two-factor authentication whenever possible, wave important, we'll talk about this a bit more in the course later. Now, flash drives, OK. You can see my laptop, but it's right here. I never never never ever plug-in someone else's hard drive or flash drive on my computer. I don't care where their flash drive is from. I don't care if you do a scan for viruses only yesterday or only an hour ago? I never plug-in any external hard drives or fast drives on my computer, except those that are mine. Okay. Please try to do the same thing as well. Do not plug in anyone else's hard drive or flash drive or USB drive, whatever. If you must. Of course please do scan them thoroughly before you open up the contents of the hard drive on your computer are very, very important. Let's close that. Back-ups. Backups are essential. If you're somebody who deals with lots of content and the content is very important to you. Please make backups. Now how do I have my own backups? As you're well aware, I'm at Costco, I quit lots of video content. I store my videos with Vimeo. I'm not saying that at best, but they did do the job quite well. So I store all my video content in Vimeo. I have an account with Google Drive or I store things like documents, PDF files, also some videos and some audio files as well. But in addition to that, I also have my passport Hodge wife. This is the hardware that contains all my most important documents right here. So even if by some miracle I lose access to my Google Drive account, my Vimeo account. I have everything in here. This is actually four terabytes harddrive. And the best thing about this particular hydrogen, it's my passport hard drive. And the best thing about it is that all the data in here is encrypted before I can actually view the contents of this a 100 and after provide a password, which of course I have said to myself. So even if this gets stolen, there will not be able to access my hard drive unless they can provide the password that I used to encrypt the contents of my heart trips. I'll encourage you to also get yourself an external hard drive and store your most important content in the, You never know what can happen. Your corporate IT could crush one day, you could lose your data. Please have backups, backup. So like insurance, very, very, very, very vital, very important. Ok, let's close that one. Mobile applications. Yeah, I use a Samsung Android mobile phone. If you're watching this, you're probably use headed as well. You might be using iOS, which is perfectly fine as well. However, you want to be very, very careful about the applications installed on your phone. If there were any application that you don't use or you use very sparingly, delete them. The less applications you have, own your phone, the better do the assignment right now, go through your phone. There are any applications, applications you haven't used in the last three months, delete them. You're probably not going to use them anytime soon. Delete them if you ever need to use them again, you can always install them. Package would take more than five years to install an application from the App Store or the iOS store anyways, okay, so please get rid of mobile applications that you're not using on your phone, setting up for notifications. I don't care what it is for your bank account, your personal website, whatever. If you have the opportunity to serve fortifications so that the application on that website or that particular app, we'll send you in education when something major happens, like maybe somebody withdrew money or somebody access to absorb it, the admin accountants like that sign up for the notifications that are very, very important. It might seem kind of stressful receiving emails with all the simplifications. But please, prevention is better than cure. When you are aware of what's actually happening on your website with your bank account, with your PayPal account, with your social media accounts, it's much better than you not actually knowing what's going on before it's too late. So please sign up for notifications whenever you can with my bank. And I count in particular, I have notifications for everything. If somebody sends me money, if I withdraw money, whatever, i must always receive identification. So I know. Okay. It's actually me who did that. I approve of the transaction. So please Center for notifications whenever you can. Now reach wallet. You may know this particular wallet. Let me show you. It's the weed wallet and then if you can't see that is to read wallet and this is actually it white here. I've been using this for about six months now. And I was actually introduced his wallet from some of my favorite is apparently which they support many of my favorite YouTube content creators as well. So I got myself retool it. And what I love about the withdrawal it is the fact that it can protect your debit cards or credit cards from being scanned. And let me give you a very, very, very quick story of what happened to me back in Brazil last year, in the year 2019, I got to Rio de Janeiro for the very first time. I used my debit card in the ATM. One of the ATMs in the airport were just some money, went to my hotel. A few days later. It turns out that somebody somehow had actually gotten all the details of my debit card, despite the fact that I never use my card again after withdraw money from the atm, how do I able to get the credentials of identical, you know, the number, the the pin, everything. How do I able to do so was because they had a scanner so many airports or whatever and they were able to get all the information from my cod. Thankfully, my bank was able to detect I'm trying to buy drinks at a nightclub. And because the bank knew that Alexander normally spend his money on drinks at the nightclub. They're bloated transaction and I was notified. So MS. Since that happened, I said using the medulla to protect my card from scanners. I'm not in a fluid for them. I'm not trying to advertise them, but it works for me and it may work for you as well. So if able to get yourself on any kind of cod, it doesn't have to be the woodward specifically, but any kind of wallets that can protect your debt because I've been scanned, please go for them. Very, very, very, very, very, very good thing to have for you. All right. Let me close this one. Well, I will almost at the end, next year is keeping your personal information secure. Now, this has to do with you providing your name, your phone number at events. So at certain places, it happens a lot. You may go to some sort of event where maybe it's for charity or maybe it's a kid's party or whatever. And they say, oh, you know, we need your phone number, your name, so we can send you some style blah, blah. Please stop evading your real name and stop providing your phone number for such things like that. Unless it is absolutely important that you use your real name, annual phone number. Don't provide them with a fake name, provided with a fake phone number. Why do they need your phone number? It's all bogus. Don't provide them at your wheel for number. Don't provide them a trivial name. Try to keep your personal information secure as much as possible. Only give out your social security number, your debit card number, your name, your phone number, or things like that. Only do so when you absolutely, absolutely have to do so and you trust whoever you are given the information to other that keep your personal information secure at all times. Last but not least, ethics and social media. I'm gonna talk about this a lot more in the course, but very, very briefly when it comes to you show in your opinion on setting issues, but it's politics, religion, abortion, things like that, on social media. Be very careful. In fact, I will suggest that you keep your opinions to yourself. You're more than welcome to share your opinions with your family and friends all over the dinner table. You can have one-on-one conversations with them, that's perfectly fine. But when you spend your time arguing with strangers on the internet about whether or not Donald Trump is the worst president or whether or not abortion should be legal or whatever. I guarantee you that you're wasting your time. You're never going to convince the other person that you're right and they're wrong. And guess what, they too will not be able to convince you that they're right and that you along, you're just wasting time. Second is the fact that when you spend your time on social media voicing your opinion on VEVO important matters. You live in yourself a digital footprint that can be used against you later on in life. You never know. Maybe you might be somebody who runs for office at some point in your future. You never know all this things you put on Twitter. On Facebook. They can come back to haunt you. Because number three, you might actually end up changing your opinion on some of the things you believe in right now. It happened to me a few years ago. There are some nice to believe in a very, very strongly until actually changed their opinion and realize that, oh wow, I've been wrong all along. I don't need to tell you what it is, but it happened to me. It could also happen to you as well. So please, when it comes to you, voice your opinion on very, very, very important sensitive subjects. Think twice about posting them online. In a perfect world, we, as human beings, we should be able to have rational debates about different kinds of topics, okay? This is my opinion. That's your opinion. And then we can agree to disagree. We can have healthy conversations. Unfortunately, we don't live in such a world. We live in a world where just because you have a different political opinion to someone else, you might get have asked, you might even get fiat from your place of work. It happens all the time, all the time. So please, before you comment or you share a post on a very, very sensitive subject on the internet and social media in particular. Think twice, what am I gained from this? What am I going to gain from this thing twice? So that's it for my own personal stuff that I take to protect myself and my data, my debit card, everything on the internet. So that's it. I hope you enjoyed the video. Let us now continue with the rest of the course. 5. HTTP and HTTPS: Let's talk about http and age. T. T. P. S a very simple yet a very important topic when it comes to Web security. Now, to expand its two concepts, I'm gonna use two different websites amazon dot com, which you're looking at right now and then a website for a cinema in Chiang Mai, Thailand. Now, you may be wondering Wait a minute. Why this particular website? Well, I used to live in Thailand for several months in Chiang Mai, which is in the north, and I love movies. Okay, I love going to the cinema. It's one of my favorite hobbies. So I just had to use this website to reserve my seat and then I'll go to the cinema and then pay for the seat by day. I never made any purchases directly on the set, and I'll explain to you why in just a second, But going back to http https what exactly are these? Http stands for the hypertext transfer protocol. Not gonna bow your head with all the technical details, but basically what it does is that to a certain extent, it determines how content is displayed on a website. It can also determine how content is transferred from you. If it's critical information your log information. How is transferred between off transferred from you to the Web server? So, http s is this secured version off? Http. Basically, it's tensile hypertext transfer protocol secure. How exactly is it secure? What does that mean? But it means is that whatever data you typing or you provided to the Web server with eight DPS, that data will be encrypted. So say, for example, right now, you are trying to make a purchase on amazon dot com. Amazon has aged PS. Once I put in my credit card details and I click purchase and the transaction is completed . If a hacker somehow was able to intercept my credit card details, that data would be encrypted. He or she would not be able to read my credit card details because it would be encrypted thanks to H. T. T. P s. This is exactly why whenever you're trying to Critton account on a new website or you're trying to make a credit card details or if they're going to provide any kind of sensitive information, you want to make sure that site is warning H T T P s. Now How can you tell when they said, Actually has just HDP or it's one in https. Let's look at Amazon. Amazon dot com right now has https. Why? Well, your browser will typically tell you any right now, but you can see there's a padlock. This will depend on the brother using, by the way brothers will display this kind of information in different ways. I'm using Come here as an example. So right now, if I click on that padlock, it say's connection is secure. Your information, for example, passwords or credit card numbers is private when it is sent to the site. This means it has https. But on the other hand, if I rent the same plex like their, Comey's telling me immediately that, hey, it's not secure. And if I click on the image important it saves. Your connection to this site is not secure. You should not enter any sensitive information on this side, for example, passwords or credit card details. This is exactly why I never made purchases directly on this site. Now, if I had to make purchases, let's say, for example, they didn't allow me to serve sits. I have to pay for the sits. What I could do is true on something known as a V p n. We'll talk about VPN a bit later, but basically the VPN VPN will help secure or encrypt your are critical information. But that's another topic for another lesson about Pippen's later. But ideally, you should not be making any kinds of purchases on sites like this. Onley make your purchases onsides win https like amazon dot com. So that's it for 80 p and h T. T. P s very simple, but very, very important topic. Thank you for watching. We'll see in the next class. 6. Understanding Web Cookies: Ah, yes, Let's talk about everyone's most delicious topic cookies. And no, we're not talking about the cancer cookies they eat. We're talking about Web cookies, and I'm pretty sure you've heard of them before. But what exactly are these cookies? Well, they're pieces of text. Start by a Web server on your hard disk. These text files are stored on your browser, actually, but then it saved on your hard disk. Now they basically allow a website to store information on your computer and then later, which we've that information. What kind of information? Well, basically, the purpose is to identify who you are. Check for your past activity on that website and then use your records to provide you with the most relevant information the next time you visit that site. In other words, cookies are like tags used by a Web service to identify who you are whenever you visit their website family instructional explanation on how cookies actually work. Let's say, for example, you visited a site known as kayak dot com. Now, kayak is of a very popular of upside for searching for flights, hotels and so on. Basically, the Web server for kayak dot com is gonna look at you and say, Huh? This is the first time you're visting kayak dot com. Well, in that case, I'm gonna go ahead now and stall these cookie in your Web browser. That's basically what the Web server for Captain Home is going to do now. Let's say, on kayak, you started to search for things like nonstop flights. But then you're looking for flight tickets with the dollar price in, for example, And let's say you change the default language from French to English or something like that . Basically, that cookie is going to store your preferences. It's basically going to stall all these settings that you've made on that site and then, basically the next time you visit the site Com The Observer for CAC is gonna look at you and say, Let's see. Dwight can identify years this year. Second time, visit this site or the third time. Let me see if I've got a cookie stored on your Web browser. Natural Web browser is basically going to provide kayak. Go comes up server with the cookie that was stored the first time you visited the site. So now character comes, observe it has identified you and then it knows that. Okay, Your preferred currency is in U. S. Dollars. You want English language and you're also searching for non stop flights. So basically, now Haggard, Ofcom's observer has identified who you are based on Kukrit stored on your forced visit. Now going back to our presentation, you should know that there are different kinds of cookies that can stall different types off data. As an example, we've got this cooking known as a session cookie. These can stole your shopping cart on an e commerce site have ever notice Whenever you go to any commerce site, you added some items to your cart and then maybe you didn't check out you closed your broza and then after a few hours, you open that brawls over again. You went to the same site, and then you logged in. And then you discover that wait a minute, your items are still in your shopping cart. That's because off a session cookie session cookie recorded all the items you placed in your cart. And then when you visited the site again, decision cookie, Simply remember that O is the same person. These were the items they had in their kat. Another kind of cookie is the persistent cookie, which can stop the remember me data on the Web sites. For example, the log in information and put it show there are many times you've also created an account on the website you logged in the first time with your user name and password. And then if you close the browser and then you open the browser again, you went to the same site you're automatically logged in. That's because of a cooking known as the persistent Cookie. Now you should know that in general, cookies are mostly homeless. There is this huge misconception out that the cookies are bad. No, for the most part, they're harmless, and they actually help websites along more efficiently, providing you with a better up experience while using the Internet. But remember that they can also be used to track you and can be exploited by hackers. If a hacker, for example, what you steal the persistent cookie, the date on the person cookie that's stored your log in information on the site. Well, guess what? That hack is gonna have access to your log in information. So for the most part, cookies are harmless, but they can also be exploited. Alright, if you're interested in seeing Web cookies in action or you'd like to discover where they are stored well, if you go to any site as an example, I'm on kayak dot com and I'm using the Google chrome powers up. You can see in here where we have the padlock. I'm gonna click in there. And now here you can see that we have 83 cookies in use. Boy, that is a lot of cookies. Click on it right there. And now you can see that we have cookies from different sites from Amazon to Facebook, Google and and even from kayak dot com. You can go ahead now and expand. Expand the one for character Calm alums, go back down here. All right, so let's see the cookies that CAC has stored in here. And we have We've got three cookies. Gcl okay can click in there and now in here you can see some information about this particular cookie dot com's Web server set this particular cookie this path. When you see the fourth slashing here, that's implements that this cookies used throughout the website. It doesn't matter what page along send for any kind of connection. What this means is that it doesn't matter if it's http or https. This cookie will still run. And of course, you can see those created October 13 to 19. Angela expire our general 11th 2020. Ah, let's take a look at some other ones. Ah, pretty much the same. Let's go to Google and see what cookies Google has in here. Let's expand that. Okay, is really a few more in here s s I d secure connections only. Okay, So what this means is that these would only run if the page of the site is running on https . That's when this kind of cookie would run. All right? So I'm not dissecting cookers is not exactly the most interesting subject. So I'm just gonna go ahead now and close this, But now at least you can see first and the kinds of cookies debt sites are running on your computer. Now, if you'd like to know just how many cookies have been stored From what science on your browser, there are ways to figure that out. Now I am using the Google chrome browsers. I'm gonna show you how you can find the cookies on your chrome browser. If you're using Safari or Firefox, it's very, very similar process. What you want to do is going to go to the Settings tab so any right now for crude, I'm going to click on Settings in there. And now in here I am going to go to advanced the advanced stabbing. I'm gonna go to privacy and security. And then in here you would see site settings. I'm gonna click on site sit ins and then permissions. You will see cookies and site data. Just click in there. And now in here, you can see the templates, A's C old cookies and site data. I'm gonna click in there and there you go. There's a lot of cookie is a lot of cookies. Start from different sites boo heart calm, gifts that comb and so on and so forth. So in here right now, you would see every website and all the cookies that have been stored on your Web poza. It's a good idea to go through this list, and if there any sites you don't trust or any sites that you don't visit anymore. It might be worth you and we're moving those cookies. You could also just remove all the cookies at once. Clay everything. But let's keep in mind that you will just need to you. You might be first to log in again. Two different kinds of upsets. People like Freeze boo Coal YouTube in the sites where you constantly visit and says it averages. Study looking information. You may. You may have to log in again, but it's always a good idea to every once in a while clear your cookies. So that's it for cookies for Web cookies in general, if you have any questions, of course, be sure to let me know. Think if watching, and as always, I will see you in the next class. 