Security on the Internet

Security on the Internet

Schools Are Prepared:

Murat ÇELEBİ – Çarşamba Bulutoğlu Anadolu Lisesi

Sebnem Memmedova – Shamakhi, THT lisey

Internet Banking and Online Shopping

One of the most important alternative distribution channels that came into play with the development of technology is “internet banking”. The internet banker can make almost all transactions made from physical branches. They can be reached easily with their orders placed over the Internet. The internet, which allows you to do all this comfortably and easily, naturally starts to pause who wants to abuse this platform.

Various monetary transactions and answers such as money transfers, using loans, credit card transactions made through banks, money transfers made with internet banking today can be done via computers or mobile phones with today’s internet banking.

Internet banking, whose use is becoming widespread with the increasing use of the internet, also causes technological fraud cases. This situation has made the security of personal data and secure banking services more important than ever, and it has been obliged that institutions and organizations providing monetary transaction services take security measures in their systems and raise the awareness of users using internet banking.
There are always risks in the use of internet banking as cybercriminals try to defraud internet users with methods such as malware, botnet, spam, phishing, identity theft, and social engineering that they use and develop day by day. However, users can minimize this risk by taking technical precautions and conscious use by the institutions and organizations providing the service.

Most Common Methods Used by Cybercriminals to Steal Information 

Malicious Software

They can log everything on the computer or phone, such as malware (spyware), passwords, numbers, and account shopping. Spyware redirects this information it collects to the hacker.

Copy Servers

When using internet banking services, the browser or mobile application will communicate with the official bank server to verify the discovery of the institution with which it communicates. Hackers pretend to be a bank and try to send fake bank server certificates to applications. Thus, they will be able to access your accounts.

Phishing Fraud

Cybercriminals communicate via e-mail, phone or social media and work at the bank invitation, showing them as a reliable institution. Also; They redirect tip victims to duplicate sites that look like bank sites, asking for account details such as passwords.

Things to Consider in Internet Banking and Online Shopping

An antivirus program should be used to protect the computer and phone used against viruses and malicious software.

Care should be taken that the browser and operating system used is up to date. (Applications used in computers and smartphones are updated at certain times. These updates are usually done to add new features. However, most of the time, they are made to close security gaps. Therefore, you should make sure that the applications are kept up to date.)

One-time password service provided by banks should be used. In this system called 3D Secure; During banking transactions or online shopping, a password is created by the bank for the cardholder by SMS and the cardholder identity is verified.

SMS verification must be used for mobile banking transactions.

Firewall must be used on the computer.

Electronic signature should be used in corporate banking transactions.

When logging into the system for Internet Banking, the required password information should be entered through virtual keyboards created by banks instead of a computer keyboard.

When opening e-mails whose origin is unknown, care should be taken and links should not be clicked. Hackers usually choose to send viruses to people’s computers via e-mail.

Programs should not be downloaded and used from untrusted sites. Licensed programs must be used.

There are many third-party applications that can be used as mobile applications. Applications used must be downloaded from application stores such as App Store and Google Play Store. These apps are much less likely to contain malware, and apps added to these official stores are constantly being reviewed.

Bank accounts and credit card statements should be checked regularly. In fact, spending checks should be done at intervals without waiting for the statement information. If any strangeness is noticed, the relevant bank should be applied immediately.

On internet banking and E-commerce sites, it is absolutely necessary to pay attention that the shopping newspaper says https: // instead of http: // and the SSL certificate of the shopping site. This certificate protects credit card information from being encrypted and copied by others.

(Https is a combination of SSL / TLS Protocol and HTTP protocol, it is a security system that sends all information from one source to another in encrypted form.

For example, this protocol is available on all pages where encrypted transactions are made, social networks and banking sites. If the connection does not write https and encrypted connection is made, you should be very careful. Similarly, when you come to the payment section of the shopping site, it should be paid attention to whether it says https: // in the address bar.

If it only says http: // it would be risky to pay from that page.

Whether the link of the site entered to perform internet banking transactions is confidential or in other words, whether it really belongs to the bank, can be checked from the “green” locked logo on the left of the address bar.

In internet banking transactions, if the website or mobile application does not respond for a long time, it should not be insisted on making transactions.

⦁ In online shopping, the use of virtual cards should be preferred instead of using a credit card with a high spending limit. In this way, the risk will be reduced as the limit of the virtual card is determined by the user. (The virtual card can be easily identified through the internet banking service of the relevant bank.)

