ONLINE SECURITY
Tibetans are often targets of sophisticated virus attacks with online spies trying to learn about various communications and activities. This endangers not just you but your entire network of contacts. Start changing your habits to keep yourself and people you know more secure.
Don’t be a phish!
What is Phishing? Phishing is a way scammers steal your personal information, like passwords or bank login details. Phishing can be targeted, or done on a mass scale, depending …
Don’t be a hoarder!
Do you ever clean out your digital closet the way you clean out the junk from your house? From the beginning of your journey online you have sent or received …
Do the 2-Step!
Have you ever feared your Facebook or email account might get hacked? Do you ever worry that you don’t have the knowledge to protect yourself online? The good news is …
HTTPS Keeps You Secret – Safe – Secure
If you see “HTTP” at the beginning of a website address, it means that everything you are doing online can be easily viewed and monitored. Whether you are emailing, chatting, …
Use HTTPS to Stay Safer Online
Choose services that use HTTPS to stay safer online. Get started by following these simple steps: When you browse the Internet, look at the address bar (where the website’s address …
Think Before You Click
Have you ever received a link via email, Facebook or Twitter with a message that says something like this: “Did you know this funny video of you is posted online?” …
Detach from Attachments
Why should I care? If you are someone who thinks “I have nothing to hide. Why should I be afraid?”, then think again. Many of these attacks are designed to …
Keep Your Enemies Out Of Your Inbox!
HTTPS and 2-Step Verification are two powerful tools for keeping your email safe from spying eyes. Make sure your email provider uses HTTPS always – not just when you sign …
What is Phishing?
Phishing is a way scammers steal your personal information, like passwords or bank login details. Phishing can be targeted or done on a mass scale, depending on the motive.
The scammer, disguised as a reputed organization (like Google or Citibank), sends an email and gets you to enter your personal info into a fake login page. In targeted attack, the attackers are disguised as individuals or group you may be affiliated with or would likely trust.
When to Suspect:
Urgency & Warnings:
Many of these scams are designed to manipulate the target’s emotions and fears. They use language that conveys a sense of urgency where victims are made to fear losing something important, or feel the temptation to gain something. Eg. “Your email has been accessed by a third party. Please login immediately & change your password.” or “I just transferred you $1,000.00. Please login and verify this transaction.”
Every Thief Leaves a Clue!
Look for spelling errors, bad grammar, or slightly altered logos. If anything in the email looks unusual or suspicious to you, your instincts may be right. Also, check the email address (banks never send emails from a Gmail or Yahoo domain). Hover your mouse over the link (but don’t click!) to see if the link will take you to a legitimate website.
Generic Greetings
Most common scams may not be personalized. Emails may be generic and addressed in general terms such as, “Dear valued customer,”. That said, we also have to be mindful that targeted phishing attacks can be personal, “Dear Tenzin,” etc. If you are not expecting any communication from a group or an individual, do not open the email and always confirm the sender of suspicious emails through text or phone.
How to respond:
- Do not open attachments
- Do not open links
- Do not reply
- Do not enter any information
- Block and Delete
Protect yourself:
- Always double check the website address before you enter your email ID and password.
- Change your passwords every few months.
- Use different password for different accounts.
- Always use 2-Step Verification.
- Install Password Alert extension in your Google Chrome browser. It protects you against phishing attacks.
- Don’t Wait! Update your operating system and software today.
From the beginning of your journey online you have sent or received so many emails – personal and work-related.
Many of these include photos and files that you do not need, but are now saved online forever! These are the kind of files that online attackers may be interested to steal for monetary gain, and possibly even use against you.
Protect yourself: Clean out your digital closet today!
Here are a few easy ways you can keep your online clutter to a minimum:
- Do a little every other day. Take 5 minutes to go through your digital closet and delete old emails & files. You’ll be surprised at how much you get through!
- Take your important data offline.
- Download all of your old emails onto your computer and delete the files online.(Make sure access to your computer is password protected and that it’s physically safe from theft!)
- Download a mail client (Thunderbird, etc.) onto an external drive and download all your mail there.
And always remember:
- Create a strong password.
- Always use 2-Step Verification.
- Don’t Wait! Update your operating system and software today.
Don’t be a hoarder! Clean out your digital closet and protect your privacy.
Have you ever feared your Facebook or email account account might get hacked?
Do you ever worry that you don’t have the knowledge to protect yourself online?
The good news is you can easily protect yourself by turning on your 2[step verification (also called two-factor authentication).
Is someone is able to crack your password, 2-step verification will block them from logging in to your accounts. It is an extra layer of protection – a code sent by text or through an app on your phone – that only you can get.
2-step verification has become a necessity to keep spies and scammers out of your accounts.
Gmail, Twitter, Facebook, Instagram, Snapchat, etc.
all provide 2-step verification/two-factor authentication.Turn it on today!