7. Browser Security Mozilla Firefox: When it comes to browse the internet, there's generally two different browsers I would highly recommend that you use. One is going to be Mozilla Firefox, which is what you're looking at right now. And the other is the Brave Browser, which I absolutely love will talk about grave in the next video. But in this video let's talk about Mozilla, Firefox null and just show you very, very quickly. I am using the latest version as of today, December seventh, 2020. And you can see right now it's 83. So if you're watching this in 2021, you might have a 4, maybe even 85. But the point here is that I'm using the very latest version of Firefox. And what Firefox does is that by default, it already protects you much better than Google Chrome or Internet Explorer or Apple Safari. But there are still certain things that you need to do before it actually becomes very, very secure and also ensures your privacy. Now at first, this first shape is when you go to any website. Up here you have your URL, you're going to notice this particular shield. Now when you hover on this should, it will tell you whether or not there are any track has known to Firefox on this particular page. So you can see right now on lab cyber there were none. However, also go to You will notice that the shield is now active because you can see the color has changed. There is now some color to it. And if I now hover in here, it says it's blocking social media track is cross-site tracking cookies and finger printers. Now if I click on the icon, right now, it tells you that enhanced tracking protection is on for the site and its block in social media trackers. So maybe looking Facebook tweet up, if I didn't have this protection on bowl happen is that if I was using, let's say Google Chrome as an example, and I wasn't blocking trackers. If I came to and I went to like let's say gaming accessories for example. And I clicked on the Xbox core controller. Facebook could be monitoring me right now and would know that, oh, Alex went to Amazon and he searched for the Xbox called core controller. The next time I go to Facebook, I might see an ad on Facebook advertising the Xbox core controller. That's how the whole tracking thin works. But since I'm using Firefox right now, and it's actually blocking trackers from social media sites, Facebook, Twitter, what have you. They're not going to know that I'm actually on Amazon, are searching for an Xbox core controller. But let me show you something really cool, okay, if you go back to your also ride your Firefox browser, you come all the way right here where you have your menu, you click in there. Right here you will see options, okay? You wanna click on Options and invite you to go to Privacy and Security. Now, in here, you do have the tracking protection right? By default, it's on for standard. But I would highly recommend if you want to be very, very, very safe and secure, you wanna go with strict as opposed to standard. Now, the one downside of going strict is that there are actually certain websites that do require that they track you, that the install cookies on your Browser on your computer. If you prevent them from doing so, the pages on that site may not load properly. The good news here, our 7A, is that you can actually manually allow or disabled the street protection on such websites. As an example, I've chosen strict here, right? So if I was to go back in here, for example, let's say for example. And I go back to the homepage, then just refresh the page. Okay, let us refresh this page. War than I could do is if I wanted to disable the strict protection on, I would simply click on the shield right here. And then over here, I can simply turn it off. Okay? So basically at this point, might now Firefox is not going to block any scripts. It's not going to block any cookies or any tracking specifically for So this is how you can disable Firefox's protection on sets that you trust, okay? You want to make sure that you actually trust these websites and only do this if the sides do require that, hey, you know, we need to be able to track you install cookies conflict that, then that's the only institution where you may wanna go along this route other than that, please, and showed that the shield inhere is always active and Firefox is always protecting New. Let's go back to options and let me show you some other really cool things you can do. Right here. You do have this very funny option of saying, send websites a do not track signal that you don't want to be tracked. Now there is a why this very redundant is because many websites will simply ignore visually question of a track. Ok, so don't even bother changing anything in here. It's not gonna make any difference at all. Now right here you got your cookies and site data. You can Nuclear Data Manager data provide here you've got your logins and passwords. Now it says asked to save login and password for websites, auto-fill logins and passwords. All this is okay, it's fine. How ever if you're using your computer with another person or you just want to be absolutely safe and secure. Our recommended you'd go with using a primary password. Now what this does is that before the Firefox browser will automatically fill in your logins, your passwords, things like that. You will have to provide your primary password first before Firefox knows that. Oh, OK. It's actually you and I'm given given go-ahead to auto-fill logins and passwords. So all you need to do is come in here, say use a permit password and invite here. You can add your password them just add a quick password as an example. Okay, I'm gonna come back in here. And of course you want to make sure your password is extremely strong. Click on OK. And there you go. So basically what will happen right now is that the next time I go to a particular site where I have logged in before with a password and username. And I've saved that username and password before Firefox will automatically fill in those credentials, I will have to provide the password. They permit password first before Firefox will go ahead and auto-fill. The log is a passive, so that's how this works. Let's come down in here. You've got your history, remember history, you can choose never to remember history. It all depends on your own particular preference. And then right here, you've got the permissions. Now, very, very, very important. First of all, you've got location. You click on settings right here. And if there were any websites that have axe for your location in the past and you've maybe approved, you blocked. You will see everything in here. And then you will be able to either manually approve such websites or just keep on block in them if you want to. Same goals would like the camera as well. And I'll just show you very, very quickly on the notifications because I do have an example on the notifications. And I got to satisfy notifications right here you can see you This is ready that I accessed a few minutes ago. So right here, actually wanted to be sending notifications, but I chose to block those notifications on a So like here, I can either choose to keep it blocked or I can come in right now and then simply our Lao Ready to be sent him notifications on a desktop whenever they occur. So this exactly how our location and camera microphone, that's exactly how they all work in a communist right now. Check whatever websites currently have access to your location or camera, and you can choose to block them, or you can choose to allow access to them. Of course, you want to block your pop-up windows as well. And then warn you when you obsess tried to install add-ons, please make sure these two are always checked, especially the second one. If any website tries to install an ad on which already by itself is kind of suspicious. Make sure Firefox warns. That tells you that, hey, this particular website does Treasury install an ad on? Would you want to agree or not? Okay. Mostly of course you want to, you disagree. You don't want users to install add-ons on your browser and Of course, on the security. Make sure all of this is checked. Blog dangerous or deceptive content. Block dangerous downloads, warning about unwanted and on common software. Make sure these are all check certificates. You can ignore this, you can just keep this on ask everytime quick. Usp responded, this is perfectly fine editors. And last but not least, you do have the HTTPS only mode. Now, this might seem like a good idea to enable HTTPS only monadic does is that basically Firefox will force your browser basically to force itself to access every page on the internet or any web site via HTTPS. Now, the reason why this is not exactly the best ideas, because browsing the website doesn't have ATP S installed, isn't exactly dangerous, okay. It's perfectly fine for you to access a blog, a website that doesn't have HTTPS. Just as long as you are not providing sensitive information like your username, password, and not buying things which are critical to debit count. As long as you know, doing anything like that. Http is fine. You don't need a TPS. As such, if you perform your due diligence and only provide sensitive information like your passwords, credit card details on size that have HTTPS, then you don't need this, you don't need to go with the HTTPS only mode. Secondly is the fact that if you go with this enabling the HTTPS only mode, it can actually bring certain websites. There are many websites out there that don't have HTTPS. And then when you force Firefox to walk with HTTPS, it may break such sites and such websites Minow load properly on your buzzers. So please just go with the don't enable HTTPS only mode. Alright, so let's take a look at some very advanced security settings for Firefox. What you wanna do is you want to go to your URL address, typing about colon and then config. Okay? Now you will see this message symbol click on accept, diverse can continue. And then right here what we're gonna do is we're going to make five changes that will truly enhance the security of our Firefox browser. Never click on Show all. You're gonna see a whole bunch of different kinds of settings for security and performance. But thankfully, I have listed five. All of the main cities that I feel are the most important. The very first one here is going to be the media peer connection for R T c. Now if you don't know what Web RTC is, it stands for the web on real-time communication. So basically what this does is it shares thins like your voice, your screen, your audio across the internet with your peer. So if there's somebody who, for example, does a lot of gaming on the internet, you play video games, now you're chatting with your friends. Most likely the applicational, we'll use Web RTC. Now if you're not a game, I would highly recommend that you disable this because hackers can actually exploit the Web RTC protocol to reveal your real IP address. So even if you're using a VPN, you didn't Things like that. Hackers can still exploit the Web RTC protocol to you revealed your IP address. So if you really, really, really want to be secure initial your privacy, you want to disable the media peer connection. So you come in you right now. Such for media dot Peer Connection dot enabled. Now by default, it will most likely be set to true. What you wanna do is you want to click on the Alawite here and set this to false. So this will now disable media Peer Connection. Okay? The next one we're gonna talk about here is going to be the privacy dot tracking protection dot fingerprinting dot enabled. So let me just copy this column right here. And let's search for this guy. Press Enter. And of course, you wanna make sure this is set to true. This basically protects you from fingerprint and make sure this is set to true and not false. The next one here is the tracking protection as well. Let me just copy this one. Go right here. Let's search for it. And okay, so it's also set to true as well. Make sure yours is also set to true. And then we also have the network dot kooky dot lifetime policy. Now, this one is very, very interesting because it indicates just how cookies should be handled on your Firefox browser. Now, the value here is set to 0, right, as you can see, but you actually have different vowels. You can go with 123 or four. I would recommend you going with two. Now, if you add to what this does is that the cookies will only last as long as your session is open. So for example, right now, when you set this one to two will happen right now is that if you go to a new website and you provide your details, things like that, the website will store Nevada, your browser, your fabrics butter will store the cookies from that site. As long as you are connected to this horizontal side is open in your Firefox browser. If you close the website, you close your browser and you come back the next day, things like that. Automatically the cookies on that side would be deleted. That's what the value of two does. Okay? So you can either just stick with the Legolas 0 that will treat cookies in a normal standard fashion or in go with two, where the Firefox browser will automatically delete cookies, family websites when you close the connection to those sites. Okay? And then last but not least, we do have the crypto mining protection. So this is for you if you're into cryptocurrency, you know u by u. So cryptocurrency, you want to protect your wallets from Crypto miners. You can search for this preference. And of course, make sure it is set to true as well. In fact, michelle, all set to true with the exception of the very first one in here, the Web RTC. I mean to pick on actually you want to say I want to false, as long as you're not a gamer. Okay, so that's basically the advanced settings for Firefox. One last thing to mention before I round this SOP is going to be an add-on that you may want to add to your browser. And that's going to be the new block origin by Raymond hill. You simply go to your add-ons, you add it, it's free of charge. Now what is Adam does is that it blocks ads from loading on website. So when it's active, you will see the icon right here. Active, you click in there and you can see right now that okay, it's active. 0 adds haven't blogged on this site. Let's go through when it's, let's refresh this page and see whether or not ok. So either you can see it says two. So if I click in here, you can see now that it's blocked off, it's broken a lot of ads on So it's blood 15, it's actually blocked 15 ads so far. And of course what this also means is that when it loaded a bit faster as well because the ads were blocked from, from load. And so this is an adeno height of a community. Actually add to your fabrics bizarre to make things even better. So that's it for the Mozilla Firefox browser security settings. Thank you for watching. I will see you in the next class. We will talk about the Brave browser. I'll see you then. 8. Browser Security Brave Browser: Okay, so let's talk about my favorite web browser and that's going to be brave. Now the reason why I prefer brave to Firefox a, simply because of the design. It's actually very, very similar to Google Coulomb whose functionality and design our love. But I hate the security of Google Chrome. But the wave is like the best of both walls. You basically get the privacy insecurity of Firefox, but also get a design and functionality of Google Chrome. So this is brave right here. And yes, it says three times faster than Chrome, better privacy by default than Firefox, which is true. A lot of the things that you have to do manually with Firefox. It's already been done for you with the Brave browser. So you go to and let me just walk you through very quickly. You might see this thing called open into Hall. If you don't see this, you could also go right here. Then you will see something called a new private window with tall. If you don't know what Hall is tall, is a very special kind of browser that actually acts like a proxy. It can hide your real IP address. And basically it act like effectual private network, your ISP, your employer's, whoever is trained to monitor what you're doing on the internet will not be able to track you. Now for a phone. Let me just show you something very quickly. I'm not using Tor, I'm not using a VPN. This is my real IP address right here. And you can see right now it says I am in Chiang Mai in Thailand, right? Okay. Let's just some experiment. Okay. I'm gonna come right here and say opening tall. So right now, this is actually the Tor browser embedded within the Brave Browser. And right here I can search for anything, go to any kind of website. My internet service provider will not be able to track when because right now I'm using the Tor browser. Now check this out. If I go back to what is my IP address. Okay, let's go back to the same website. Now by default, Duck, Duck Go is a search engine used whenever you're searching for information on the Internet. So let's go back to the same website. What is my IP And the one downside or the two downsides with using the tall extension is that it's, your burden is going to be a bit slower. But you might also be asked to complete our security checks like this on setting Kinds of our website. So let me quickly prove that I am a human and not a law bots. So let's see Bicycle, Bicycle check. And OK, so let's see our new IP address. Okay, remember the first IP address was in Chiang Mai in Thailand, which is our real IP address. But now you can say it says my IP address is blah, blah, blah. And now I'm actually supposed to be in Kiev in Ukraine. So he gets it right now that if anyone tries to track, emulate now a trick on them, dean, on the internet. They're just wasting their time because well, icon into the internet. I'm actually live in or the Internet from Ukraine and not Chiang Mai, Thailand where I really am actually. So that's how Tor, extensional walks with Your Brave browser. Again, I would recommend using a VPN Virtual Private Network because virtual private networks are a bit faster and you might not need to complete the other security captures and things like that, but it's just fun photo that OK, you've got this are taught extension available with the breath goes up. Okay, let's talk about the actual settings for our Brave Writer. You've got your menu click in there. And then down here you're going to see Settings, okay, so you can click on Settings. And from here what you want to, first of all do is you want to click on the shields link right here under Settings. And then over here, you do have the truckers and adds blocking out. You can go with an aggressive level, but honestly, even with the standard level, brave does a fantastic job of blocking ads and trackers on websites or outer command just sticking with standard, you don't need to go aggressive. You do have the good connections to HTTPS. Make sure this one is turned on and invite here, very important. You've got the fingerprinting blocking. Now, I have said in mind to be strict. But if you notice that many websites that you try to access our break-in denote loaded properly, then you may want to turn this one down to our standard, okay? But personally for me, I'll recommend going with strict Maybrick sites first of all, and then of course, dang good standard if you're having issues. Okay. Let's move on down here to where you have your extensions, okay? Actually you do have the search engine section in him as well, but you can choose to go with a default search engine. I'm not going to blame you if you go with Google because Google is still by far the best search engine, but I tried to use Dr. Google as much as I can and I'll help you encouraged you are to use, also use doc dot goal. It's much better in terms of security and privacy than Google. Believe me, right now right here. In case you don't see this often hidden in here to open a new window with Tor, you want to come down in here and ensured that this one is turned on, you see private window with tor, makes sure it is turned on. Oh, okay. Now I'm gonna go back in here and let's come down here to our additional settings. I'm going to click in there. And now you've got your privacy and security. Let's click in there. And what do we have over here? First of all, you do have the blas and data. You can clear things like your history, your cache, things like that. But we're not interested in that. We're interested more in the security. So right, I'm going to click on the security link and then invite you. Of course you want to make sure that the standard protection is turned on. And then using a secure DNS is also turned on with the option of your coin service provider are being activated mixture These two are active. Let's go back. Okay, and then let's come down here to cite and shields sets ends. Again, by default, grave doors, a fantastic job of protecting your site. How ever light here, you may see things like your recent activity from websites or access things like your camera, your location. Now mind you can see food panda. Food panda is a food delivery service, so obviously they need to know where I'm located. That's why I allowed location for this particular site. But if I'd allowed orphans like my camera, microphone recently, you will see all the sites listed in here and the permissions that they have. But you can also come down here to permissions and then go to location. And you can see right now that food Panda has been given access to access my location. That's fine. Let's take a look at a camera. You can see no sites have been given access to make hemlock, which is good, microphone sampling as well. Notifications, you can see right now, no sites or lots of semi notification. So basically once you begin using brave and you start aligned ellipses to access a camera or things like that, you will see all of them listed in here. And you want to make sure obviously, that whatever sets that have access to your location, your camera, your microphone, you trust them. And these at size that actually need to make use of such things, okay? If they don't need to know your location, if they don't need to have access to a camera, block them. Okay. Let's go down in here. And that is pretty much it. Pop-ups and redirects down here on the content. Make sure this is a two are blocked. You don't want pop-ups and redirects happening by as you're browsing the internet. Alright, one more thing to mention is under the additional sessions you do have the autofill. Now writer, you have passwords, okay, you click in there. And what happens here is that if you begin using Believe and you begin saving the passwords and usernames on websites, you will find them listed in here. Consider eight. Now I do have several websites that do have Facebook. I've got I've got several of my Wordpress websites as well, all saved with the username and password, which of course I can reveal by simply clicking on the eye next to them. However, I would recommend that you do this only if you're the only person who uses your computer. If you're using a shared computer, maybe it's a family computer, things like that. Please don't save your information. Your browsers only do this if you're the only person who uses your computer, you're the only person who's is the Brave browser on your computer. So that's pretty much it for the Brave browser. We don't have to do quite as many security settings as with Firefox because again, by default, bereaved doors. A very fantastic job of protecting you and ensuring your privacy while using the Internet. So that's therefore Brave Browser. Thank you for watching. I'll see you in the next class. 