Personal information should not be shared with sites and institutions that are not sure about their security. Password used in bank transactions, passwords, etc. Important information should never be shared with third parties. E-mails saying I am calling from the bank or stating this should not be respected. It should not be forgotten that no bank or its officer wants to learn the user’s password.

Do not pay attention to the site name written in the negative Internet browser tool. If any audio information in the name of the site can be directed to a site that is exactly the same as the real one. For example, spam or phishing can be directed to a correct site by changing only one letter. Therefore, e-mail links should not be processed from any page. Online shopping sites and sites pages that can be used should be added to the favorites list.

Passwords should not be created in an easily guessable way and should be changed regularly. (These passwords made of consecutive numbers (such as 123456) and letters (asdf, abcd, qwe) and letters (asdf, abcd, qwe) should not be used on the keyboard, these are passwords that can be easily guessed by those who use this environment for fraudulent purposes. A password of at least 8 characters that is difficult to guess and should be noted.)

Shopping and banking transactions should not be made from shared computers, common wi-fi areas and internet cafes.

Credit card numbers and other personal information should not be written on these computers.

After using internet banking, the session must be closed. mobile banking application that most banks operating in Turkey closes automatically in case of no specified duration. However, when the process is finished without waiting for this to happen, the application must be logged off.

For internet banking from the browser, make sure that the browser does not save passwords or usernames.

For security purposes, the security rules communicated by banks must be followed.

Security on Social Networks

Social networks are the general name given to networks that are used to communicate / interact with other users on the internet, and the most widely used social networks today are Facebook, Twitter, Google+, LinkedIn, Foursquare and Youtube. You can use the Help and Security Centers prepared by Facebook for its users when you have a question on Facebook with the highest number of users:

Social networks; It is the general name of web-based applications and services where people communicate / interact with other people on the internet, share a lot of different information, play games and make new friends by creating an identity for themselves in the internet environment.

Facebook, Twitter, Linkedln, Foursquare, Youtube, Google+, Snapchat and Dailymotion are examples of social networks that are widely used today. According to the 2018 World social media usage statistics report published by “We Are Social and Hootsuite”, Facebook stands out in the first place with ~ 2.1 billion users in the use of social networks. Facebook is followed by Youtube in second place with ~ 1.5 billion users and Instagram in third place with ~ 800 million users. In the same report, it is seen that ~ 34% of Facebook users are between the age group of 18 – 34.

The increasing number of users in social networks brings along the increase of security threats and usage risks in social networks. This situation can cause irreparable problems especially for unconscious social network users who have ignored privacy and security in social networks.
The most important issue in social networks is sharing. Sharing is good, but especially on social networks, what information is shared with whom is very important.

Because;

Even if any information shared is deleted by the sharer, it can remain in the internet environment.

Shares can be easily sent, but not easily retrieved.

Although the posts may seem innocent, they can negatively affect life later on.

Sharing can negatively affect daily life and relationships.

It can cause it to be said “I wish I hadn’t shared it”.

Especially in social networks;

Date of birth
Education information
Mother’s Maiden Name
Identity card information
Personal information of other family members
Credit card information
Username and password information
Driving license information
Workplace information
Address info
Resort and date
E-mail address
Personal photos and videos
etc. Not sharing personal information is of great importance in terms of preventing possible victimization.

WHAT KIND OF SECURITY MEASURES SHOULD BE TAKEN IN SOCIAL NETWORKS

In social networks; Identity Theft, Fraud, Profile Cloning, Unsolicited emails, Bad link requests, selling fake products, etc. security threats may be encountered.

It should not be forgotten that the biggest security threat due to unconscious use in the Internet environment is the user himself. For this reason, every user who uses social networks extensively should take the necessary security and privacy measures.

PRIVACY AND SECURITY ON FACEBOOK

Airport, Shopping Mall etc. In environments where the wireless network connection is shared, it should be made sure that the connection is made as “https” and the address entered is correct.

A strong password policy (containing at least 10 characters, lower and upper case letters, numbers and punctuation marks) should be preferred when determining the password of the e-mail account to which the Facebook account is connected.
The password of the e-mail account to which the Facebook account is connected must be changed periodically.
Profile information should be shared as much as necessary.

Necessary arrangements should be made to receive login warning notifications and to activate login approvals.

