Empowerment Technologies

Governor Pack Road, Baguio City, Philippines 2600

Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

Internet Threats

Objectives: At the end of this lesson, students shall be able to:

1) Enumerate and define the commonly known internet threats;
2) Provide examples of each internet threat; and
3) Discuss the impacts of these internet threats and how to avoid them.

Motivation:
 What do you think when you hear the word “internet threat”?

Introduction – Internet Threats

 Internet Threats
o Also known as “web threats”
o Malicious software (malware) that can target the user when using the Internet
o Includes a range of malicious software programs that are designed to infect victims’
computers
 Steals money and/or pertinent information
 Destroys pertinent information
 Compromises software and hardware computer systems
 Demand of actions towards the user

Spam
 Definition
o Unsolicited digital communication that gets sent out in bulk
 Often an email
o Unwanted emails mostly from bots or advertisements
o This can be used to send malware
 Types of Spam
o Phishing emails
o Malspam
o Malicious botnets
 Effects of Spam
o Makes the computer vulnerable to malware, if spam is not ignored
o Spam blocks communication channels and creates traffic
o Inconvenience / nuisance to customers / recipients
 Phishing Emails
o Tricks victims into giving up sensitive information
 Examples: website login information (username, password), credit card information,
answers to security questions, etc.
o Utilizes social engineering
 Also known as human hacking
 Psychological manipulation of people with the goal of divulging pertinent information
 Usually creates and curates a scenario that would exploit human weaknesses with a
degree of urgency
o Utilizes email spoofing
 Mimic or spoof an email from a legitimate sender
 Usually demands some sort of action
 Well executed spoofs will contain familiar branding and content, and sounds urgent or
threatening

Page 1 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

o Common phishing ploys include:

 Request for payment of an outstanding invoice
 Request to reset password or verify an account
 Verification of purchases that was never made
 Request for updated billing information
 Notification of an expired software that needs to be updated
 Malspam
o Any kind of malware spread via spam
o Relies on social engineering to trick recipients into taking some kind of action, often against
better judgment
 Clicking a download link
 Opening an attachment contained in the email that infects a computer with malware
 How to Prevent Spam
o Ignore and delete unwanted messages
 Spam messages are usually placed on the “Spam” folder already, and automatically
delete after a set number of days
 Take note of how the subject lines of emails are constructed
o Learn how to spot phishing emails
 The subject line tends to have certain buzzwords that are catchy but may deter from the
actual content
- These buzzwords tend to have a clickbait or marketing approach that makes some
users susceptible to clicking
- There are also some garbage code (a series of numbers and letters that do not make
sense to humans)
 Double check the email address of the sender, particularly the content after the “@” sign
 Spam content are also emails that are sent multiple times to the same user
 Legitimate websites would always inform the user if they are sending an email for
confirmation and have a time limit
o Use multi-factor authentication
 Security system that allows access only if the user presents two pieces of evidence
 Usually is the password to the account and another form of authentication
 Examples: alternate email, SMS message, verification apps (Google Authenticator)
o Install anti-malware
 Malicious Botnets
o Group of compromised computers connected to a “network” (zombie)
o Can be used to do other malicious activities in a remote location
o Activities of Botnets
 Distributed Denial of Service (DDoS) attacks
- Causes unplanned application downtime
 Validating lists of leaked credentials (credential-stuffing attacks)
- Leads to account takeovers
 Web application attacks to steal data
 Providing an attacker access to a device and its connection to a network
o Uses of Botnets
 Financial theft – by extorting or directly stealing money
 Information theft – for access to sensitive or confidential accounts
 Sabotage of services – by taking services and websites offline, etc.
 Cryptocurrency scams – using users’ processing power to mine for cryptocurrency
 Selling access to other criminals

Page 2 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

o How to Prevent Botnets

 Improve all user passwords for smart devices
- Update admin settings and passwords across all devices
- Even “smart” appliances (Smart TV, CCTV systems, etc.) need to be secured
 Be wary of any email attachment
- Double check the email address where the email has been sent from
- Do not input any pertinent information
 Never click links in any message received
 Install effective anti-virus software
 Make sure computer system and programs are up to date
o How Botnets Work

Malware
 Definition
o Short for “Malicious Software”
o Can be used to:
 Cause harm to the computer  Bypass access controls
 Compromise computer functions  Steal data and personal information
 Types of Malware
o Adware o Rootkit
o Malicious bots o Spyware
o Security bugs o Virus
o Ransomware o Worm
 Adware
o Advertising supported software
o Displays advertisements on computer devices
o Least dangerous and most lucrative malware
o Examples: pop-up ads on websites, ads on software In many cases, ads may be
within the software itself.
Alternatively, the adware may
encourage the user to install
additional software provided
by third-party sponsors.
Adware programs exist across
all computers devices. Most of
these are perfectly safe and
legitimate, but some might
have dark motives.