9. VPNs: celestic about one of my all time favorite security tools and we're talking about a V p n. What is his VP? And you ask, Well, a VP instance for the virtual private network and basically what it does is that it's used to provide a secure connection to another network over the Internet. So in other words, what it does is that it allows you to hide your browsing activity by providing you with some anonima t. And it can even change your geographical location virtually now just to give you a practical example off a VP and service in action, I am using one form Nord VPN, one of my favorite VPN providers. So right here, this is the interface. Okay, What you're looking at right now is the map of the world and these blue checkers or markers or bubbles, or have you want to call them? These represented networks that not VP and has all over the world. So the way this works is right now, I am actually physically in Colombia. But then I can come in right now and say, You know what? I wanna pretend that I am in Brazil's. I can click in Brazil right now and basically considered not VPN is connecting me. It's connecting my network to their own network in Brazil. It's legislate for a few more seconds and see what happens. And there you go. So right now you can see that I have been connected to Brazil. So from this point on any website, I visit any app I used online that apple upset or whoever they will think that I am in Brazil been in fact, and actually in Colombia. Now there are several reasons why you may want to do something like this, and I will talk about those in just a moment. But over here, over here, right now, you can see all the countries where nor VPN has servers in and if even got our special two servers like a dedicated AP and even have the P two p. So if you want to maybe do some toy linton on languages kind of illegal, you could use the PTP to protect you and help you share files faster and download files are much faster. But that's basically North VP and dependent on the service you go for. Basically, they all walk pretty similar you basically connects to the VPN service, and then you choose the country where you would like to be connected to you, and the rest is pretty straightforward. Just a quick tip. Unless there's a very specific reason why you would like to connect to a certain country trying to pick a country to connect to you typically want to go with the country that's closest to you are it's even find itself. Example. You in the U. S. You can connect to a VPN service inside the United States. It still it still works. But let's say, for example, right now, I'm in Colombia and you can see right now the reasonable VPN. Not if he doesn't have any network in Colombia, but the closest country to Colombia right here would be Brazil. So that's why automatically I will go with Brazil will be faster than me connections. Let's say our India, as an example now go back to us lies. It's important to stress that when active your eyes be will not be able to track your browsing activity. When you're using a VPN, your Internet service provider would not be able to tell what you're doing online they will know that you're using a VPN service, but they will not be able to tell what websites you're visiting, what you're doing. And that's because the VP and basically encrypts all the data that you send and receive on the Internet. So this is another reason why every peon could be very, very useful for you. Now, when do you actually use a VPN? These are the three times the three best times to use a VPN. The 1st 1 is when you need to change your geographical location. They might be asking, Why would I want to change my geographical location? Keep in mind that setting kinds of content or websites might not be accessible to you based on where you are currently think, for example, like in China, for example, where there's, like a lot of censorship, they typically use VPN out there to access sites like YouTube for his book and and so one. So if you are trying to access some sort of content, maybe even a Netflix, for example again, baby, you're gonna watching movies on Netflix, and you know that movie is available for people and let's say Thailand, for example, and put you in the United States. You could just use a VPN, launch it and then claim that you're in Thailand, and then you'll simply have access to all the book's contents. That's typically available for people in Thailand. So that's one reason why you may want to change your geographical geographical location. Now, secondly, is when you connected to free or public WiFi networks. You'll find lots of these in like hotels, restaurants, basically even airport today. What's where you could just walk in and connect without needing a password? You really want to use a VPN in such a scenario, and even in order that works where a password is required. So, for example, let's say you went to Starbucks coffee, for example. You buy something, but then they give you the password for the WiFi. Keep in mind that every other person who buys something from that same start books we'll get the same password, and they will get access to the WiFi, the same wife that you're using. So in such a public location, you really want to use a VPN just to keep your information and all your data safe, and then finally, if you need to use your credit card on a side with no h t T. P s basically a site that doesn't have any SSL You wanna use a V p n? If you wanted to make a critical porches on that side, Usually you don't want to be making critica purchases on says I don't have it sits bs, But if you don't have any option and you have to purchase something on that site, make sure use a VPN because VP in real in cooped your credit card details. Now when it comes to examples off VPN service providers already talked about North v p n. You can go with them. I use them a lot in fact, every time, and I can help recommend on VPN for you. But there is also another one known as the experts VPN, which is actually very, very good as well. The only reason why I use not VPN is supposed to express VPN is I just prefer the interface fun on PP, and I think it's a big cleaner. I think it's a bit easier to use than the one for our experts VPN and and finally, you can also try tunnel beer, tunnel bed. They do have a free our vision that you can go for it will provide you with a limited amount off band with that you can use. But you could just use an old bitches to get accustomed to using Ah, VPN service. But please do not under any circumstance, use a free VPN service provider. Tunnel B A is different because Donald, but they do have a paid version. Okay, so there's a difference. I'm talking specifically about you using, uh, VPN providers that are completely free to tell you. Hey, you know usar VPN provider? There is no restriction, no benefits. Took shirt is just free. No, you're gonna pay for that free service one way or the other. It's either that might be keeping track of what you're doing, Logan. Everything you're doing and then selling your information all it could be another way. But trust me, you want to stay away from VPN Providers that are free go with either Nord VPN experts VPN or even tunnel beer. These are the three that I can't comment to you. Thank you, Fortune. I will see you in the next class 10. Creating new accounts and logging in: on the vocal critic about something important when it comes to creating your accounts or logging into Web sites and applications on the Internet, them over here on Reddit and to log in our common here. Click on Log in and I'll have to provide a user name and password, which I would have gotten when I chose to sign up for an account on Read it. Very simple for issued forward, however, take a look at Cuba Core provides you with additional options off logging and with Google, all with your Facebook account. This is so much more confident because I'm already logged into Facebook. All our need to do in here is simply click. Continue with phrasebook and I'll have this mission message Broker will say OK, we'll receive your name and profile picture and then you low to look in via Facebook. This is, of course, so much more convenient. But guess what? It is more dangerous because now, if Cora gets compromised, there is that possibility that your Facebook account could also be compromised on vice versa. Now, in here, it say's that this doesn't let the APP post to Facebook. Fine, you are telling you that. Okay, Even if you continue with your Facebook account to access car, whatever you post on color will not be positive. Facebook. Awesome. OK, that's fine. But we don't actually know truthfully, if cola isn't recording what you're posting on Facebook, they say they're not. But how do we know for sure? How do we trust them? We don't know. So the bottom line here is that when it comes to its new accounts or Logan in always used the email for Houston, your accounts go with the E mil. You will see the link in here like, for example, for car. You have this sent up with email. Always go with this option. It takes a bit longer, but it's far more secure. And, of course, when it comes to Logan in, always go with the email belt. If I did email the password and log in, if you've been doing this, stop plugging in or quitting accounts with your social media accounts. 11. Sextortion: Let's talk about sex Torch in now This is the act where a heck it will try to blackmail a potential victim by threatening to lease evidence of a sexual act or sexual act. But from to buy the victim are almost, of course, victim pays a ransom. So it's kind of like blackmailing. Except that in this case, usually the hacker would claim that they have evidence off the victim performing a sexual act like maybe masturbating or cheating on your wife or husband or something like that. And then the hacker world asked for a ransom to be paid if the victim doesn't want to hack out to release the evidence. Now, over here on my email account and you can see that I did receive such an email a few weeks ago and there's a title right there. Lumbers. Go ahead and open up the email so you can see. Right now it's a hyper V. I recorded you masturbating. I have captured Alex start MP full. You can see right here. This is the email address that the person used and you can see the contents it say's Ah, this is not a joke. I am dead serious. And of course, you could just read what this person wrote down here and down here. Basically, he or she was asking for a Bitcoin payment approximately about 0.6 Bitcoin and, ah, this was the address that's I was X to send the payments to. And of course, the threat down here is if you don't send the payment, I will send your masturbation video to all your friends and associates from your contact list. I hacked so you can see the lots of people receive emails like this. Me included. Now here's the thing. Okay, when I receive emails like this and trust me, I receive one like this at least every month, at least once every month now but now receive emails like this. I just laugh because I know it's not true. This person doesn't have any evidence of me masturbating. But here's authenticate. If you do receive this kind of email and let's just say that, OK, you did what these hackers claiming that you did there is that potential for you to get really, really worried and scared like, you know, imagine all your friends, your family members watching you having sex or something like that. I can be really, really embarrassing. Right? So there is that fear that Oh, my gosh. I don't want my position to be tarnished. I have to pay. All right. A lot of people, endo pain scammers like this, But keep in mind that Look, if these hacker indeed had evidence off you doing what he or she claims you're doing, they will give you the actual evidence. They will send you either pictures, maybe still some of the video. Or at the very least, they will send you a short clip off you perform in the act. I mean, they were like, in the whole good movies where Let's A's and bad guys the training, blackmail. Ah, someone you know. Maybe they could this person having sex and, you know, they took pictures. Typically, this person will walk into the persons, the victims office, basically, and we'll provide the photographs and say, Hey, look, you know, we've got this photographs and we caught you having sex and cheating on your wife or something like that. And then, of course, the president will be forced to pay up. So imagine if the blackmailers went to this person's office victims office and they said, Oh, we have evidence of you having sex but we know we don't we can show you the pictures. Obviously, the victim would just laugh and say, OK, look, until you actually show me photographs or video of me having sex, I'm not gonna pay you anything. So that's kind of kind of like the attitude you need to have when you receive e mails like this. It's not important whether or not you actually did what the hackers claiming that you did. What's most important is whether or not the actor the hacker actually can provide you with hard evidence to prove that they indeed have the video or the photographs. So in this case right now, I just laugh and say, OK, but you do have Alex them before. Well, show me the clip. I want to see the clip of me actually masturbating. Now you might be thinking, Wait a minute. But they actually got my name. Alex. Alex is my name like, isn't that some evidence that may be just baby, they might actually have a video of me masturbating, and the answer is no. You see the way these hackers perform. Oh, well, go about. This act is the basically have a script that can harvest thousands and thousands of email addresses are all around the world. And then what the script does is that it can simply just capture the force letters before the at at at each religious. And this goes right now. My email address is Alex at the Web monkey Lendl Comb. So the script of the program can capture Alex because if the letters before at and it will simply attach don't MP four to the letters. So that's how these person probably probably was able to get Alex of MP for this exact same email. I can guarantee you that this person probably send the same email to thousands and thousands of other people all around the world. Now, down here, I want to show you something that really, really caught my eye. And I am kind of impressed. Even though I know this person is is a piece of trash to be Teoh. To be perfectly clear, I will. I will give critically acquitted is do know down here. Look at this. All right. It's a zoo. It was it right now, it SEZs You can visit police, but nobody will help you. I know what I'm doing. I don't live in a country and I know how to stay anonymous. So right here. This hiker was trying to get me really scared that Hey, you know, they know what they're doing. The professionals, and then down here is the key. It say's if you need more time to buy and send the Bitcoin open your note pad and white 48 hours, please. I will consider giving you another 40 for that was before I release the video. You see, these right here is psychological. This person is trying to tell me that Hey, and watching you every move and knew exactly all the applications you're running on your computer that even if you open up no pad and you type in for hours, please, I will know. So basically, this hackers try to convince me that he or she has complete control over my computer and it just basically trying to get me scared. So these are the psychological tricks that people like these employees. They try as much as possible to convince you that they have complete control over your computer that watching you, they know what you're doing. They will tell you I've got evidence. If you doing this, if you don't send Bitcoin, I'm gonna expose you. I'm gonna do this. I'm gonna do that at the end of the day. Keep in mind that if they in fact have the evidence, they will send you part of it. Maybe it's a short clip of pictures, but they will send you something to convince you. Now there's an article here on Malware Bytes Labs, and it just basically kind of like a review off this sextortion. Now there is a new kind off 60 extortion that's now in vogue, where the hacker would gain access to one of your old passwords. It could be maybe a passer that you used a very long time ago or even potentially it could be a password that are currently using. They will send you the password air in an attempt to convince you that indeed they do have this evidence that the claimant to have again do not fall for it again. If they have evidence of you performing whatever sexual act that it claiming you performed , they will send you that actual Klippel pictures of that actual act. Forget it. Forget about the fact that they have access to one of your passwords. And by the way, if they do have access to one of your past that you currently using, then obviously you want to make sure you don't use that password anymore. But again, then providing you with one of your old passwords or a passenger currently using this just a ploy to try to convince you that they do have access to this evidence or few performing that sexual acts. So again, it's not just me, and it's not gonna be you either. People, thousands and tens of thousands of people are all across the world receive our succession e mails, just like the one I received. So if you do get something like this, just remember that Hey, if they really did have evidence of you performing a sexual act, they will send you pictures or a clip. So do not fall for sextortion scams like this. Thank you for watchin. And of course, I will see in the next class 12. Internet Privacy Tools: Now that we've talked about how companies track us online and they sell information to advertisers, it is time to take a look at a few tools that you might want to start using If you're gonna take your privacy seriously on line, and the very first tour here is going to be the brave browser. This is my number one recommended closer for privacy, and the beautiful thing about the brief browser is that they will not track you. They will not store your data, and they also block ads. Now I don't feel like me. But whenever I jump on YouTube, I am always tired. I've seen ads play before the video. Want to watch with breath? Broza. It will block those ads so you just watch YouTube without the ads. I think that should be enough intensive for you to start using the brave brother. So switch from chrome or opera or Microsoft Edge and start using the brave Broza. It comes Halle were commended, and you will not be disappointed. A very similar per hours into would be the Tor browser. Basically, you could use Tor to access banned websites or websites that are deemed to be very dangerous or illegal. And what hold does it also protects your privacy? Tall would never record your data, and it basically blocks Ada's well, very, very similar to the brave browser. Now, when it comes to searching online, we all know that Google, of course, is the is the king. There's hardly any competition, but unfortunately, we know fallible that Google keeps track that we call the data. They sell our data and they do all that stuff. If you're looking for a smart, safer alternative, then doc, Doc ago and pretty sure you might have heard of this company before they've been in existence for quite some time now. And I would highly recommend that you do go with Dr Go. If you're tired of Google tracking you and you want to and sure your privacy is respected, the doctor go would be the best alternative to using the Google search engine. When it comes to e mails, Potent male would be my number one recommended option a village in for email provider. The old encrypt your e mails there would ensure that again your privacy is not intruded on in any way. Port on male would be the number one option. The mayor of fact that the service are based in Switzerland that has massive laws against sharing data and things like that. I think that should be enough of an incentive for you to start using Proton mill. So if you're looking for your mill provider, that would ensure your privacy. Encrypt your e mails, make sure nothing gets Lichter sold. Proton male would be my recommended choice. They do have a free our planet could go with. They also do have a paid plan, I believe so. Be sure to check out our proton male now when it comes to collaborating with people online , sharing video files or images, or having conference calls or things like that. If you want to do something like that on the very, very secure platform, then wire you're looking at right here. It is the most secure collaboration platform, and I have used why, under past, and I would recommend this. So if you're looking for any kind of platform where you can share files, walk with people over the Internet, do things like that, then definitely you want to go with wire. Now there are a few add ons to the clauses that you can also install to prevent ads. The Adblock plus, which is a free ad blocker. You can add this to a browser like chrome, for example, if you must use chrome browser, but you don't see the as then definitely you can check out the Adblock Plus are free ad blocker app. And then finally, we do have Gold Street. Go straight also has a browser, but you can also run the ad on, which is basically the goal. ST Bart's extension. What this will do is basically it will ensure that companies cannot track you to ensure privacy as well. And this is the add on right here. It's called the Ghost Re Privacy at Blocker. Once you go to your APP store or in this case right now, the Web store, you can basically just add to your coins, Broza and in fact, already added it to my chrome browser. You can see right there it is active. And the funny thing is that whatever you faces, any sites the adult ghost, you will start to record. How many trackers on this side how many requests were made to track you things like that. So, as an example, take a look at Golden com, which is my favorite site for keeping up with football or so kind if you relief in United States. Unfortunately, these guys are my God, this guys do lots of friends with your personal data. They track you that provide adds things like that. So right here, you can see that goes to requited 28 findings. If you look in there, you're gonna get lots of information. First of all, 12 trackers were blocked on their sites and then request modified for five Naval wonder. What exactly does it mean to be? Oh, modify a request. It basically means that when I go to this site setting scripts of certain trackers were trying to access that in information about maybe maybe my location the plaza was using. So basically, what does she did was that it denied five attempts to modify my data. Basically, that's what this means. So for me right now, I could decide to restrict the site completely and show that trackers are always blocked whenever I go to this site. Or you could do the opposite and trust sites if you would like to, But there's another very interesting details. Inhalers. Or you could switch from the simple of YouTube detailed view. And now in here, you even get MAWR information such as the trackers, the cans of weapons that are trying to track me. We called my information and so on and so forth. So how I would recommend the ghost Tree Adam for closers, So that's pretty much it for the tools off the command for privacy online. There are quite a few other tools out there. I won't try to create a PdF document highlighting some of the additional tools that you might want to take a look at it just serious about, ah and showing your privacy when you use the Internet. Thank you, Fortune. I will see you in the next class. 