It should be determined who can see the shared content.

People who can send friendship offers and messages should be limited / determined.

Friends should be grouped according to the content to be shared, and privacy settings should be made according to the groups created.

The people who can see the posts in the time tunnel should be limited / determined.

Profile information should be closed against queries made in search engines.

PRIVACY AND SECURITY IN TWITTER

Airport, Shopping Mall etc. In environments where the wireless network connection is shared, it should be made sure that the connection is made as “https” and the address entered is correct.

A strong password policy (with a minimum of 10 characters, lower and upper case letters, numbers and punctuation marks) should be preferred.

In case the password is forgotten, it is preferable to ask for personal information (email or phone number) to reset the password.

Login verification audit must be activated.

When you want to log in to the account from a different device, e-mail notification should be activated.

The preferred browser (chrome, mozilla, Explorer etc.) should be kept in the most up-to-date version as possible.

Account password must be changed periodically.

LINKEDIN PRIVACY AND SECURITY

Airport, Shopping Mall etc. In environments where the wireless network connection is shared, it should be made sure that the connection is made as “https” and the address entered is correct.

A strong password policy (at least 10 characters, lowercase and uppercase letters, numbers and punctuation marks) should be preferred when determining the password of the e-mail account to which the Linkedin account is linked.

The password of the e-mail account to which the Linkedin account is connected must be changed periodically.
Profile information should be shared as much as necessary.
It should be determined who can see the e-mail address to which the account is linked.

Contacts should be prevented from viewing by others.

Wireless Network & Modem Security

In today’s technology age, internet connection is available in many homes and businesses. We are in an age where computers, laptops, tablets, mobile devices and even televisions can connect to the internet.

Those who think “it doesn’t happen to me” should not assume that the attackers focus only on receiving information that may be important. Some information that seems trivial can be of great importance to the attacker. To combat such situations, every user needs to consider that their device contains sensitive information and take the necessary security measures. When connected to the Internet from a public access point with a wireless access device (a laptop or tablet), it can be exposed to possible breaches by remote attackers. The following security measures will help protect against these attackers.

The owner of the wireless device should not leave their device unattended within reach.

Care should be taken to ensure that the power-on password of the device is always a password that cannot be easily guessed.

The wireless feature should be left off when not in use. So much so that Wi-Fi Infrared and Bluetooth devices announce themselves to the environment when these features are turned on. In this case, it is easier to find by attackers.

Keeping the wireless device network hardware up to date: As the network device hardware actually contains simple software, it is vulnerable to attack like any other software. Keeping the drivers of these devices up-to-date means getting the support of the latest security measures. Software that is not updated is vulnerable.

It is necessary to protect the wireless device with up-to-date virus software and make sure that the firewall is always active. Thus, the risk against viruses and spyware is minimized.

Encryption of sensitive / personal information: If the device is encrypted, even if an unauthorized person accesses the device, encryption prevents sensitive information from falling into self-interested hands.

Turning off the resource sharing feature of the hardware that provides wireless capability: Sharing files may mean that these files can be changed or deleted.

Deleting public wireless devices from the preferred ports list: Some operating systems allow a custom preferred wireless ports list to be created. Devices with this list primarily search for these wireless networks in the environment. If the attacker sets their own device to impersonate these devices, the target device automatically connects to the attacker’s wireless device and starts sending information.

Turning off the Wireless Ad-Hoc Mode feature: The “Ad-hoc” feature allows the device to connect directly to other computers over a wireless connection with minimal security requirements. This feature should be turned off to prevent attackers from accessing information and resources.

Both wireless and wired network connections should not be used at the same time. The attacker who connects to the device over the wireless network can connect to the devices behind the wired connection if the bridge mode is turned on.

Note that the Wireless Network connection page is genuine: Users can connect to the wireless network after entering the requested information through the wireless network connection pages. These pages are a deterrent to attackers. However, the attacker aims to steal users’ information by faking this page. For this reason, before using public wireless networks, the authenticity of the accessed pages should be checked from the certificate information.

Care should be taken not to send sensitive / personal information over public wireless networks: Public wireless networks are often considered unsafe. It is not recommended to send sensitive information over wireless networks without specific security measures.

When connecting to corporate networks over wireless networks, the encrypted private network provided by the relevant institution must be used. Since these programs will send the information by encrypting it, it prevents the attackers from obtaining the information. Not every private encrypted network program should be trusted.