Page 3 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

o How to Acquire Adware

 Shareware programs (ShareIt)
 Advertisements on free mobile applications
 Infected websites
o Effects of Adware to a Computer System
 Changes internet settings
 Slows down the processing speed of a computer
 Can carry the security threat of spyware
 Changes to browser homepage and search results
o How to Prevent Adware
 Watch what you click!
- Most adware stay because users accidentally click on them
- This would include installing adware in order to download pirated software
- Prevent from choosing the “Allow notifications” option when visiting websites
 Keep your systems and programs updated
- Includes operating system, internet service provider, anti-virus software, and email
program updates
- This would allow the security systems on the computer devices to handle more modern
problems
 Adjust browser settings to medium security or above
- Prevents from visiting websites that are not under the Secure Socket Layer / not HTTPS
 Install a firewall
 Use pop-up blockers and adware removers
 Malicious Bots
o Self-propagating malware that infects its host
and connects back to a central server
o Bots that attempt to carry out cybercrime,
such as identity theft or account takeover
There are GOOD BOTS!
o Usually used to infect large numbers of One of the typical “good” bot uses is
computers to gather information. Bots in such
o Activities of Malicious Bots guises are called web crawlers.
 Credential stuffing Another “good” use is automatic
interaction with instant messaging,
 Web / content scraping instant relay chat, or assorted other
 DDoS attacks web interfaces. Dynamic interaction
 Brute force password cracking with websites is yet another way bots
are used for positive purposes.
 Spam content
 Email address harvesting

Page 4 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

o How to Acquire Bots

 Download Tactics
- Malware is delivered in download format via social media or email messages that
advise clicking a link
- The link is often in picture or video form
- Contains either viruses or other malware
 Scare Tactics
- A bot will appear as a warning saying that if the associated link is not clicked, the
computer will get a virus
- Clicking the link subsequently infects the computer with a virus
o Effects of Malicious Bots
 Internet access is slow for no apparent reason
 The computer crashes for no apparent reason
 The computer fan (for cooling) goes into overdrive when the device is idle
 Computer takes a long time to shut down, or fails to shut down correctly
 Pop-up windows and advertisements appear even when a web browser is not used
 Computer programs are running slowly
 The browser features contents that were not downloaded by the user
o How to Prevent Malicious Bots
 Install firewalls to block malicious attacks
 Use a long and complicated password for website accounts
 Never use the same password for multiple programs
 Install quality anti-malware software
 Ensure software and programs are up to date, never ignore system updates
 Refrain from using flash drives in an infected computer
 Security Bugs
o Most severe type of bugs
o Can allow attackers to:
 Bypass user authentication
 Override access privileges
 Steal data
o This can cause crashing or freezing
 Ransomware
o Holds a computer system captive while demanding a ransom
o Types of Ransomware
 Crypto Malware
- Encrypts files, folders, and hard-drives
 Locker-Ransomware
- Known for infecting operating systems to
completely lock out computer or device
One of the most familiar examples
- Making it impossible to access any of the
is the destructive 2017 WannaCry
files or applications ransomware attack. It targeted
- Most often Android-based thousands of computer systems
 Scareware around the world that were running
- Fake software that acts as an antivirus or Windows OS and spread itself within
cleaning tool corporate networks globally.
- Often claims to have found issues on the Victims were asked to pay ransom
computer, and then demanding money to in Bitcoin to retrieve their data.
resolve the problems

Page 5 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

 Doxware
- Commonly referred to as leakware or extortionware
- Threatens to publish stolen information online if the user does not pay the ransom
- As more people store sensitive files and personal photos on their computers, it’s
understandable that some people panic and pay the ransom when their files have
been hijacked