13. Securing the Home Router: let me know. Show you how you can secure your home router. And the first thing you need to do is to figure out the i p address for your route in it. Now it's usually something like 19 to 1 succeeded, warned one. Or it could be ah one into that one. Succeeded. 01 is usually around that range. One quick way to find out is you can simply go to you about it. Pick it up. And if you look behind the router, you might see the information like there. Or you could simply google the manufacturer off Arata and figure out what the I P address is. But mine is one into 168 Don't want one. I'm gonna come in here right now and simply log in this information you can also find at the back off your water if you haven't already are changed, the default are password in here right now I am logged in and there are three things you want to do to secure your home router. The first do you want to do is make sure that the default password has been changed not to do this. Look for something called accounts or management or something like that. In my case, it's management. And if I go to management and I go to account management right there, you can see I've got passwords and clicking there. And right here I can simply type in the colon password and then typing the new password. So if you've never changed the default password flare of alta, now is the time to do so. So please go ahead, do this, save in your password. And once that's done, the next thing you want to do is to ensure that the SS I D, which is basically the name of your network, is hidden from users. Now, how exactly would you do this? Well again, it depends on the set up off your own particular route up. In my case, if I go to basic set up and I go to the W lan in here right here, you can see I've got the basic configuration for 2.4 for five and a little security sentence as well. Now they go to basic configuration right here. You can see the S s I d has been enabled, but then what? You want to do is to come in here right now and hide the SS I d hide. It's that no one will be able to find your network when they're trying to connect to one. Do the same thing for your fine. You can get hearts or whatever. Ah, the available frequencies you have in here. Once that's done, the next do you want to do is to also go to the security settings now in here where you have the authentication. You want to make sure that, at the very least, you're running WP AP Escape This refers to you the encryption levels, the levels off security basically make sure it is not on non all weap. These two are really bad for you. Make sure that, at the very least, your authentication sentence have been set to WP a audibly p a two. Or in my case, it's a mix off creditably P a and W P a, too. So please and show that that is done. And of course, make sure it's done to also your I have 55 bigger hits, our connection, or to a lot of other connections that you have in there for the encryption mode. A es is perfectly fine. Tick, tick AP or take a people's a s All these up. Perfectly fine as well. So that's basically the three made changes. Need to make you out to right now. Change the default password. Hide the s s I D. And And make sure that you're winning at least the w p. A P s k authentication. So that's it. Thank you for watching. I will see you in the next class. 14. Malware: Okay, let's talk about everyone's favorite topic, and that's going to be mild. Where now, just like with passwords, malware is basically everywhere on the Internet now you probably Mitel. They didn't know this. But just in case you don't, my always actually the collective term for malicious software. It's not just about viruses we all know embarrasses our and many people will typically associate anything bad on the Internet with a virus. Well, if various is just one member off the malware family and besides, various is you've got warms, you've got Trojans. You could ran somewhere, and then you've got spyware or adware. Now what I want to do right now is to give you a very quick some way off this five metre types of malware, starting off with the good old viruses. And, of course, these will destroy and equip your data. They can self replicate, meaning they can make copies of themselves, but they cannot spread themselves across a network. So imagine you are at home, for example, and let's say you have three computers, one in your living room, one in your bedroom and one in your in your kitchen. Just as an example and all three computers are connected, connected to the same network. Now, if the computer in your kitchen gets infected with a virus, unless someone transfers that varies from that kitchen computer to the other two commoners in your apartment, there is no chance of the There has been able to spread itself from the kitchen computer to the other two computers in your apartment. So there's the the major, a weakness of the virus. Yes, the commit copies off themselves on the system that have infected, but they cannot spread themselves across the network. Wilms are the more advanced type these camps put themselves across. The network are unlike your typical virus, and then you've got Trojan. It's very, very deceptive because they disguise themselves as riel applications, and these are usually very, very common are with mobile applications, especially big games. A lot of times, your final people go into the APP store and they looking up some abstract stall. They find this what looks like a really good came and like, Yeah, I'm gonna install this game, and then at the end of the day, that game is actually a Trojan in this guy's. So once it gets installed on your computer on your phone. Other can do many things. They can be called your data. They can distribute data also some. I also suffer difficulties of really bad things. Now we ran some way. These are the type of mulberry that will deny you access to your files until you pay a ransom. If you ever get infected with search, the most effective way was it will just be to format your your hard drive, wipe out everything, step a fresh. This is exactly why you should always make backups off your files, just in case you get infected with Avon somewhere. And, of course, finally, probably the least a malicious off of the Marley family. You've got the spyware adware. This will display annoying pop up ads everywhere on your brother. This is exactly what these guys deep. Now there are four main ways how we actually get ourselves infected with malware. By far the most common will be data transform, you know, using good old USB hard drives and see the ease and stuff like that. You take your USB drive and you plug in it, plug it into a computer that's infected. You get infection, and then you plug your USB drive in to your competent and ineffectual computer. This is by far there was come on the way, how we get infected with malware and then installing APS and programs. Of course, Trojans. We talked about that if, while ago cooking on militias links. This typically deals with fishing, which will talk about a bit later in the course. But there many times when you might end up clicking on a link on the website that would actually end up installing malicious software on your computer and then, of course, visiting dubious websites. But it's pawn side. So one of those very old looking websites remember, you're trying to download some illegal software. Maybe you're trying Teoh, you know, do those regular things on the Internet, which lots of foods do. These are the ways how you could end up infecting yourself with multi, didn't transpire insulin, abs, militias, links and, of course, visits in dubious websites. Now let's talk about the actual software itself, then various or the Internet security suit. If you've ever tried to buy an inter various in recent times, you will notice that many companies offering you an inverse will also offer you the Internet security suit version. So the big question right now is which of these two would you go for? Would you go for the regular Inter virus, or would you go for the Internet security suits? Let's talk about your answer. Various. Nowadays, now back in good old days, Monica disarmament survivors If that salt away, it was going to fight specifically against viruses. But thankfully, today they have evolved. Your typical Ontiveros right now will offer you protection against all forms off mall way. It's just it's not gonna be against viruses alone, but it's gonna tackle, warms to or joins you in some way. Adware, spyware, things like so anti viruses right now, actually quite advanced. Now the advantage, my oldest advantage of reason and Paris is that, well, basically, universe will offer you less protection than the security suits. Thes security suits have MAWR tools at the disposal to offer you additional tools like a firewall as an example, which most and versus will not offer you. However, quite possibly the biggest advantage of using an anti virus is opposed to your Internet security cities that anti viruses use less computing every sources, which means your system of one much faster when you're within and the pharaoh's they're supposed to. When you're wanting on incident security suits. And, of course, it's also much cheaper than your Internet security suits. Let's I'm over here on the site PC mag that come wonderful website. And I was taking a look at what they had to say about the best milder removal and protection software for the year. 2019. Andi here. Right now you can see pretty much the big boys. You've got a big defender McCafe, Kaspersky, Symantec, and so on and so forth. Now here's the thing that Kate, if I was gonna choose one out of all of this, I would go with Kaspersky. And here is the side right here, Kaspersky USA. Because basketball Cuomo, wherever you are, just simply having cast prosecutor come and you will be directed to the appropriate our website based on your location. Now here's the thing, OK? And I want to address this before I move any further. There has been some controversy involving cast Spassky because, well, it's a Russian company. So you've got officials in the United States government who have complained that they believe that cat Spassky or in 15 computers in United States with some very advanced form of mall way because in the data and selling the data, it's Russian hackers or something like that. There hasn't been any hard evidence that proves this. So until the officials actually provide us with some real evidence, I not gonna believe them basically. So I just personally, I believe it's all propaganda, but, hey, you know who knows? But I have been using Kaspersky for quite some time now, and Kaspersky, really, in my humble opinion, is one of the best, even not the best our Inter various company out there. You do have very strong alternatives. If you're not intricate Spassky, I can recommend Mulberry bites very, very good. They've got the free version, but they've also got the paid vision. And of course, you can also even go be my cafe. My one slight issue with McAfee in particular is that McAfee uses a baby more resources, then say Kaspersky, so you might notice a slight drop your committee's performance if you go with my cafe. Ah, where birds Symantec Defender. I haven't used us in quite a while, so I honestly cannot give you ah riel review off these other forms of anti malware. But like I said, if you're going to go with one of thes out, highly recommend are going with Kaspersky Now we just have about the virus. All Internet security and I convention with the Internet security. You will get more tools like, say, a firewall. You might even get a VPN, but here's a thin a cape. The reason why I typically don't recommend go with the Internet security suits or the total security suits is that the additional tools they offer you like they firewall the VPN. You're much better off going after all the kinds off software that are actually specialized in those kinds of tools. As an example with the VPN, which we'll talk about very, very soon, you're better off going with an actual, genuine VP and company to get their VPN service as opposed to using the VPN that an anti malware provides you. I hope you understand what I'm trying to say here. Anti malware, all this incident security suits. Their call for cause is on Fighting Mile way. It's not really on providing with firewalls fighting with VP. And so I would have a command. You go with your Ontiveros Kaspersky, in this case and then for the additional security tools, go with other kinds of software from companies that actually specialize and providing those tools. So that's it for the anti malware and malware family in general. Thank you, Fortune. And of course, I will see you in the next class. 15. Personal Password Management: All right, let's get this show started by talking about passwords, and why not? Passwords are everywhere that ubiquitous. If you have any kind of app on your phone or you have any kind of account anywhere on the Internet, I can guarantee that you will have a password associate ID, either with that account. A with that app, and as a result, we do need to spend some time talking about passwords and how best to manage them now before I go any further. In case you don't already know this, there are four golden requirements that you must satisfy before you can create or what might be considered to be a strong password. At least eight characters contain both numbers and letters, at least one capital letter and then at least one symbol. If you're able to construct a password, it satisfies this full requirements. You will have yourself a strong password, please, for the love of Mike or Jane or whoever. Please do not use passwords like sold fish or Q. Doubly. Lt. Why or even password as your password. Enough of that. It's 2019. It's time to create yourself a really, really strong password. Now I saw this joke online and I wanted to shed is with you and it's a ZA. So your password must contain a capital letter to numbers, a symbol, an inspiring message, a spell again, a gang sign, a hero, glitz and the blood off a virgin. So basically, this goes both ways a cape this in a way, in a very kind of like over the top way. It's kind of trying to tell you that you do need to have a strong password, but at the same time, it's also kind of making fun of people who, you know, go to the extreme. They feel that Oh, you know, if you must have a strong password, then it must have, like, you know, like 20 characters. Or you must have there must have that done. And then and then And now, if your password is at least eight characters, has numbers and letters, has one capital late on that month's symbol. You all good to go. So don't listen to all that nonsense out there. Get us of a strong password and you would be good to go. Okay, The real message or the real topic here is actually password management. It's not about quickness. Trunk password, but really, how would you manage your password? And how would you manage? Like, how would you manage your passwords when I just took Number one password? The biggest challenge that would typically have as Internet users is that we have so many accounts yet one single password. Why's that? Well, it's usually because many websites require lost. You use our email when we're creating an account. And naturally, we would want to use the exact password for our email to create that new account. This is one of the causes. While we tend to have so many accounts and you'll be using the exact same email address and the exact same password to access those accounts, here's a solution. Dough. You could create a second email account for secondary websites. You don't want to use the exact same. Pass it over and over again because guess what. If that one pastor gets compromised ball, then all your accounts get compromised. So what you can do is you can say OK for certain websites where I don't really want to create an account, but because I have to quit on account before I can do what I need to do on the website, I can use a secondary email account for sort websites. Thus you can reserve your primary email accounts for the most important websites, so upsets like social media, your email, your bank and app. You can use one password for those and in for, like the secretary websites for the less important lips. As an accounts, you can use a different email account. Alternatively, if want to go one step further and I would highly recommend is you can have one very special accounts for your emails and a maybe your banking application. And then you can have and no other email account specifically for social media. Here's a thin, heavy notice that we never really use our email accounts with social media. Typically, we have the accounts, ah, out of the apse on our phone. But it's physical twitter or whatever, and then we simply just do what we need to do so creates in a separate email account specifically for social media is not that much of a hassle. And that's where all the community trade create. In another email account specifically for social media and then maybe even for like Amazon or eBay or something like that. The more accounts you have, my email accounts you have are the more protected you are. That is, basically, are the bottom line. Now, when it comes to actually managing your passwords, there are two ways you can either go manually where you create a password management system all by yourself. Or you can go automatic where you would use a password manager tool. Now here's the thing about the manual method. Basically, it's you. You're the one chiefly and soul of responsible for creating on passwords. It is the safest method because you're not relying on any app. You know, land on anyone. It's all on you. But it can also be quite complex. Imagine you having to constantly create, like a new ah password for maybe, like a very special account. And then you also have to create a system where you're able to change those passwords on a regular basis. It's typically requires a formula, and here's exactly what I meant. Take a look at this example. Okay, in here I have highlighted four different passwords for four different applications. You've got your email Facebook Twitter and then a banking application on the phone, right? Take a look at the passwords. You would notice that the the figures 1969 is common. It's on awful passwords, but let's take a look at the lead tests preceding in 1969 for email. You've got mail for Facebook, you've got face for Twitter, you've got tweets. And then for the banking app, you've got bank and then take a look at the little after the numbers for email. It's G, in this case representing Gmail, the B for Facebook, representing book, of course. And then Twitter, the T representing Twitter and in the bank and at the age representing the act. And then take a look at the symbol at the very end for Emma we used at because email address is used at. We used the hashtags for Facebook and Twitter because that's what the using social media and then we use the dull assigned because, well, the dollar sign is about the best symbol to represent an application that deals with our banking, basically, so you can see that there's that general structure, that general formula out there if you're going to go down the manual path. This is how old recommend you come up with a system and effective system where you can create different kinds of passwords for different kinds of accounts. It could get quite complex eventually. If you have lots of different, it's of accounts. Eventually you will have to. Maybe we use this impasse would over again for different applications. But keep in mind that the more past was you have the mall accounts you have. The more protected EU would be. Now, if you don't want to go down the Manimal path in Wana, go automatic German Avonex video, I'll show you Harry can make use off password management tools. 