If you see “HTTP” at the beginning of a website address, it means that everything you are doing online can be easily, viewed and monitored.
Whether you are emailing, chatting, or just browsing, someone else can see the website you are looking at and the words or images you are typing and sending through the internet.
If you see an ‘S’ next to the HTTP – as you might have noticed when using Gmail, Facebook or an online bank (https://www.facebook.com) – it means you have a layer of privacy on the internet. The S stands for Secure and it means that, although someone can still tell you are doing something online, they can’t tell exactly what you are doing or saying.
Remember: Unless you see the “S,” your password, emails, chat messages, comments and all your activities can be watched and monitored by others!
Keep your messages and activities private by choosing websites and services that use HTTPS. Look for httpS in the address bar to make sure you stay Secret – Safe – Secure!
- When you browse the Internet, look at the address bar (where the website’s address is displayed). If the address starts with http:// AND NOT httpS:// be aware that your activity online can be easily monitored!
- Switch to an email provider like Gmail or Hotmail/Live Mail/Outlook that uses HTTPS by default at every stage of your email session, not just when you log in. If you use Yahoo mail, make sure to go to your settings and turn on HTTPS.
- Change your Facebook settings to use HTTPS. Log in to your account > “Got to Account Settings” > “Security” > Click “Edit” next to “Secure Browsing” > make sure secure browsing is enabled > click “Save Changes”.
- Use “HTTPS Everywhere.” HTTPS Everywhere is an extension you can add to your Firefox, Chrome or Opera Internet browser to make your communications with many major websites more secure. Check it out and install it today: https://www.eff.org/https-everywhere.
- Sign the petition to demand that the world’s top 100 websites use HTTPS: https://www.accessnow.org/page/s/ProtectOurPrivacy
“Did you know this funny video of you is posted online?”
“Click here to read the latest urgent news on the situation inside Tibet”
“An important message from the Dalai Lama”
It is tempting to click on these links, isn’t it?
This is because the messages are designed to take advantage of things we care about. Unfortunately, these links are often malicious and will take you to a website where your computer can get infected with a virus.
Don’t just open attachments or click on links you receive in your email, Facebook, or chats. Unless yu were expecting it, there’s a strong chance that the attachment or link contains a virus that will dangerously infect your computer as soon as you open it. Instead:
- Check if the link is actually as it appears. Hold your cursor over top of the link (do not click!) and check if it is actually taking you to the same address it appears to be. In some programs, the real address will appear in a text box next to your cursor. In most webmail programs, the real address will appear in the ‘Status Bar’ on the bottom left corner of your browser (Explorer, Firefox, Chrome, etc.). If it isn’t, don’t click.!
02. Upload the URL at URLQuery.com to check if it is malicious. (Warning! This service will not necessarily catch every malicious link, especially if it is a new one specially designed to target you.)
If you are someone who thinks “I have nothing to hide. Why should i be afraid?”, then think again. Many of these attacks are designed to steal information, and what we fail to recognize as information is the human network we have online or on our devices. The Tibetan community is small and incredibly connected with the mak=jority living under direct threat from China, our responsibility is much higher. Although everyone everywhere should have the responsibility because such negligence could have real-life consequences to someone in their network or their extended network.
What could happen if I download and open a malware attachment?
Opening a malware attachment is like letting a spy into your computer.
The spy can then:
- steal your documents and private information
- use your computer’s camera to watch you
- use your computer’s microphone to listen to you
- record every keystroke to steal your passwords
… and much more.
How can I share or receive a file then?
Do not send attachments to anyone. Make it a point with your contacts to discourage them from sending one to you.
If you receive an email attachment and you don’t recognize the sender or the email address, don’t open it and don’t reply. Ignore it. If you are expecting an email with an attachment from someone, take a minute to confirm via text message or a phone call that they actually sent it before downloading.
Even if you have confirmed the sender, stay safer by following these steps:
- Use an email service that lets you view attachments online without downloading them (for example, Gmail lets you preview attachments in Google Drive). This allows you to see what’s in a document without actually having to download or open it.
- Upload files to platforms like Google Drive, Dropbox, or other file-sharing services instead of emailing them.
Remember:
The best thing to do when you receive an email attachment is to ignore it. Start getting used to not only not opening attachments, but also not sending them.
Be smarter than the attackers. Start Detaching yourself from Attachments!
HTTPS and 2-step Verification are two powerful tools for keeping your email safe from spying eyes.
Check the website address when you are logged in to your email, and if you don’t see HTTPS , switch to a new email service.
Setup 2-step Verification for your email.
2-step verification requires a special new code sent to your phone each time you sign in to your email. Even if someone else finds out your password, they won’t be able to get in to your email because they won’t have the latest code.
2-step verification is available with Gmail and Microsoft mail. Go to youraccount setting and select 2-step verification, and follow the instructions to set it up.