The default access password should be changed by entering the administration page specific to the modem.

The wireless network password written on the modem is often confusing and secure enough. This password should not be shared with anyone.

Filtering MAC address from the interface of the modem and using WPA-WPA2 encryption algorithms means taking an important security measure.

Changing or even hiding the SSID name used to connect to the modem prevents other devices from seeing the wireless network.

Operating System Security

With the Windows 7 operating system, you can monitor the security and performance of your operating system and make changes. To do this, Start – Control Panel – System and Security – Action Center – Check the status of your computer and solve the problems – From the security steps, you can see whether your operating system is on or off your network firewall, your system is up-to-date, whether virus and spyware protection programs are turned on.

Make sure your operating system is up to date and that you have the latest updates installed. In the Windows 7 operating system, you can query this by typing Action Center in the search section and learn the security and maintenance status of your system.

If you create a user other than yourself in Windows and do not want that user to reach your desktop, you can define a new user. For this, you can define new users by typing User Accounts in the search section and you can also change your existing Windows user account password. Parents should create this especially for their children.

You can lock your screen to improve security and save power when your computer is not turned on. For this, you can change the power times by typing Power Options in the search section and define a password to your computer while waking up from sleep mode. These features are ideal for creating a kind of shield on your computer when you are not very active.

You may want to keep logs of some events. For this, Windows records some user activities and applications. This allows some errors on the system to be seen. You can access this interface by typing Event Manager in the search section.

You can give your computer limited access to data that should remain sensitive and confidential. For this, right click on the directory or file to be encrypted will be presented in the menu that opens. Now clicked with the game. It shows ‘encrypt to protect data’ option from the window.

Thanks to the remote desktop feature of Windows, the user can access his own desktop from another computer on the network. For this, after clicking the “My Computer” icon, you can use the properties of the disks by right clicking on the screen page. From here, you can select remote connection and set up remote assistance and remote desktop settings. You can remove the necessary permissions for computer security. Since you will make a remote desktop connection, check the ‘Allow’ option to get away from the computer from any computer.

Windows 10 operating system security and convenience tips

Windows 10, which came out after Windows 7 and Windows 8 operating systems and comes with free upgrade options for many versions, operates with approximately 250 million users around the world. The majority of Windows 10 users are users who have switched with the free upgrade method. Taking this into consideration, there are some points that we should pay attention to during the upgrade phase:

Advertising ID; It is the identity created by Windows creating a new account for us and collecting our information and ranking the appropriate ads for us.

Location; Windows 10 asks for our location information, and when we provide it, it says it can share it with its trusted partners. For this, it is useful to read the Microsoft Privacy Statement on the Microsoft official page.

Page prediction; It predicts which site we can access after a site that is entered once in internet browsers and boots accordingly.

Intelligent security filter; SmartScreen Filter is responsible for the security of Microsoft’s new browser, Edge, which acts as an antivirus protecting us while surfing the Internet. In doing so, it provides access to most information.

Spam & Phishing

Cybercriminals are very professional and successful in luring people over the internet, opening the links they post, or redirecting them to any illegal or malicious site. E-mails, e-mail links or other pop-up windows sent to you by cybercriminals may appear as innocent content sent from a financial institution, e-commerce site, government agency or any business or workplace.

If you are not sure whether an email sent is legitimate or not, you can try to verify it by following the 3 steps below:

Contact the relevant company immediately,

Contact the company using the information on the account statement or on the back of the credit profit,

Search the company on the internet. Search for the source on the internet, not just in line with the information contained in the e-mail sent to you.

Spam E-Mail is equivalent to junk mail. This term; means unwanted heap. In other words, they are e-mails sent to you for advertising purposes or to cause material / moral damage to you, like many other people. In general, spam can be summarized as unwanted or damaging behavior. This includes many activities, such as sending bulk messages, deliberately communicating with strangers on social media, and sending links that contain malware to others.

Some ways to reduce spam:

Enable filters in your email programs: Most internet service providers and email providers offer a spam filter. However, depending on the level you set up, you may also end up blocking the mails you want. It may be helpful to occasionally check your junk mail to make sure the filter is working the way you want.