16. Password Managers: All right, let's take a look at the automatic method off managing your passwords, and I'm talking about using a password management tool. If you're watching any already using one, maybe last pass or, in this case, dash lane, by all means, you can skip this video and move on to the very next lesson. But if you're new to password management tools out hell ever commend you stick around in, Watch this lesson. So the for last pass of God Ashlyn, right? These, in my humble opinion, are the two best, most reliable password management tools out there now. There are other tools, for sure, but these two are the two that I have used in the two that I can vulture full. So, basically, how do these two password management tools work? Well, it's very, very similar. Once you create an account with them, and by the way they do have free versions, you got last place for free. You've also got Daschle in for free as well. It is when your trying to get me like the business plan or a more advanced personal plan. That's when you have to pay for them, and it's pretty cheap actually, in this case right now is about $3. The three cents per month I believe last basis slightly cheaper. Last best is just three bucks per month. So very, very, very cheap. And the work very, very, very similar is so once you get your account with them, you would need to install the add on for your browser in this goes Right now I'm using Google Chrome and in here like here and Ready can see it says Last Pass has access to the site. That's because I haven't stole the last past Adan. All my bills are, and I'm also locked in This right here is the my account with the last past you can see Right now it's the fault, and this is a dummy account I just created. These are the four besides that last past currently has access to. So say, for example, if I need it to go to Amazon and just log into Amazon for my vote, all and introduces click on the launch and automatically I am locked in already. That's exactly what last past does. That's what does and does when you're creating your accounts. For the first time on the website and you have one of these password monumental activated. They can either suggest their own passwords for you to use, or if you choose to use your own password. That meant mental will automatically record your password for that site in your vault. So get us go back to my vote right here. Good Amazon. I've got sin market collapse cyber and I've got with monkey academy dot com. Nothing here is you can see right now that we do have an edit button. You also have a share button as well. Very, very useful. So if I needed to share access with someone Teoh want my websites, I can just go to share right here and then all own, introduced to tap in the person's email address and then share the log in information with that particular person. Of course, I can choose to allowed recipient to view the password if I choose not to. What the person will simply get will be a link that when they click on that link, will automatically lock them. And so they won't even need to see either the using him of the password associate ID with a particular account very, very effective. You can also add addresses in here as well. You cook in the dressing down in here. You have the at botany simply clicking there and they can add you address. Same goes with like payment cards are bank accounts as well. You read all these available for you so you can easily just add your account's once and for all Democratic ideals wasn't fall and simply used last pass or national. And to feel in those details when you're required to do so on any particular our website. So basically, that's how these password management tools work the favor effective. I have these deaths playing they have used last past. Currently, I don't use either one of them, in fact, only created this account specifically just to show you in general how they work. I have my one manual method of creating passwords, but hey, that's just me. If you feel like you know what, I don't want to go down the manual path. I want to do things automatically. I can have a commander. You check how last pass All dash Lynn. So that's if you have any very specific questions about these past a monumental is pleased to let me know. Thank you for watching. And of course, I will see you in the next class. 17. 2 Factor Authentication: So let's talk about a very important topic, and that's going to be the two factor authentication now. Typically, this is used to add an extra layer of security. And when Logan into an account now, usually when interest look, it's on account. You're going to provide a user name and password. The defective indication adds the extra Leah in that a science providing the user name and password. You then need to provide a code, which the application that you trained to look into a lot of sense to your phone. So it's basically kind of like a second test that you need to pass before the apple. The account can verify that indeed you are who you claim to beat now. Like I said, it usually involves and SMS code that you need to provide in addition to your user name and password. But other methods also involved, like a fingerprint scanner, which would be biometrics. You also have the use of had with indicators which will take a look at very, very shortly, orders basically answering security questions. So there are different variations of the two factor authentication. It's not just about receiving an SMS code on your phone. No, there has been quite a lot of criticism about the two facts of education, especially the SMS variation. Ah, lots of people have said that well, it can easily be hacked, and it's true. I won't say easily. But yes, two factor authentication methods can be bypassed by hackers, and it's mostly through fishing, which we'll talk about later on in this course. But even though it is in hacker proof, it still does add an extra layer of security. That is not that is undeniable. So I'm not saying that just because you've enabled two factor authentication, you're safe. No, you're not safe. But at least at least it makes it just a little bit harder for hackers to gain access into your accounts. Lebanon walk you through some practical examples off two factor authentication methods. I'm over here on my Google account and writing here. You can say I do have a tab for security, so if I click in there, if I come over here down here, you also that we do have the juice to verification. But it's turned off back and put it on, I think, clicking there and now in here I'm now axe to proceed with the two step verification, and it can do this. I'm gonna click on get started. And from here, I'll have to provide my password. Let's go. Okay, so now it's SEZs. Use your phone as your second sign in step, Google will send a security vacation to your phone as your second factor. Do intrusive verification. All right, So anything right now because I'm logged into Google on my phone, you can see right here that Google has recognized that I am Isn't a Samsung our galaxy s seven edge. So basically, I'm just gonna go ahead now click on, try it now. All right? Now you can't see. You can't see it. My phone. But basically, I've just got an email about a message from Google on my phone asking that Hey, are you actually trying to sign in? So I'm gonna click on yes, on my phone right now, and it's accepted. So now it's a is always there. Add a backup option. So if you lose your phone on your second step is unavailable. You'll need a backup option to help you get into your account. So this goes right now you might need to provide a second Our phone numbers. This could be maybe the phone number of your friend your your morning girlfriend. You know, one of your relatives basically. And then finally, how do you want to get the codes? Will they be through a text message or maybe even a phone call? So from here, right now, all only to do, like, now, just to add a second phone number and then just simply click on send. And that's basically two step verification achieved with my Google account. I've also got my Bank of America account opening here, and, like I said, every any decent website, any decent application where you basically have to quit in accounts to use that application , I am petition to offer you a two step our verification methods to provide some security for your account. So you never banker maker Right now if I go what I had come over here to the light, you can see right now that there is a Tapia that say's extra security at Sign in and click in there and then I can click on Learn more. So basically it's a zis here. Is that how it works. Each time you send into your online and mobile banking, you'll enter your own idea and pass code. Okay, and you'll choose a contact method and select send code and the one time authorization code you receive and select submit. So basically, I can just click on add now and then. That's basically it. So any time I tried logging into my Bank of America account right now, I would need to provide the pass code sent to my phone. So again, your bank and application, your social media accounts, your email account, basically any account that you would have on the Internet, I'm pretty sure they will provide you with a two step verification method they can use to enhance the security off that particular account. So, old Haley and strongly in could you to get all these. Don't go to your email, enable two factor authentication to the Center for Banking applications, Social media and so on. Woke of us off this as we proceed in the course, but before, around this up, I want to walk you through you. If you aps that you might need to use along the way. One of them, which is by far probably the most popular off all authenticator. ABS is a Google authenticator app. You would need this many times. Whenever you're trying, Teoh, authenticate, verify and set up the two step verification method on several applications. If you're not into ghoul, you don't want to use the Google authenticator. A second option would be the last pass authenticator. However, in Earth's used last pass authenticator, you're going to need to have a last past like accounts, which you can get for free. And they you need to have the the add on installed in your brother, for you can actually make use of the last pass authenticator. And finally I talked about hardware authenticators. We haven't called the U B Key. I have used this before, and it's awesome. Basically, what happens is that these keys, they're like US beach lives. So basically, you would just plug it into your years report. And then these particular keys have the ability to authenticate you whenever you try looking into your social media accounts, your email and so on and so forth. So basically, just you've been in possession off these keys guarantees that you'll be able to gain access , and anyone who doesn't have that key on them and they're trying to get into your account there would not be able to do so. So then coaches to take a look at the U beaky feeling of something more hardware softer wise, Google Authentic Keitel and Last Pass. I think offense gets org Tuapse accurate commend for you to use whenever you're trying to set up are the two simplification our security on civil off your applications? Thank you for watching. I will see the next class. 18. Backups: All right. Welcome back. Hope you're enjoying the course those far now, I wanted to quickly torch on the topic off backups making backups for your computer, your files and so on. Now it goes without saying that you shoud be making backups probably at least once every month, maybe once every three months. It all depends on how often you walk with a computer or how can you get new files and so one. But I just wanted to give you some general tips on how best to make your back hopes. And right now you're looking at my screen. This is Google Drive. Cloud storage has become very, very popular. And for good reason. You no longer have to stall files on physical devices like a hard drive and so on so you can start your files basically on the cloud. Now, it's not just Google. Drive out that you've got Dropbox as well, which I also use. You've got Amazon. You've got Microsoft's. I believe it's called one drive or something like that. Basically, the idea here is I would encourage you to use one of these cloud storage are platforms. You can store your regular up videos, pictures, pdf files and so on. I use vim. You in particular for my videos? Of course. I'm a course instructor, Ida. A quick courses. So I do have a lot semblance of video content, so I stopped most of them on the video, and I can always use video as as a backup if I need to retrieve anyone off my video files. But for other regular files like images, pdf documents, I typically would use Googled life or even drop box. Now, with that being said, I also make use off the good old fashioned hard drives you can see. I've just got three here but actually have, like, eight of this. And of course, I also make use off the good old fashioned Well, it's not old fashioned. Still, quite involved. The USB drive. Now here's the thing. A cape. I would never recommend that you stole very important documents on the cloud. Important in that they're very, very sensitive. I would highly encourage you to stole those on physical media that you own and that you have access to files like, let's say, for example, medical records, birth certificates, our employment certificates, and so on. very, very sensitive documents like attacked tax reports, for example, things like that. You don't want to store them on the cloud because once it's in the cloud, there is always that risk that it could fall into the hands of someone nefarious own who you don't want to have access to your file. So just keep that in mind. It's far better and far safer to keep such documents such sensitive documents on physical media It could be a USB drive, even your are hard life. Now. That is also an obvious disadvantage to doing it this way because this, for example, could feel it hasn't filled immediately reason this particular one foot belt. I think five or six years now it hasn't failed on me, and I don't think it will. But there is always a possibility because it's hard way hard. We can feel you want to make multiple backups of such documents. So, for example, my very sensitive recommends I've got them in here also have them in here as well, and I also have them in here as well. So basically three different backups for May have a very important files. I also do have hard copies basically off these sensitive documents that I own. So I would hell encourage you to store your sensitive documents on physical media, make multiple multiple backups of such have hard copies off your documents as well, and in for regular documents, which you really don't care too much about video files images you can store them on Google Dr v Meu Amazon Dropbox ed So all but remember to keep backups or make backups on a lot bases maybe once a month, once in three months is also decent. But again, it all depends on how often you quit new files health, and you get new files and so on and so forth. So that's just a very, very quick somebody off making backups. Thank you for watching, and I'll see you the next class. 19. Personal Disaster Recovery Plan: Welcome back. Now, I would like to discourse with you how you can create your very own personal disaster recovery plan. So let me ask you this question. What would you do if in the next few hours your laptop gets stolen or your mobile phone gets stolen? Or let's even imagine that the hard disk on your computer crashes. Are you prepared for these kind of worst case scenarios? If the answer is yes, then good for you. If that's always know, then you really need a personal disaster recovery plan. So basically, with this plan, there are two questions that you need to answer. Questionable. One is Do I have any? They do have any sensitive information either on my phone, all on my computer. And if they get stolen, can that information be used to hurt me? Is that information protected and then, secondly, is Perhaps more importantly, do I have a backup? All of my files, both on my phone and on my computer, and I will read it in the back backups, and we know just how important it is. But back to the question right now. If you love to get stolen, do you have a backup off all of the data on your laptop or even on your phone. And then also, like I said, if your information gets stolen if a lot of get stolen, do you have any data on your little that could be used against you? If the answer is yes, then you need to do something known as encrypting your hard life. Now, if you are a Mac user, there is a particular soft record comment to you. It's called the File Vault. This is the best tool software for encrypting your hard drive, even one in a Mac. Now if you're running Windows or Lennox out, however, comment going with Vera crypt. These are the two defense tools are recommend for encrypting your hard drives. Now the question I ask here is winding to encrypt my phone as well. Personally, I don't think it's necessary if it is your phone. Ideally, you shouldn't have any very important documents on your phone while you should have you on your phone would be your contacts list, maybe a few pictures from files here and there, but nothing extremely important. So there's really no need for you to and crypt your phone just as long as you're not keeping anything vitally important. Now, if your phone also serves as your walk phone and it's connected with your with your business and or something like that, then that might be a different story altogether. But ideally, you want to be using two different phones in that kind of situation, one for personal use in the 14 your business. So just keep that in mind so basically again, your personal disaster recovery plan should be able to protect you from your data being used against you. Even case your lot of get stolen. And then secondly, having a backup plan. Have your files been backed up? Has a contact list on your phone being backed up as well, things like that. Those are the two questions that you need to answer. We're talking about backups already when it comes to encryption again. File volt for Mac users and in very equipped for Windows users. So that's it. Thank you for watching. I will see you in the next class 20. Have I been Pwned: I would like to introduce you to wear Web tool that you might find very, very useful, and it still is called the Have I Been pawned dot com two lines, basically a to where you can check to see if your email address or even your password has been compromised in a data bridge. It doesn't take as an example right here. Check this epic. I'm gonna type in one of my email addresses. You know, it's 14 at gmail dot com, and let's take a look. Okay, I'm gonna click on Pond and there you go. It says, Oh, no, I have in fact, been pawned, pawned on five bridge sites and found no pitch. So let's take a look alike. These are the five sides where I maybe had an account with them, or ice provided my email address and that actual website got compromised. All right, so you can see right now this is a polo can vote, which I use quite a lot. And obviously I have changed my password since on my email address. Since when they discovered this. And of course, our chair, River city media and of course, share that so these are the five sites where my intelligence was compromised. So animal address getting compromised does not mean that my email account of your email account got compromised. It just means that the hackers or whoever gained access to my images. Now they have my in villages. That's all thes actually means. So this is not something to be worried about. However, on this side you actually have passwords you can check to see if your past was up in compromised, and this is very, very useful. So let's take a look at passwords and in here I'm gonna type in one off my passwords and let's see. So says good news. No pon it found That's great for me. But this does not necessarily mean that this password has not been compromised. But this is a good tool. Just a check to see if, in fact the password has been compromised. If it's been compromised, then you will see the results over here, and then you would know for sure that Hey, I need to change my password. A sap. So the good news about this particular tool is that you don't have to keep coming in here every day or every week or every month, just to see if, in fact, your password your email has been compromised. There was a tool right here, which is the notifying me so I can go to the defendant's Find me simply had your email address, very afraid that you're not a robot from the future or whatever. And then simply click on the five me off Vonage. You will receive an email that you would have to confirm your email address, and that's pretty much it. But again, this is a great, great, great great tool to use to just check to see if one of your passes have been called uncompromised If your images has been compromised and over here, by the way, they do have this very long, extensive list of companies that have bean porn and of being compromised. And it's a lot. It's a lot from Ah Doby, Teoh, other adult friend finder, obviously, and so many sites like It's not even funny. Like ALS. This sites have been compromised by a to least one data breach in the last few years. So really, really this carry. But hey, it is what it is. So that's it for the Have I been pawned tool? Thank fortune. I will see you in the next class 21. Facebook Security: All right, let's take a look at Facebook Security. How can we secure our Facebook account now? Obviously, if you don't have a Facebook account well, you can skip this video and move on to the next. But if you do have a Facebook account, I will encourage you to stick around. Says it is going through. Right now, I have looked into my Facebook account and I am in the sentence page and three main tabs in hither willing to take a look at when it comes to secure to the first stab is going to be security and log in. And then we need to look at privacy. And finally, APS and the websites. So let's take a look at security and log in right now. Facebook has accurately Did you use that? I am in Medellin, Colombia, and it knows I'm logged in with my Windows PC and my Samsung galaxy s seven edge as well. They can click in here to see more, and basically you can see that. Yes, Well, Facebook knows exactly where I am from Lagos, Nigeria, to Thailand, to Argentina. It knows exactly where I've been this last few months. Okay, Well, schooled way down here and let's take a look at something more important. And that is the two factor authentication but talked about this earlier. Now what this does is if Facebook recognizes or sees that you're trying to log in or some restraint, log into your account from an unusual device. Then physical will prompt the two factor authentication our security method. So to set this up, it's pretty easy. Let's go to edit and inform here. Basically, we don't see get started. Okay, so let's click on Get Started and our in here you have the ability to choose either a nothing authentication app, or you can go with a text message, all the sent to your phone. Now I'm going to go with the authentication app just for the purposes off this video, I'm going to click on next, and basically what this does is you will have to use your authenticator app on your phone. Either duo or Google authenticator, which I talked about Elia and then once that's own basically will just scan this code and they almost have done. You click on next, and basically a cold will be sent to your phone, which which you then have to add. You click on next, and that's basically you setting up the two factor authentication on your Facebook account . Pretty straightforward, and it's something that would include you to do. Let's go back. I am just cool all the way down here now. You also have this day known as authorized Loggins Review a list of devices where you won't have to use a log in code. I would encourage you just to take a peek at that and see end. Hopefully, you won't recognize that you want our CNN devices that you don't recognize there have authorized Logan's to your account and then, under the setting up extra security, all the encourage you to turn this on. So you get alerts about only recognized log ends, seeing click on edit and and basically in here, you can choose to get your notifications and then off course, getting provisions on messenger and then email as well. So if anyone