Prepared by Cybersmart Education for the National Cyber Security Alliance

Prepared by CyberSmart Education for the National Cyber Security Alliance.

Activities for Protecting Your Identity and Computer for HighSchool Students

(Have each speaker say their name, where they work, and a little about her career path.)

“We have a short video to play for you about online safety and security.” (Play the NCSA video. 1 minute)

“What were the 3 things in the video?” (1 – Personal information is like money. Value it. Protect it. 2 – Share with care. 3 – The Golden Rule applies online. Post only about other as you have them post about you.)

Introduce: It’s important that we protect our computer from being infectedwith contaminated software. The more thoughtful we are about protecting ourcomputer, the less likely that our files and entire operating system can bedamaged.

It’s easy and well worth the little effort it takes to protect our files—ourwork, our music, our photos, our games— everything that we save on ourcomputers—from loss or destruction by malware. Malware—the short way of referring to all malicious software, includingviruses—is destructive software made to purposely harm and destroy acomputer. Malware can even steal our personal identity information. Andbecause we are all so connected today, if your computer gets infected or mycomputer gets infected, the damage spreads very, very quickly.

Number 1 - “I’m sure the link is from a trusted source.” (5 minutes)

Ask: Why is it important to make sure a link is from a trusted source? Can’t wejust click and if it’s not what we want or thought it would be, just go back?

Encourage students to critically consider this question.

Explain: Experts like to say “When in doubt, always err on the side of caution.” Just delete the message and don’t click. Simply clicking on links inemail, tweets, posts, social networking sites, smart phone messages and onlineadvertising can infect your computer.

Probe and Discuss: What should make you suspicious that a link could causetrouble? A message claiming you’ve won a big prize or an offer that seems toogood to be true is always suspicious. In what other situations should you tostop and not click?

(Examples)

• Links from someone you don’t know
• Links that excitedly tell you to take urgent action
• Links in messages that just look “weird”
• Links in a message that is clearly spam (junk mail)
• Links that just seem strange, even if from a good friend.
• Links within messages that use bad grammar or awkward phrasing ormisspellings
• Links from a friend or stranger claiming he/she is in trouble and asking that you send money
• Links to a page asking you for any personal information, such as your password
• Links on a social networking site that say “watch this funny video of you”
• Links in messages that tell you to open an attachment
• Links in messages that warn you to take urgent action

Number 2 - “ I know what I am downloading.” (5 minutes)

Ask: What kinds of files do you download?

Students may name a variety of items from the list below.

• Video games and instructions
• Movies/Video
• Songs
• Books
• Reports
• Slideshow presentations
• Photos
• Graphics
• Free screen savers
• Animations
• Ringtones
• Software

Ask: Stopping before you download is a good first step. Movies or music you may be downloading for free could be stolen (which makes downloading them illegal) and could be full of malware.

Guide students to consider that they should check that their computer isprotected and the reputation of a store or any other source beforedownloading.

Explain:Start by making certain that the most current version of your browseris installed on your computer. Next, always check for the “lock” icon on thestatus bar, showing that you are on a secured web site and that the URL beginswith “https” in the location bar. You should also consider using a safesearching tool that provides color-coded results showing that a site is safe andsecure.

Mention: There are also free tools that can help you avoid unsecure sites. Have students search online for “ safe search plug-in.” Look atthe free options available and explore how the different tools rank the safetyand security of a site.

Number 3 - “My computer is a clean machine.” (5 minutes)

Ask: What does it mean when experts say a computer is “clean”?

This isn’t about wiping cookie crumbs off keyboards, but something much more serious—making certain our files are not corruptedand our computer is not infected with contaminated software.

Explain: Even when we try very conscientiously to stop and think beforeclicking on a link or download a file, it’s still very easy to get tricked. That’sbecause the number of online malware attacks is increasing dramatically asthe number of Internet users continues to increase worldwide.

Explain: With the increasing sophistication and frequency of malware attacks,it’s important to have the most current security software installed on ourcomputers. The most current version of a web browser and operating systemare equally important in defending against malware attacks. Many companiessell malware detection software to detect malware and update automaticallyto protect computers, mobile phones and digital tablets from the latestattacks.

For students to discuss with the owners of computers they use.

Think about the computers you use the most:

• What security software is installed on your computer? Is it current?
• Do you have the most recent version of your browser?
• What setting have you chosen in your browser security preferences?
• Check settings they have on social networks

Go Online: Check StaySafeOnline.org from the National CyberSecurityAlliance forFree Security Check-ups.

Number 4 - “My password is strong enough” (5 minutes)

Ask: Ask students how long their passwords are without disclosing the password.

Explain: Experts have found that the more characters a password has, the harder it is to crack. The number eight is based on research about human short-termmemory, which can, on average, remember between five and ninecharacters. So eight characters is long enough to make a password strong butshort enough that you can memorize it.

Probe and Discuss: Which do you think is a stronger password: one with 20characters or one that is more complex in it use of seemingly random combination of upper and lower case letters, numbers, and symbols)?

Conclude: Most of us probably think that additional complexity is more important than length. But many security experts would answerthat password length is more important for security than complexity. That’s because most people still rely on dictionarywords, words spelled backwards, repeated characters, or famous quotations,as the basis of their “complex” password. So what we think is complex, isn’t socomplex. Truly complex passwords, say those made by a random-passwordgenerator, are too difficult for most of us to remember. So we write them down forothers to see and copy! The length of the password creates more characters which creates morepossible combinations needed to guess.

With the remaining time, work through the High School Quiz and answer questions.