Report spam: Most e-mail providers offer ways to mark e-mail as spam or report spam samples. Reporting spam also prevents that message from falling directly into your inbox.
Be sure with whom you share your information online: Make sure you do not store your e-mail address online, especially in your social network profiles, or share your personal information only with certain people. Use instant e-mail services in some places on the Internet where you have to and do not want to give an e-mail address.

Using the internet technologies by combining phishing, “Password” and “Fishing” words, illegally using internet technologies personal information and passwords, credit card information details and such information spam e-mails, fake links and the capture of cybercriminals through spyware infecting your computer.

For example, a cybercriminal can use a phishing attack to steal a company’s client list. As a result of this attack, a phishing attack is launched against the customers of that company. Since they gain access to the network, e-mail can pass through filters easily because it is not aware of any attack. In this way, they enable the customer to open an e-mail sent in the same way.

Malware (Viruses, Trojans, Worms)

There are many types of malware on the Internet that cause direct or indirect harm to individuals and users. These malware are called Malware. Malware is the general name for viruses, trojans, Trojans and other unwanted malicious software, which stands for “Malicious software”. Malwares are damaging computer systems, stealing our information and other malware. We can summarize these malicious software as computer viruses, trojans, worms, spyware and keyloggers.

Computer viruses are software programs designed to inhibit the operation of the computer, to save, corrupt or delete data, or to cause slowdowns or other problems by spreading themselves over the Internet to other computers. Viruses can enter any computer in different ways and cause unwanted results and damages in these computers.

How do you know if your computer has a virus?
Your computer has become unusually slow.
If your new or previously used external drives are no longer working,
If strange and numerous messages appear on your screen,
If the programs you use are crashing or running very slowly,
If the names, file sizes, saving dates of your documents or files change by themselves,
If your file ‘download’ and ‘upload’ speed is too slow on the Internet,
If strange movements occur on your monitor, CAUTION !!!

Ways to protect against viruses
Never open an email attachment from someone you don’t know unless you know exactly what is included in a file attachment.
You must have an anti-virus program and a firewall on your computer. There are many anti-virus programs to protect against viruses. For example; AVAST, NOD32, KASPERSKY, PANDA AND SYMANTEC etc. These programs can include a firewall as an internet protection package, as well as use the firewall of your operating system.
Always keep your antivirus software up to date. Outdated anti-virus software will never do you any good. Because viruses are constantly updating themselves.
Harddisk, cd, flashdisk etc. Scan these hardware with anti-virus software before uploading information to or sending data from such hardware to your computer.
Always keep your operating system up to date and use genuine (licensed) software programs.
Do not browse through unfamiliar web pages and download too many programs / files from these pages to your computer. Be sure to scan the downloaded files with anti-virus software on your computer.

Identity Theft & Fraud

While dealing with any cybercrime incident, even the slightest precaution to be taken will be of great help with the problems that may be encountered. Cybercrime can be encountered in many different ways. Many crimes such as online identity theft, financial fraud, tracking (voyeurism), bullying, hacking, email leaking, information piracy, fraud, intellectual property crime can be examples of cybercrime.

Should the cyber crime incident be reported?

Studying and tracking the cyber crime incident in detail can be a bit difficult. Because most cybercriminals demobilize online crime before the incident goes to the ear of the authorized person.
The good news is that many government agencies and local law enforcement agencies are becoming more experienced with cybercrime and how to deal with these problems. However, law enforcement may also need the assistance of victims to bring cybercriminals to justice.
When the cyber crime incident is reported, the presence of a small amount of evidence depending on the complaint will seriously help the resolution of the incident. Therefore, the necessary evidence for examination and investigation should be stored in a secure environment.
The list below contains some points that may serve as evidence:

Canceled checks,
Certified or other e-mails,
Chat rooms or news texts,
Credit card receipts,
Faxes,
Log files,
Messages from social networking sites,
Remittance receipts,
Flyers or brochures,
Telephone bills,

Prints of e-mails or electronic copies if possible,
Prints or electronic copies, if possible, of web pages
Organization receipts.
The response to be given as soon as it is understood that the victim of cyber crime will vary depending on the type of crime and the degree of certain circumstances.

In case of identity theft:

The passwords of all used online accounts must be changed. When passwords are changed, care should be taken to ensure that the new password complies with the password security rules. Bank accounts must be frozen so that the criminal cannot access the user’s financial accounts.
Credit cards considered to be in danger should be canceled and new cards with new account numbers must be obtained. The relevant companies should be warned against the possibility of the owned cards being used by others and it should be learned whether any expenditure has been made by credit card.
What other information might be at risk should be considered. Depending on the type of theft, you may have to talk to other relevant companies.
Such incidents should be reported to the prosecutor’s office and a report should be requested regarding the situation.