tries to log in into your account and Facebook doesn't recognize that Logan attempt, Facebook can send you a notification. So this is a good way to you. Keep track of anyone trying to hack into your account. All Helly, encourage utahn these on. All right, let's go back in here and let's get go to privacy. Now, this is very subjective. Okay, a lot will depend on just how open or how public you want to be with your Facebook account . Keep in mind that there are lots of weird people on the Internet. And if animal is trying to hack you or heck, accompany your business, social media is one of the ways how they can do so. So the more ply Vic you are with your social media accounts, the better and the more secure you would be so right in here you can see my own settings. Who can see your future posts, is just friends of mine and then in here. Who can send you friend requests? Of course. Friends of friends I think that's Onley are normal. Who can see your friends list? Only me. No one else can see defense I have on Facebook And then who can look up? You can look you up using the email address you provided friends of mine who can look. He appears in the film number. You provided friends basically and then Finally, Do you want search engines outside of Facebook to lynch a profile? No. So these are my own settings for privacy, but again, it's quite subjective. A lot depends on you as an individual, but it once again keep in mind that the more private you are, the more secure you're going to be. And finally, let's take a look at APS and websites, and this is extremely important and yet always overlooked by most people you see in here. Right now, these are the full websites that have currently looked into using my Facebook account. Normally, I don't do this. I only did this just to demonstrate to you what it would look like if you actually used your accounts to log into anyone off this actual sites. So you know, right now you can see I've got for Pinter's of Spotify of go for WordPress. And I've also got for gold dot com, my favorite football or soccer website, as they call it in the United States. Now the good thing is, I can actually view and edit. So, as an example, let's take a look at Pinteresque I'm going to view and edit, and now, in here. It's SEZs. Their access is active. Pencils can request in for you. Choose to share with it now. These here right here is the information I am sharing with interests. My friends list Birthday page likes email address and then who can see using this applicator? OK, it's only me certifications. Yes. Now here's the thin right. The real danger in this kind of situation is that if my Facebook account gets hacked well, guess what? The hacker can gain access to my Pinterest account and vice versa as well if my Pinterest account gets hacked because I have I have lived my Facebook account with pencil vest. The hacker frump interests can get access into my Facebook account. It always how they can do that. So the more active, perhaps, and lips is that you have in here. The more vulnerable you're going to be sold encourage you to take a look at the active APS and website that you have in here and remove everyone that you deem may not be absolutely necessary. If I scroll down in here, we've also got the preferences for absolute seven games. These setting controls your ability to interact with APS websites and games both on and off phrasebook. It's turned on. But if you're not someone who uses APS or games on Facebook, you can tone, it turns off if you if you wanted to, it's not really all that are important. Let me go back up here and let's take a look at also expired. By the way, these means these are size that I no longer when I says I no longer have access to my ah, physical account. It's either Maybe because I little my account in there or something else happened. And yes, you can see I do have some data naps in here like Bad do and Bumble. What can I say? I'm single. I'm searching. So let me beat All right? So again, it will be a very good idea for you to just take a look at all the active abs and rep says that you have logged into using a Facebook account and then minimize the number of them. The less APS and what's that you have active in here? The better for you. So those are the three main top security tips I can provide you for our security. Your freeze book account. Thank you for watching. I will see you in the next class. 22. Securing your Twitter Account: So let's take a look at the next big social media platform. And that, of course, is Twitter. Now, personally, I don't use Twitter anymore. I used to use treat our many years ago, but I kind of lost interest, and I'm now more a LinkedIn and Facebook person. But if you're watching this, the chances are you might be active on Twitter. So let me show you how you can secure your Twitter account. I'm over here on my home page. I'm gonna come down here to the more tab. And then, of course, I'm gonna go over to settings and privacy. The very first time in here is the account tab. And of course, you have access to password. But you can change your coin password if you want to. But now, over here, where you have security very, very, very important. You do have the two factor authentication, so please go ahead and enable one off. This three of really talked about, in fact, authentications wise, very, very important. Sir, please ensure that you have at least one of these three enabled. But even more importantly, you do have access to the password reset. Protect setting, please check this box. What's gonna happen is that, of course, you will have to add your password save and all that. But the idea behind this particular setting is that before a passage reset link can be sent to your email account, you'll be actually verify additional information. And in here it says if you have a phone number on your account, you will be asked to verify that phone number before you can request a passage we set. The reason why this is very, very important is that if a hacker was able to get access to your email account and then they try to log into your Twitter account and they discovered that Oh, you're using a different password for Twitter, right? What they can do is they can go to Twitter and request for a password reset. Without this enabled, Twitter will just simply send the passage reset link to your inbox. And because the hacker has access to your inbox, they'll receive the email that will get the link, and then they always at the password without you knowing. So this prevents such a scenario like that from happening, so please enable the additional password protection tab. Okay, let's go back. Now. Down here, you have the apse and sessions tap very, very important as well. In here, you have the apse. Please make sure that if you do have any thought, petty APS connected your Twitter account. These are abs that you trust, but I would always recommend that if you can avoid connecting any third party app, see any of your social media accounts Please do so. Avoid connecting any third party as because the more APS you connect to your accounts, the more vulnerable you become. So please be very, very careful about that. And of course, sessions. If you come in here right now and you discover that you have active sessions in other physical locations, Vega not please log out from all those sessions. You should only have one active session, and that's where you are currently located. All right, let's go back. And that's pretty much it for the accounts tab. Now you have privacy and safety also important on the tweets. You have to protect your tweets set in, so basically you can enable it so that only people that fully you Ah, we'll be able to see your tweets that will to see what you're tweeting about. It helps with privacy. And if you're someone who values your privacy, you might want to check that box. But of course, if you're somebody who needs to have their tweets shown to even strangers, then you don't need to check that box. And, of course, your good location information again. If a regular person you value privacy enable, please make sure that this box isn't checked because if you check this box that will then add location information to your tweets. But on the other hand, of course, if you if it's important that people know where you are, way you're treating form off course, make sure that this box is checked. That's pretty much it. Of course, you do have additional sentence in here, like where you can disable receiving messages from anyone stuff like that. These off course are all related to personal privacy and safety. So please do take some time to go over all this additional settings and make sure that whatever is said in here is something that you're comfortable with. So that's it for Twitter Security. Thank you for watching. I will see you in the next class 23. LinkedIn Security: Let's not talk about Lyndon security and how you can secure your account on a link thin. So there's quite a lot to do here, so let's get started right now. You can see that I am logged in to my LinkedIn account. So the first I'm going to do here is I'm gonna go straight to the ME tab right here and then simply click on settings and privacy. So for me, right now, I'm gonna click on account, and the first thing you want to do here is check the number of email addresses linked with your linked in account. Right now, mine is to email addresses. My official Alex, Adam, uncle and a common of course, my personal Gmail account as well. If you have any additional email addresses in here, you might want to reconsider having them blinged with your linked in account only keep development email addresses. Just go ahead and close this. All right. Now, you could decide to add a phone number should in case you're having issues logging in. But I I don't do that. But what's really important here is the Were your signed in. This is a great way to verify if anyone is actually looked into your linked in account. You don't know off right now. I do have one active session, and that's because, Well, I am currently locked into Lincoln. And yes, I am in Colombia and everything is as it should be. So it's nice to just take a little peek in here and just to see what's going to make sure you don't have any nasty surprises waiting for you in here. But here is the big one, right? Two step verification. Now I turn this off just to show you how he could turn this on. I always have his own, by the way. So let's do this like I'm gonna go ahead. Now, I'm gonna click in here, and I'm gonna go ahead now and turn on two step verification. And there's two ways you can either receive an SMS text message or you can go with the authenticator app. Now we got in the authenticator app. I use the Google authenticator awful enjoyed. There's some other ones you can use, like off the au th why you could use last pass and so on. But I like the Google authenticator the most It's very, very easy to use. Simply install the app on your phone long the app and then in here. I'm just gonna go ahead now and click. Continue to do this and I will have to add my pass would. So I'm gonna go ahead now and hit. Done. Okay. So right now you can see the instructions in here. You can also go with the Microsoft authenticate. Oh, right now you cannot see me, but I do have Is the the Google authenticate ole app running on my phone right now? I wish I could show you this, but basically, the way this works here is once you're on the app on your phone, you will be able to click on a link that say's us can a barcode. And then what you something need to do is you need to point the camera at the bar code right there. We have just done. And once you do that, you would receive a six digit code, which I have just gotten. So I'm gonna go ahead now and add the colleges three for 5733 and just eat. Continue. And that's basically it. So any time I tried looking into my linguine icon form in you device to a new location. Lyndon will ask for a code to be provided by me in addition to my user name and password before coming. Granted access. So you really want to do this? Make sure you have the two factor authentication turned on for your LinkedIn account. Okay, that's it for a countless jump now to privacy. So what's going on in here? There isn't that much to change in here. You may want you click on your edit profile. Just take a look in here and see what's available for people who are not looked in to LinkedIn. Most people can see my company's my about history and a few activities and things like that . So I'm perfectly fine with this. I don't have any issues within the one get. It is much information from me who isn't looked into LinkedIn but know that you do have the option of common in here and hide in setting aspects of your profile from those who are not are locked in blood to move on. I'm gonna go back. Conclusion all of this just close. The google authenticate. Oh, Let's go back to the me tab. Lets go to settings and privacy. And now let's go over to ads now, in here. If you don't want to receive advertisements from LinkedIn, then I would highly encourage you to turn all these off insets on websites you visited. Adds beyond LinkedIn, propelled it for personalization and then interest categories. On the other hand, if you're currently using LinkedIn to search for a job, then you might want to keep these turned on. But in a situation where you're not actively looking for jobs on LinkedIn and you don't want to receive ads, I will strongly recommend it coming here. And you turn all these four off. There is really no need for you to keep them on. Let's go over to communications as well. And oh, I'm sorry. Not communications. I mean network. Let's go back in here. So what I'm gonna do is I'm gonna click on my network. All right? Now, in here, I'm going to click on the connections idea, click on all my connections. Okay. And then over here, you should see manage, sink and imported contacts clicking there. What you want to do here is you wanna make sure that LinkedIn isn't currently monitoring your contacts the very first time you quitted Arlington account. It's possible that Linda knacks due to sink your account with your contacts list e them social media, your phone or something like that. You don't want to do that anymore. You don't want London to be keeping track of all your contacts. Basically, if you have any imported contacts in here, you will see them. You can simply go ahead and remove all your imported contacts. Keep in mind that removing them from this particular page will not disconnect you from them on LinkedIn. You're not gonna lose your connection tooth and simply remove them from your imported contacts. Also, you can clicking it to manage your contacts sink in right now, I can't really show you much because I don't have any ABSA currently sinking with my London account. That's why you don't really see all that much in here. But if ling then if your linked in account is currently sinking with any third party applications, you will see them in here. What you want to do is to simply go ahead and remove every single application currently sinking with your linked in account. There is no need for linking to be sinking or monitoring your contacts. There's absolutely no need for that. So that's basically it full linked in. One more thing to mention before I around this up. Is that just like with Facebook? You wanna be careful with what you publish on Lincoln? Linguine isn't exactly phase book in its popularity, but it's still a social media site. And Lyndon Wilshere your content if you currently employed and you step posting about you know how you're looking for a new job or things like that that could seriously backfire on you. So you want to be very, very careful about the candid information you post on LinkedIn. Keep in mind that even though let's say you accept invitations only from people that you know and things like that, it's still on. Lengthen your contacts or your coins connections. Solingen. They can share your data with other people as well. So be careful with the candidate emission. You post on LinkedIn. Be smart. So that's it for LinkedIn. Security. Thank you for watching. I will see you in the next class 24. Social Media Ethics: all right, Welcome back. Hope you enjoy the course. And now we won't talk about something very, very important. And that's going to be our social media ethics. What exactly do you do or what do you post when you are on social media? Now? Obviously, if you don't have any social media accounts, then this is not going to be for you. But if you do have a least one social media account and you're quite active, then you might want to listen to this. Now, over here, I do have a cold from Chris Better, who is also a teacher, like I am. And he said, In the future, which is actually now, your digital footprint will carry more weight than anything you might include in your resume. This is all footprint. He's specifically referring to the things that you posed about on the Internet, your comments, your questions, things like that. Now, when it comes to social media, specifically Twitter and Facebook, a lot of people have opinions about anything, whether it's on religion, politics, social topics and so on. And a lot of people are not shy about sharing their opinions about setting kinds of controversial subjects. Now let me say that one I'm about to say is very, very subjective. I'm not in any way saying that this is the absolute, like way to go about Finns. It's open to debate, but think of this more as an advice, me advising you on how best to go about posting things on social media. To a certain extent, I believe that you do have to send so some of the things you post about all some of the things you want to comment on. Take, for example, the issue off, Let's say pull life or poor choice. There are people out there who up for life that people out there who are poor choice. Now let's say, for example, you were poor life, all right? And you got about insurgent media talking about how you know babies deserve the rights to live, and abortions should be banned and so on. And then somewhere along the line in the Futural, something happens. I'm just making this up, of course, but something happens. And a company that deals in contraceptives somehow wants to have kind of like a partnership with you all is in one way or the other connected to you if they discovered that. Hey, wait a minute. This person is very vocal about he's or support for pro life. What's going on here? This is a bad fit. We can walk with you. That's exactly what's gonna happen. But it's not just about polite, a poor choice. It could be about religion. LG Becue TV fights or Donald Trump humble whatever. I want to recommend that when it comes to very controversial subjects like this, you might not want to post about them on social media. It's far better for you to have a conversation one on one with people whom you whom might disagree with you. I think it's a lot healthier that way because the thing is then about debating and arguing on the Internet is that it is impossible to tell the state of mind off the person that you are arguing with you might. That's it. For example, the person asks you a question like Okay, why do you believe in this? The president may be typing very calmly and might be genuinely curious. Okay, why do you believe in this? You might interpret the question like he is saying, Oh, she's saying in this way, Why did you believe in this? You know, like something like that, you know, like it's impossible to tell the emotions that is going through the person that you're debating with on the Internet. And this is exactly why. By default, most of us will interpret their questions of their comments in a very hostile manner. And before you know what's happening, the debate or the argument becomes becomes toxic. People start abusing themselves. And before I know what's happening, you leave frustrated and to cap it off, you're not gonna change the opinion of the person you're organ with. They're not going to change your opinion, and you're certainly not gonna change your opinion either. So at the end of the day, it's all for nothing. Negative energy, you know. So what is the point? It's far better to actually have such debates with people want and want about it you can actually see and talk with again. I would recommend that when it comes to very controversial subjects, probably you're better off keeping them to yourself. All right now, even if your social media let's if example on Facebook, you only accept friend requests from people that you know. Not all your friends or your relatives will share the exact sample opinion as you end. Ideally, you don't really wanna have friends. And you want a city where all your friends and only family members agree with you all the time. You know, it's always nice to have a different opinion. Have someone have a different opinion on something kinds of subjects. But in the past, I have actually fallen out with two friends of mine because we had different beliefs are set in subjects which I won't go into. So really, at the end of the day, it's it's not worth it. You're far better off keeping such opinions to yourself. And then if you're at a gathering or you meet someone and you start talking and you realize that this business okay, this person is called the specials Levelheaded, I can actually have a debate with this person and by omens, you can have the composition, but on social media, you're better off knots, exposing your opinions on very controversial subjects. Now, on Instagram, I have post pictures of my travels people in a place I've been to because I don't care about anyone from anywhere seeing pictures of me in Thailand of Brazil, that's not important. But on Facebook, you're never going to see me posting about controversial subjects on Facebook. Once the one I might make a comment about something in general that I have noticed maybe say, for example, the relationships between men and women nowadays or, you know, something a bit less controversial. Uh, but I'm never gonna be making comments about Donald Trump or what it will have. You know, I'm not going to do that. So again, all I'm saying here is very, very subjective. You might not believe in what I'm saying. You might say, No, I'm not gonna censor myself that be open and let the whole world know what I believe. And I've got nothingto white, okay? By only And see if that's what you believe in. My omens keep doing what you're doing, but realize that your digital footprint can have consequences now or even in the future. That's one thing that you cannot deny. All right. So I don't know what you think about this and more than open to have in the bay to a conversation with you. If you. If you have a different opinion or you disagree with me, I'll be more than happy to listen to you. So feel free to make a comment or contact me and just tell me what you believe on this subject off social media ethics. So that's a thank you for watching. And of course I will see you in the next class. 