In the case of online monitoring (voyeurism):

A clear warning message should be sent stating that if the name of the follower is known, it is disturbed and that legal action will be initiated if it continues. This should be done only once, and should not be dealt with again. Because repetitive communications encourage the criminal to contact again.
All types of communication with the criminal (letter, e-mail, threatening messages, etc.) should be kept, and the date, time and content of the incidents should be documented at the most appropriate opportunity.
Online identity must be protected. It should be ensured that security and privacy settings are made in social networks and other services.
Phishing messages, which are a common method of identity theft and fraudulent activities, may contain unwanted or malicious software (malware and spyware). If the existence of such software is suspected on the computer used, one of the security software providing online protection can be used. A sample of these can be obtained from safety.live.com and scan the computer used for malware detection and removal.

Password Security

The same and easy to guess passwords can be determined for different accounts in the internet environment. A social network membership password can be the same as an e-mail password or even a bank card password. Passwords that are easy to guess; It consists of personal information such as date of birth, place of birth, telephone number, names of relatives or sequential numbers such as ‘123456’.

How to create a strong password?

⦁ It must have at least 8 characters
Must contain letters, numbers, and special characters (@, #, $,%, ^, & ,!).
⦁ Should contain small and capital letters (k, B)
⦁ Personal information should not consist of dictionary words and frequently used easily predictable information.
⦁ Different passwords must be set for all accounts.
Click here for strong password suggestions that are easy to remember.
Why is it dangerous to use simple and identical passwords?

A recent research has revealed that many internet users carry out their internet activities with passwords using sequential numbers such as ‘123456’. It should not be forgotten that in parallel with the development of social networks, people can now easily share many personal information (pictures, videos, information about themselves, place of birth, date of birth, school, job, etc.) directly or indirectly on the internet in a much larger cyber world.

Web Security

The safe start of your web browser to web security will be correct. You must do this by making a browser browser and privacy when you use the web browser. For example; If you are using Mozilla Firefox, visit the Tools – Options Privacy tabs as you wish.

Hacked Accounts Security Advice

Ensuring the security of e-mail accounts and social media accounts, which is a common problem today, is an issue that users and security companies should always focus on. Since the capture of the e-mail account may also mean the capture of the social media accounts linked to the e-mail account, the event creates a domino effect. There is a huge burden on companies in this regard, but there are things that end users can do as well.

It is necessary to check how secure the login password is. Many websites indicate how secure the password created in the password generation step is. Some even do not accept passwords that do not contain certain characters and are not in a certain order and force the user to change these passwords. You can get an idea from howsecureismypassword.net website, which tells how long a certain password can be cracked. Example; “Trncyd!” A user password that is determined as a password may sound complicated and difficult to break, but it is stated on the relevant site that this password can be cracked in 3 minutes. The important thing here is to use a password that contains both long and different characters.

It should be noted that the password is not among the most popular passwords. According to a study, the 5 most commonly used passwords are:

“Password”

“123456789”

“12345678”

“12345”

“111111”

It’s important to add two-step verification to the email address. Although a password can be compromised because it is weak, the attacker needs a mobile phone, computer, or tablet directly to obtain the two-step verification password. Adding two-step verification for accessing your email account will delay the sign-in process for just a few seconds.

It is useful for the user to examine the access records of their social media accounts. In other words, it should be checked whether the access records are consistent with social media account login records. Such that; Most bank applications tell users when they were last logged into the system. If a foreign IP address is encountered, the password used must be changed immediately.

Strong passwords should be added not only to the computer but also to the mobile phone or tablet. In devices that support input pattern application, care should be taken to ensure that the pattern is mixed. Most users set uncomplicated passwords to immediately unlock their device. If the phone or tablet supports it, using the fingerprint reader can be a good security measure.

Access to a personal account should be avoided from computers located in public places, such as schools or libraries. These computers may have a password-saving keylogger program installed. If it is necessary to enter a personal account, the password should be changed as soon as possible.

The password used at the workplace or on the website where shopping is made and the password used in the social media account should not be the same or similar. Not all tech companies protect their members’ passwords at the same level of security, and if the attacker gets a password, they’ll try it on all your other accounts. Considering that many passwords are difficult to remember, a password manager program can be used.