25. Phishing: Okay, let's talk about an extremely important Orpik. And this is a topic off fission. Now there isn't. Why this is extremely important is because if you ever gonna get hacked by a hack Oh, it's summer criminal. The chances are it might be through fishing. So what exactly is this fishing? Well, it's basically the attempt made by a heck cattle pertain your sensitive data mostly passwords and user names by sending well crafted e mails to you while they impersonate either unknown person or a body. Okay, now, basically, these email that ill since you will contain a malicious link, which when you click on that link, it can either install malware directly on your computer. All it may be direct you to a fake website. Now here's an okay. That website that your own will appear to be legitimate and will resemble the actual website off the company the hacker is Impersonating. So if the hackers pretending to be from your bank, let's at Bank of America, for example, he or she would create a website and looks just exactly like the logon page for Bank of America. And then when you click on that link that they've sent you in the email, it will take you to their own website. And then when you log in, your credentials have been recorded and then will be sent to the hacker. That's exactly how these actually works now to better explain to you the whole concept of fishing. You need to understand that it basically relies on three main factors. First of all, your Navy T. A lot of people don't know about fishing to get militias links in the emails that click on them. They don't know what's going on. Second is curiosity. You may receive some kind of email urging you to click on something. Maybe someone's been interpreted to be a friend and send you an email saying, Hey, click here to view the pictures we to last month So you'd be curious, like what? What pictures are you talking about? And then you click on the link and then fear fear is the biggest factor off them, or they're going to see lots of this in the examples. I'm going to show you now what you're seeing right here are really fishing examples that I found on the Internet, mostly from pay power now take a look at this. Okay, this person cold Jennifer guy. I got this email from Pei Pao that Hey, you account a suspended ah, Logan's your account and habitual billing and payment information. And right there, you can see the big blue button saying, Look in now now imagine if Jonathan doesn't know anything about fishing. It's a Monday morning. He's just going into his office. And then he gets his email from people saying he's account has been suspended. Fear, panic. He's like, Oh, what's going on? No, no, no, Don't suspend my account. You know, I need to do some things and then he clicks on the blue Bolton, and then he gets infected. Take a closer look, though, at the reply to you at the email address that sent these actual warning. It's called limitations. Pay Powell's team in full at Jim Extra com That is fake right there. You can tell that this is a fake email address. There is no searching religious on people, which has pay pals in it. It's fake. Here's a second example again from PayPal. Again, the whole fear factor. Your account has been suspended with temporarily suspended your PayPal account due to some issues in the automatic verification process. And then right there you can see that big blue button that stays on look account again. It's all about fear. And here is another example again saying we couldn't verify your recent transaction. You consider variants. It's not always about if year it's not always about the hack out wanting you that Hey, we're gonna shut down your account. We're gonna suspend your account here, kind of suspended. It could be something different, like a We couldn't very far your wizard transaction or hey, we notice that you've just added a new email address your account. Click here to very far, you know, stuff like that. But again, take a look at the email addressed that send this particular warning Papal dash service dash service at notification that account support dash suspicious blood all over again. That's highly, highly dubious. People will never send you emails like this. Now it's not just PayPal that they hack us treasure in person. They tried to impersonate companies like Facebook, Twitter, Microsoft, your bank, you name it. Now here is one from a hacker claiming to be from YouTube. This is a real phishing email I got just a few weeks ago and you can see right here the hackers claiming to be from YouTube essays. Hello. We've received a complaint that your channel has lots of spam videos, but you don't have to worry. Please check and edit this parent videos we have marked by clicking on the link below. Otherwise, if you don't edit span videos and your channel, your child will close in 24 hours. Thank you for your patience in this process. Wow. When I got this email, I just laughed because I knew right there that, uh, Fisher's you're not gonna get me now. I'm very happy actually got this imam, because now it can demonstrate to you two ways how you can tell whether an email is actually legit or it's fake. First of all, let's go to the from it says Y t support what? UKIP support. But if I hover my mouse on that link right there, you can see the actual email address YouTube, that controller for mail dot Are you right there? That tells me that this is a a fake email address. Any legit intelligence is from YouTube, will be something like support at YouTube. Com. Our contact at YouTube com Copyright at YouTube. Com. You're never gonna find something like YouTube that controller for male that are you. That is fake. Second, take a look at this, all right, on the big board here that says Click for details, I'm gonna hover on the button. I'll take a look at the bottom off my screen right there. That is the U. R L. And it's been shortened, You can tell has been shooting because you can see tiny dot cc. If you're going to get a really link from YouTube or any other littered company there would not shot in the links. You would actually see where that link is taking you to. But because this is from a fake hacker over about a hacker claiming to be from YouTube, they're Schatten. Do you are L? That's where you can see It's a is tiny dot cc four slash WP seven z y C Z. So these are two ways how you can tell whether or not an email is legit or it's a phishing email. So keep in mind that it's not just from PayPal, your bank. It could be from Microsoft. It could be from YouTube. It could be from Amazon. The bottom line here is this. Always be suspicious whenever you receive on solicited E mills like this warning you that your account will be suspended or telling you that Oh, they couldn't verify transaction clicker to very five If you're ever in doubt because let's face it, you can receive emails on PayPal. People might actually legitimately send you an email. So how can you be absolutely sure? Well, whenever you're in doubt, what you need to do is you need to go directly to the website. So basically, you open up a new tab or a new window and then go to pay pound or calm log in right there. And then if there is any issues, you will see it in your dashboard or your in books or something like that. That's exactly what you should do. Whenever you are in doubt, always treat every single email that you get like this suspiciously. Never click on the links directly. If you're ever in doubt, go directly to the website Logan and then check to see if, indeed, are you having any issues with your account. So that's it for fishing again. A very, very important topic because lots of people get fished every single day. If you have any questions about fishing, be more than happy to answer them. Be sure to reach out, to meet, Thank you for watching. And of course I will see you in the next class. 26. Email Data Management: I want to give you a few quick tips on how best to protect yourself should in case your email account gets hacked. Now we've talked about Put on mill already. I told you that this is probably probably the best in hope of whether you can go for that will encrypt your messages, protect your privacy and basically ensure that your emails and never stolen by a heck up. However, if you right now are still using, let's say, for example, Gmail or Yahoo mail and so on. It is best that you make sure that moving Ford whenever you receive emails that contain very, very important file attachments, it is best that you download the attachments to your computer and then delete those attachments from the emails. Now here's the thing. Okay, General, unfortunately, will not allow you to delete those attachments without deleting that message itself. So what you can do is is okay. Right now you're looking at my Gmail accounts, and yes, I do have over 28,000. It's really urgently into on weird emails. But again, my Gmail account right now is I use it for just about everything. Right now it's a personal email of mine. But I never received, like, very, very important emails from my my Gmail account. I have my proton account for those, but basically what I want to show you here is how you can move in. Ford, secure your file attachments from emails, and then delete those attachments from your email account in here. I have set myself a test attachment. Navy, open up the email you can see in here. I do have the pdf file. So let's say, for example, this was you receiving a pdf document about your exam results or your medical records or something like that. Here is exactly what you can do. Okay, What you want to do here is you want to go ahead now and forward these email. Okay? Now, of course, you would want to download the attachment first, right down the Tuchman. First and name coming here forward. And you can afford the email to yourself. Or if you have any other email account out there, you can afford it over and stuff holding them to your proton account. If if you really have I knew I countries puts on mill and then from here. What you want to do is you want to scroll down Joe, you know, have the file the attachment and then simply go ahead now and then delete that attachment and they can simply go ahead now and send the file. Once that is done, you can then go back in here and then simply remove. Delete the first message completely. So this way challenges delete this message. So this way you still have the actual text from the email initially. And of course, this could be useful for future reference. So you still have the text of the email, but now also have the attachment safely stored on your computer. And in the future, should a hacker somehow gain access to your email account? All those see here from the email would be the message. But then the actual files themselves that would not be able to treat them so that have been said, If you also receive emails, I don't have any attachments. But then those emails have very, very important information. Of course, you want to make sure that you can be called a information, store it somewhere safe and then delete that email. The point here is if a hacker wants to somehow again access to your email account, there should not be any emails in there, which they can weed and then get some very, very useful or information about you. That's kind of like the whole point off this entire process. So I know this can be very annoying, very, very time consuming. But if you're really serious about protecting yourself, you might want to spend maybe a day just going through your email records. Make sure that all the important attachments have invalidated to a computer and then delete such incriminating emails. And then when it comes to stone e mails, I basically will recommend not to store emails that are more than a year old. If you have any emails that have that are modern a year old, it's very, very likely that you're not going to need such emails anymore. So you can also delete old emails from more than a year ago. Two years ago, things like that you can simply go ahead and lead such emails with the account is very likely you're not gonna need such emails any more, so that's it. If you quick tips on how to protect yourself should in case your email account gets pushed . Thank you for watching. I will see you in the next class. 27. Mobile Intro: Well, hello and welcome to this very special bonus section. But we'll be talking about mobile cybersecurity now. Obviously, we spend a lot of time using our mobile phones. We access i e mails, we go on social media, we do lots of things. So it goes without saying that it only makes sense that we talk about mobile cybersecurity as well. So first things first is you obviously want to make sure that you have some sort of a pin awful lock associated with your phone so that if anyone tries to access the phone, there will need to add or provide that code. First of all, as as an example. Right now, my phone has a fingerprint scanner, but also has a pin. So this is like the most basic security measure you can employ on your phone. But what I've done in this section is have added some videos from an actual course that I have that focuses specifically on mobile cybersecurity. So the lessons you're about to watch are taking from that course, and these lessons will cover APS. Basically what APS are the permissions and also how you can identify fake APS from will APS in their stores. The reason why I focused on absence because APS I like the lifeblood off any mobile device . Without APS, your phone is basically just a very ordinary phone, but it's with the APs that add functionality. But with the apse is will you also become more susceptible and more vulnerable to malware and hackers. So if you've taken my course on mobile cybersecurity, you can consider these lessons to be like every fresher. However, if this is your first time ever taken any sort, of course on mobile cybersecurity, I hope you find this particular section useful. So that's it. Let's get started. 28. How to Identify Legit Apps: okay, So I don't want to do in this video is to give you a few tips on how to successfully navigate the Google Place store and download the white kind of application. Now, it doesn't matter if you're an iPhone user, you can also make use off some off the steps. So let's get started. Now. It's going to see I am on the Google. Please stole. And yep, there are quite a few nice movies to buy. We've got some booksellers music and so on. All right, I want to do this, right. I'm gonna come in here right now, and I'm gonna type in Facebook. All right? Now, here's the thing about downloading very, very popular APS like Facebook. Be extremely careful that you're downloading Do right version off. That kind off application is a Facebook Now has lots off APS that have similar names. Like you've got the actual Facebook app right here. But then you've got Facebook. Let you've got Facebook, Creator. You've got moments by Facebook. Let's click on Seymour here. And there you go. You've got Facebook analytics. You've got F eight, which is I actually have no idea what this is. You've got Facebook local. My point here is be very, very careful. Whenever you're trying to download an app, that is, that is either the main application in this case, Facebook, all an app that has something to do with a men application. In other words, if you try and download Facebook, Messenger's an example. Be extremely careful because then you've got various types off messenger APS for phrasebook . If I wanted to infect users, I could come up with a very crafty named like Facebook lit Messenger or Facebook Fast Messenger or something like that. And a lot of people out there are not security conscious. They see Facebook. They see messenger to think Oh, yeah, this is Dwight application. I'm just gonna go ahead and download the application. Long idea. Bad move. Be extremely careful whenever you're trying to download either very popular abs like Facebook. What's up? All an app that has something to do with sort major applications. Be extremely careful. Now let's take a look at this Facebook local as an example. It's take a look at this. All right, All right. So from here, right now, you can see Okay, It's by a company called tin. It's for teens, whether it is by Facebook. OK, and it's got 9000 488 reviews. Okay, that's not bad. That's cool down here. All right, So this is where you can now begin to tell that, at least to a certain extent, this is a legit application because you do have negative reviews. Negative reviews isn't always a bad thing. It tells it, lets you know that there are people who have actually used this application. And it's not like the APP has so many good reviews and just very, extremely little negative reviews. If there's any app out there that has just five stars, five stars and five stars, and everyone says, Oh yeah, this is the best app ever. This app changed my life. You know, this app is the best and ever bubble bust a fiver. You want to be very, very careful about such applications that have nothing both great reviews. That's often Ah, big, big red flag. All right, so we can see some of the reviews here. Our thought Wow, I hope. I think he's related to the main four guy and he says, Wow, what a let down. Here's an idea. Facebook. If you're going to migrate the event filtering features of what may now have a blob. Okay, well, you can read some of these reviews and get like a general idea of whether or not the app is for you. Typically, you want to focus on the two star reviews or three star reviews. Those tend to be a bit more constructive than either the one Star Review or the 45 star reviews. Okay, all right, let's just move on. I'm gonna come in here right now and type in our updates. Okay? Now here is the night. I do not under any circumstance download any kind of app that has updates in its title. Please don't. I'm not saying that every app out there that has updated its title is is a bad app. Know they'll let it after this, but the chances off them been good APs actually kind of on the low side. In my humble opinion, let's take a look at these updates checker by me Hasker. Let's let's take a look at this and that's what this is. Updates checker free. Okay, let's see. All right, so it's a XYZ update check allows you to check all the applications for updates on Google Place store, regardless, even if it was installed directly from play store, just downloaded from the internet. Okay, look, the reason why I discourage APS like this description from he's an absolute This is because if you do have the app on your phone installed ideally, you should already said that App to download updates whenever such updates are available. You don't need another application to tell you that. Oh, there is an object ready for your Facebook apple. There's an obituary for your what's up app. You don't need these kinds of applications. If you perform your own due diligence, you're not gonna need APS like this. Now, one of the important shit whenever you're trying to verify whether or not an app is legit, is to check the awful off that app. And this goes right now, the author here is Baha Scott. I'm gonna click on me. How, Scott and check that out, Man Tasca has created just one single application. This is another red flag again. I'm not saying that this app is a bad application. I'm just saying it becomes more suspicious when the author of it. But glad APP has only that app. Veg Instead, that is kind of a little bit suspicious, all of a less suspicious. If me Hasker already had like 10 15 20 author Kenseth, APS, that's that's typically a good sign. So me, Haskin, this guy's right now only has one application, so that's kind of like a red flag right there. Blood school down and let's see someone to reviews. Okay, it's not working. It's not working a mobile. Nicholas a Ximen AB junkie although I don't keep any bat ones installed, is one from the G Ah, blah, blah, blah, blah. OK, well, I don't kind of make sense of that of that review. Got school down here? Great concept. Poor execution always crashing the crash report. It's an absolutely good app. Let's cool down some more. Let's see what else we have here. Ah, worth less Okay, Absolutely belittle it needed So the reviews. A candle on and off. You've got lots of positive reviews, but you also have lots of negative reviews, so I would encourage you to spend some time to read the reviews for a particular kind of app. if you've got people complain about the app constantly crashing or collecting are lots of data or having like lots of commissions, you typically want to shy away from those kinds of applications. Be sure to check the author of the Abbey. If the that. If they author only has one apple Tuapse created that could be potentially a red flag. Now, also, one feeling to point out here is when your school old way down here, uh, let me hit back. So on the main page for the AB down in here, you can see the additional information Second, See, Right now it say's installs a 100,000 plus. Do not let this fool you there. People out there who believe that well, if an APP has hundreds of thousands of installs, that it must be a good application. No false, absolutely false. Some of them was successful. Bad applications have had Muay had over millions of installs. So do not let big numbers like this fool you. On the other hand, if a particular hap has very small numbers off installation, maybe like 10 installs 100 installed, maybe even faster installs, that's also a very big, huge red flag. All right, so what I'm trying to say here is that be very suspicious off abs that have fewer than maybe 1000 installs. But then do not take it for granted that just because an app has lots of installs, then it must be Ah, good app. Do not think that way. So another thing here is the developer as well. There is no real address here. It say's Ah, silica 23 Riga, Latvia. Okay, well, this looks like an actual address. I don't know if this is a genuine address to verify. You might want to look this up and see if this address actually exists. One huge red flag is when the author of an APP doesn't have a real address. That's typically like a like a big, big fungal if they don't have an email or they have a very are weird, kind off email address. And to be honest, this is kind of weird to Q exchange me Hasker at gmail dot com. Okay, well, I guess I I don't know. This looks a little iffy, but, hey, you know, I don't know. So this is just a few things to take note of whenever you're trying to download. Ah, an app from the play store. Maybe even from the apple app store. Be very, very careful. I'm just take one more. Look, Let's go to YouTube. Of course. A very, very popular are kind of application. YouTube. Okay, this come in here and just typing YouTube in our search bar, and that's what we have. All right to take a look at this. You've got lots and lots of different visions of YouTube. You got YouTube, The real YouTube. You've got YouTube for enjoyed. You've got YouTube, Google to go YouTube kids. Ah, YouTube studio. Now, I wanted to point out that you see this green check mark at the bottom right here. That does not mean that it's a very fired apple. And if like that, it just means that my advice that I have attached to my computer already has the app running on the phone. So you can tell. I know that on my android phone I do have the YouTube app. I have a studio and also have you to music as well. So again, you can see all different kinds of funny, strange looking APS You've got the free music for YouTube music player Free music for you to player again. Be extremely careful. Whenever you're trying to download APS like this that have some sort of association with the main app which is YouTube. Just because they've got a YouTube in the title does not mean that it's a real kind off application. Alright, well, those are pretty much my main sips and one other thing again the details like if you go to the main page for a nap when you school down here and you would like the additional information If you see lots of spelling errors, that's typically another huge red sign that Hey, this is a bad application. If the local looks kind of blood, that's on the low quit flag. And now in here, you can check this out. You see, Developer, visit website, if they've got the website in this case right now and they've got a real address again till this is a real address right here. And of course, this is Well, I think this is by by Google, I believe uh, yeah, OK, yeah. So it is by Google. Elsie. Okay, so obviously this is a real legit application, but typically again for the developer. You want to see a real address, everyone Physical address are really kind of email address as well and, if possible, a website. All right, These are things that you typically take note off whenever you're trying to verify the authenticity off a particular app or the author off that particular application. So those are my few general tips full stains save while trying to download an app from the Google play story that any questions about this to let me know. Thank you for watching and I will see you the next class. 