Links in emails, tweets on social media accounts, links in text messages, and online advertisements are common tools cybercriminals use to hijack computers and social media accounts. Even if the source is known, when something suspicious is seen, the best thing to do is to delete that content before opening it.

The person who thinks that his social media account is in danger can contact the relevant company in accordance with the examples given below:

Malware – 2 (Spyware, Keyloggers, Botnets)

Spyware is often associated with software that displays advertisements (adware) or software that tracks personal or sensitive information. This does not mean that all software that provides advertisements or tracks your online activities is bad. For example, you can sign up for a music service for free “in exchange for” agreeing to receive targeted ads. Once you understand and accept its terms, you can decide that it’s a fair deal. You can also agree to allow the company to monitor your online activities so that it can decide which ads it will display for you. Other types of unwanted software can make annoying changes to your computer and cause your computer to slow down or crash. These programs can change your web browser’s home page or search page, or add additional components to your browser that you don’t want or need.

Spyware Infection Symptoms

Frequent pop-up windows.
Uncontrolled web browser.
The address you set as the home page changes.
New and not installed web browser bars.
Too heavy or slow running of programs.

Anti-virus software, internet security software and various programs that find and destroy spyware can be used to protect against spyware.

Keyloggers are spyware that keep logs of every key pressed on the keyboard. These software save the passwords and personal information you enter while surfing the internet in a text file and transmit it to another user.

How to detect keyloggers and get rid of them?

There are many keyloggers on the market and each keylogger logs with a different logic. Therefore, it is not possible to get rid of all of them with the same method. To get rid of a simple keylogger, you can start by typing Start> Run> msconfig and go to the “Start” tab from the window that opens, and see the programs that start running at startup, detect the keyloggers and stop them from running. In this case, disable all processes and restart your computer. Also; Press Ctrl + Alt + Delete and enter services.exe against SYSTEM instead of admin etc. If it says, you may have a keylogger on your system. If you see SystemDll32.exe and SystemDll32.log files in your c: / windows / system32 folder, you may still have a keylogger on your computer. In this case, delete services.exe in your My Computer / C / windows / system folder. Still, the most effective method of getting rid of spyware is to format your computer.

Spyware Protection Methods
Update your operating system and web browser software.
Use anti-virus software, internet security software, and spyware programs. Activate your operating system’s firewall.
Get free software from places you know and trust.
Do not install software on your computer that you do not know what it does.
Check your web browser privacy and security settings.
Do not click on pop-up windows that do not know what they do.
Install a firewall to prevent unwanted visitors from accessing your computer.
If you suspect you are infected with spyware, do not use your critical transactions such as online banking.

With the widespread use of computers, attacks and techniques on computers are increasing day by day. With the BotNet attack, which is one of the most dangerous of network attacks, hackers can capture personal computers. Although Botnet has become quite widespread in recent years, companies that make e-commerce on the web, public institutions and other service provider institutions and organizations may be exposed to Botnets.

Botnet attacks basically mean that many computers are managed from a single point for malicious purposes. With access programs infecting your computer with some kind of virus, you can easily join the army of thousands of zombies of malicious hackers. A Botnet owner attacker can easily manage all the computers on his network from anywhere in the world. It creates great support for the attackers’ cybercrime in innocent users in the botnet network without even knowing about it.

Protection Methods from Botnets

Make sure that the anti-virus program installed on your computer is up to date and / or automatically updates itself.
Use firewall software that constantly monitors the traffic over the Internet.
Be very careful when downloading a program from the Internet. Make sure that the program you downloaded is reliable, the web page you downloaded is known and reliable, and above all, that you scan the program you downloaded for viruses.
Make sure your operating system is up to date and that you have the latest updates installed. For example, if you are using a Windows 7 operating system, you can find out whether your operating system is up-to-date or not from the Start – Control Panel – System and Security – Windows Update steps.
E-postayla alınan dosyalardan daima şüphelenin. Dosya uzantısı .pif, .scr, .bat, .exe, .zip, .rar ise dikkatli olun. Dosyanın uzantısından emin değilseniz, Windows İşletim Sistemleri için Klasör Seçenekleri altındaki Görünüm bölümünde “Bilinen dosya türleri için uzantıları gizle” seçeneğinin işaretini kaldırın.