29. Checking Default Android App Permissions: All right, So I want to show you this video is how you can check for the cans of permissions that your APS have access to. So I'm over here on my enjoyed. I'm gonna click on the settings button and I'm gonna come over here to where we have the apse default APS, app commissions. I'm gonna click in there and all right, So what I'm gonna do is, let's say, for example, I wanted to check the commission's That's let's see. Let's see the tens of commissions that INSTAGRAM has access to. I'm gonna click on Instagram, All right? No school down here and now you can see you have the commission's sections. I'm gonna click in there so you can see right now that Instagram has access to my contacts , my location and my story, which kind of makes sense. At least it doesn't have access to my tools or things like that. So this makes sense because instagram is a social media platforms of social media app. So it's only natural that it should have access to my contacts and the location. I'm actually surprised that it doesn't have access to my camera, but a I can give it access. If I wanted to buy turning that on, Let's hit back. Let's check out another application. I lives go over to reptile. Alright, reptile. That's what Reptile has access to school down here. So until is basically the airport used for making international calls. So naturally it has access to my contacts. Okay, my location, my microphone and my telephone, which makes perfect sense. So again, you can see there is nothing unusual with the kinds of permissions that this particular app has access to. Now I could recommend that you install one particular kind of app and this app is called the A sport cat app. This app can allow you to properly and effectively minus two cans of permissions that your APs have access to. So if I open the app right now, all right, so right now you can see right now that I can least out by permission, I can least aspect bookmarks, or I could just lift my APS in alphabetical order. So basically, this is an app that allows me to properly and quickly and effectively manage the cancer permissions that maps have access to. So if I click on the very 1st 1 here that stays least APS by permissions up. Sorry for me back at least Outback Commission in here right now, you can see all the available kinds off applications of permissions that APS can have access to. They can have access to body sensors. They can have access to the calendar, camera contacts and so on. So if I wanted to check reach off my applications have access to my calendar, I can click on calendar right now. You can see a good three APS that have access to the count out my Bank of America app, my Facebook messenger app. And also my smarts. Which app? Which is? It makes sense. Okay, let's go down here. Let's take a look at location. Look at that. Lots of different APS have access in a location, body weights, Bank of America. Smart view. I might need to tweak one of two things in here. I don't see any reason why blunder weights should have existed on locations. Allow have to disable that leads up, but you can see right now this is an excellent app, really full managing the cans of commissions that your abs have access to. So if you just want to very quickly see the kinds of permissions that your abs have access to all the commended to install the are a sport cat app that does click outside and before I go to show you, one more setting will quickly if I go back to my citizens and I go over to say I have my AB stiff elapsed permissions. Now you can see there three buttons in here, which is kind of like the gay book settings button. I'm gonna click in there and I'm gonna click on special access. Nothing special access. I'm gonna come all the way down here to weigh I've got the install on noon APS click in there Now, remember that by default, android will prevent you from a stolen APS from thought party sites in here right now, these are all the APS that have bean disallowed from being able to install applications on my phone. So, in other words, if I got a link via micro app and that link wants to download some sort of application, my phone will not alive because it's under the crew. Map is on the list of APS that have been banned from installing our third party applications. So if for some old strange reason you wanted to allow let's say links from Facebook to be able to download and install what have that APS that the Facebook link I provide? You can go to Facebook right here and then simply just turned this on. But right now, you consider Mr They're saying your phone and personal data are more vulnerable to attack by own APS by insulin. APS From this source you agree that you're responsible for any damage to your phone all loss of data that result from their use. So again enjoyed doing their business. College you from downloading applications from foot party sites on Lee download applications directly from the Google play store. So in any case, I'm gonna go ahead now and Tony so because I don't want to get into trouble. So ideally, please check your special access and take note off all the apse in here that I've been prevented from being in between stall on known applications. All right, so that is that. Think of watching the video. If you have any questions about the AFP permissions or anything I've done in here, do let me know. I will see in the next class 30. How to Check for App Permissions IOS: All right. So how do you check for app Permissions on an iPhone? I am using the knife on 10 hour. Here is an example. So what you want to do is want to go to your settings, right? And then you scroll down, look for the tab that says privacy. You can click on privacy. And now in here these are basically the kinds off promotions that can be granted to any kind of app. So it's an example what APS have access to my calendars and click on Calendar is and well, there you go. I don't have any app that has access to my calendars, which is okay, I guess. Let's see under contact. So in the context of Got the Messenger, a book deadline app and also have a banking app that has access to my contacts, which is fine. Let's see. Camera. Okay, Class dough, Joe Snow Facebook. Slack Line Again. These are all natural after should have access to my camera. So this has been much how you can check which kinds of APS have access to certain kinds of tools on your phone. Now it's very easy to disable If, for example, you wanted to prevent Facebook for American access to have to your microphone on the microphone. Just turn it off right there. And Facebook will no longer have access to your microphone. So it's very easy to disable permissions on your iPhone. Now. One other thing honor to show you is if you go to general under your settings and you school old way down, you will see reset. You can click on the set, and now in here you have the option off resets in all your settings, but you can also research location and privacy. So if for some reason you feel like you've installed that synapse that have access to things that they shouldn't, you can tap the reason, location and privacy. Botton and your iPhone will simply reset all after not have access to your location or privacy anymore. Keep in mind that, just like with the onto its setting up, so not function until you provide them with the necessary are kinds of commissions. But that's exactly how you can check for permissions on your iPhone. Thank you for watching. I will see you in the next class 31. Understanding App Permissions: So let's talk about a very important topic here, and that would be up permissions. The Kansas permissions of applications demand whenever you install them on your phone now. One thing you need to keep in mind is that every application would always declare its permissions whenever you choose to install that particle are kind of application. Now this permissions are meant to be features or tools that the APP needs in another function properly. Now, such commissions could include things like access to your address book, your ideal location, your camera. You could also add some absolute demand that they are able to send SMS on your behalf, and then you'll have also got some abstract require or demand access to your system tools. So these are just examples of the cancer permissions that APS can request. For now. On. Droid in particular, would always force applications to declare these permissions that they require whenever you choose to install them. So this way, Andrew treads to protect its users by letting them know the kinds of permissions will be granted to applications. Should they choose to accept the permissions, those APS our demand. Now I keep using the word demand because it's basically a take it or leave it can installation. If an AB say's look, I need access to your address book, and I also need access to a camera. You as these they cannot say. Well, I don't want you to have access to my camera, but I'm still going to install you anyway. No, most applications will not function that will not even install if you choose not to accept the permissions that they require. So it's basically a Either you accept the permissions that this app demands you install it or you just simply say, you know what? I would just look for another app that doesn't require the same kind of permissions that you require. All right. So permissions must always match the objectives off the application. This is one way how you can sport an app that could be fake. What I'm going to say here is this okay. Lets it, for example, you installed the Facebook application on your phone on Facebook is a social media platform by the AP. Assesses with me the app. So naturally, if this app required access to your videos, your pictures, your address book, then yeah, you would say, OK, it kind of matches because it's all about social media. So yeah, it's only natural. The apple require access to my media library, pictures, my videos and so on. But then, if you installed, let's say an application that was meant to help you download videos from, let's say, YouTube and for some reason these APP wants permission to able to send SMS messages on your behalf. Then you know something is wrong that you know. Okay, why would an app that's supposed to help may download videos from YouTube require access to my text messages? That seems kind of odd. So this is one way how you can potentially particular from downloading and installing. Imagine APP. The permissions requested by the most always matched the core objectives off the application in the first place. Now, also, new permissions prevent automatic updates. When I'm going to see here is that typically whenever you install an app on your phone, you can choose to have that app automatically update itself whenever a new orbit is available. But Android in particular, prevented APS from automatically updating themselves that now have new permissions added. The whole idea here is to protect you from an AB going vogue with new militias features. In other words, let's say you installed in application yesterday, and that application only required access your camera if a month from from today that APP had a new update. However, with that new update, if that app now required a new kind of permission and that permission to your address book as an example, Android will prevent that from automatically updating itself. So whenever you see an app that you've installed before, you've chosen to have the app automatically. Oh, but it itself. If that app refuses to update itself automatically, then you know it's because a new kind of permission has been added to the application so you can double check. It can go through the new permissions requested by the APP and then decide whether or not you want to update the app or just choose to go ahead and install a different kind of application. So some APs may continue to work after you've revoked their permissions. It's possible, but many appetite in the many app that I use. If you choose to revoke the default permission that they requested for, they will not function properly but attractive on those absolute terror that look, we need access to your camera. Click here to say yes. Click there to say no. If you say no, the app will not one. So most absolutely would not walk if you choose to evoke that for permissions, However, there is still some out there that could potentially work even after you revoked their default permissions. So how can you check the cans of commissions that your absentee vote installed in your phone have access to coming up? I'll show you how to check for these permissions. 32. You have Been Hacked: What do you do if you've bean hacked? How exactly? Will do respond. Now I know that you've taken every step to protect yourself from hackers and malware. But we can never be 100% safe from hackers and malware. It could happen. You could get hacked this battle. The percussions you've taken were human beings. You could make a mistake. I could make a mistake. So we're never are 100% safe from hackers and malware. So what had been said? How would you respond? In the worst case scenario, you've been hacked. What exactly would you do? How do you respond? Unfortunately, there is no one simple solution that will feet every kind of situation. How you respond will depend largely on first of all, what steps you took previously to protect yourself as an example. If you've use different passwords for your different accounts, you might be a lot safer than someone who used the exact same password for every single account. But also what exactly was hacked? How you would respond if your social media account was hacked will be different from how you would respond If it was your email account that got hacked. It's one thing for hackers to get access to a social media account and post pictures on pornography or some other stupid stuff. You can always go on social media and say, Hey, look, it wasn't me was hacked, but it's a whole different story of a hacker gained access into your email account. And it's not just about the hacker. Been able to read your emails. Remember them many times. You must have opened accounts on other websites before where you had to provide your email user name and then the password associated with that email. Now, even if you use a different password for such an account, remember that all the hacker would need to do to get access to that account will be for them to go to that website, simply provide the email, address your email address and then click on the link that say's I forgot my password. What would website do? Simple. There will send a reset link to the email account or that your email account. And because the hacker now has access to your email account, they can simply reset your password for that account on the website. So email I can't Bridges are extremely severe, and this is again why I would always recommend that for your email, there are two things you want to do. Have one particular email account for your most important emails. Never used that email account to open other accounting of the websites. And then, second, you wanna have an alternates email accounts associate ID with all your other email accounts . You can use that as like a fallback option should in case a hacker was able to get access to you know one of your email accounts. So without have been said, there are three things that you typically want to quickly act on when you get hacked. Remember that the most important thing is you have to respond quickly to limit the amount of damage a hacker can cause are to you. The first you want to do is if you have noticed any kind of rich, you might want to look into your bank's website and put a block on your credit card. Your debit card. It may not be that the hackers getting access your financial details, but always be safe, then be sorry. Now I put a block on your cards. If I could call your bank, tell them to look. I've been bridged up. In fact, I'm just putting a temporary block on my there. We got a critical until until I can figure out exactly what's going on. The second thing you want to do is you would want to contact your friends and your family members, whether it's through social media or giving them a call. Text messages. Just let them know that here, look, I've been hacked and you don't take this for granted because you don't know how the hack has would use your contacts to their advantage. What's there to stop them from contact in your mother or your friend? Or your blow the same. Hey, look, you know, it's Ah, it's Alex. I'm stuck here. I need some help. Could you quickly just wire me some money? Something like that? It could happen in the different ways how these kinds of things happen. Do not take that for granted. And third and final thing you want to do here is with their passwords is a different case. If you've been using a password manager, then you might not need to worry that much but in a situation we're you've created the own passwords and you've used the same password for multiple accounts you might want to go into those accounts. Is that changing the password? A sap can be very ever inconvenient, but again, it is better to be safe than to be sorry. Now, in situations where big companies get hacked, let's if example are PayPal. If people got hacked today, I can guarantee you that even if your account was compromised, they've got access to you. Email address your password. You're not going to be the only one, all right. It's probably gonna be if these hundreds of thousands, millions of other people, that's usually how this works. So the upside two big companies get in hacked that you have an account of it is that the hackers are going to get access to millions and millions of accounts so before them, and actually get to your account and start using your counties of advantage. It might take a while, but the point I'm trying to raise here is that being the news, be in the loop, OK, make sure you take every report about the company getting hacked seriously, especially Of course, if you have an account with that kind of company, if you saw it in the news, a certain line that hey, this company has been hacked. Obviously, what you want to do is you want to go to the website and then change your password. I haven't changed email address associated with that account, if you can to keep that, it might be in the loop. Watch the news, stay informed, and then last but not least, you may want to scan your computer for any form of malware. Might not be necessary. Put again, bear to be safe than to be sorry. Getting hacked can be tanking, Zooming convey very frustrating in. But remember that every step that you take to limit the damage that the hacker can cause on you, the safer and the better you will be. Do not take anything for granted. Act fast. Remember that the hacker having in access to your information has we could say a limited amount of time to act upon that information. So the quicker or the faster you're able to respond, the better our your own outcome would beat. So hopefully you're not going to get hacked, and it's it's really a very, very frustrating thing it when that happens. But hopefully you're never gonna get hacked. But if you do get hacked off course now you have some things that you can do to quickly limit the amount of damage the hack and calls on. You say they have any questions about this? Of course. Do let me know. Thank you for watching. I will see the next class. 33. Conclusion: already. So thank you so much. We've come to the end off this course on personal cybersecurity and from the bottom of my heart, I hope you've enjoyed taking this course. I hope you've learned a thing or two on how to protect yourself, protect your data and protect your privacy when using the Internet. Now, if you enjoyed the course pleased because they're living a written review for the course, it really does help me. And if there are other topics that you feel that maybe I should have talked about in this course and I didn't feel free to reach out to me. And I'm more than happy to consider your opinion and add additional content if it is necessary to do so. My name is Alex has been a pleasure teaching you this course on personal cybersecurity. And I wish you all the very best in your endeavors and stay safe on the Internet chairs