o How to Acquire Ransomware

 Clicking malicious attachments
 Downloading and installing software that has malicious content
o Effects of Ransomware
 Computer systems will be locked out
 Files will be compromised (usually replaced with a new file type that opens as a text file)
 Forced to provide monetary compensation before getting the files back
o How to Prevent Ramsomware
 Install firewalls to block malicious attacks
 Install quality anti-malware software, with specialized anti-ransomware features
 Ensure software and programs are up to date, never ignore system updates
 Do not automatically open email attachments
 Prevent downloading and installing pirated software
 Rootkit
o Type of malware that are designed so that they can
remain hidden on a compute device
o Are active but the user may not notice them
o Rootkits give cybercriminals the ability to remotely
control compromised computer devices
Rootkits can hijack or subvert
o What are Rootkits Used For
security software, they are
 Stealth capabilities especially hard to detect,
- Modern rootkits add stealth capabilities to making it likely that this type of
malicious software payloads (such as malware could live on your
keyloggers and viruses) to make them computer for a long time
undetectable causing significant damage.
 Backdoor access Sometimes the only way to
- Rootkits permit unauthorized access through completely eliminate a well-
hidden rootkit is to erase your
backdoor malware
computer’s operating system
- Subverts the login mechanism to also accept a
and rebuild from scratch.
secret login access for the attacker
- Standard authentication and authorization
mechanisms are bypassed to provide admin
privileges to the attacker
Page 6 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

 DDoS attacks
- Rootkits allow the compromised computer to be used as a bot for distributed-denial-of-
service attacks
- The attack would now be traced to the compromised computer and not to the
attacker's system
- These bots are also called as zombie computers and are used as part of bot networks
to launch the DDoS attacks, and other malicious activities such as click fraud and spam
email distribution
o How to Acquire Rootkits
 Drive-by downloads: happen when you visit a website and it automatically installs malware
on your computer
 Phishing emails
 Spam messages with links attached
o Effects of Rootkits
 Can compromise computer security making the system vulnerable to attacks
 Help cybercriminals hide and protect malwares in the system
o How to Prevent Rootkits
 Update computer system and software
 Watch out for phishing emails
 Be careful of drive-by downloads
 Do not just open attachments from suspicious senders
 Spyware
o Malicious software designed to gain access to or damage computer devices
 Often without the knowledge of the user
o Primarily steals internet usage data and sensitive information
o Types of Spyware
 Adware
- Tracks your browser history and downloads
- Intent of predicting what products or services the user is interested in
- Adware displays advertisements for the same or related products or services to entice
the user to click or make a purchase
- Used for marketing purposes and can slow down a computer
 Trojan
- Disguises itself as legitimate software
- Example: may appear to be a Java or Flash Player update upon download
- Controlled by third parties
- Can be used to access sensitive information
 Tracking cookies
- Track the user’s web activities for marketing purposes
- Examples: searches, browsing history, downloads
 System monitors
- Can capture almost everything that the user does on the computer
- Often disguised as freeware
- Examples: keystrokes, emails, chat-room dialogs, websites visited, programs run
o How to Acquire Spyware
 Accepting a prompt or pop-up without reading it first
 Downloading software from an unreliable source
 Opening email attachments from unknown senders
 Pirating media such as movies, music, or games

Page 7 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

o Effects of Spyware
 Device is slow or crashes unexpectedly
 Device is running out of hard drive space
 Getting pop-ups when either online or offline
o How to Prevent Spyware
 Prevent opening emails from unknown or unverified sources
 Do not download files from untrustworthy sources / pirated software
 Do not click on pop-up advertisements
 Use reputable antivirus software
 Virus
o Type of malicious code or program
o Written to alter the way a computer operates
o Designed to spread from one computer to another
o This is designed to spread from host to host and can
replicate itself Onel de Guzman was an IT
o Operates by inserting or attaching itself to a Filipino student who created the
legitimate program or document that supports “I Love You” virus, one of the
macros in order to execute its code most well-known and worst
o Types of Viruses computer viruses of all time. This
virus spread all over other
 Boot sector
countries in a span of 5 hours on
- Takes control when you start or boot the
May 5, 2020, attacking tens of
computer millions of Windows PCs.
- One way it can spread is by plugging an
infected flash drive into a computer
 Web scripting
- Exploits the code of web browsers and web pages
- If the web page is accessed, then the virus infects the computer
 Resident virus
- Any virus that inserts itself in a computer system’s memory
- Can execute anytime when an operating system loads
 Direct action
- Runs when a file containing a virus is executed
- Otherwise, it remains dormant
 Polymorphic
- Changes its code each time an infected file is executed
- Helps to evade antivirus programs

Page 8 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

 Worm
o Stand-alone, self-replicating program
o Can spread throughout a network without human assistance
o Does not need to attach itself to a software program in order to cause damage
o How to Acquire Worms
 Transmitted via file-sharing networks, information- transport features, and software
vulnerabilities
 Clicking links to malicious websites
 Could arrive as attachments in spam emails or instant messages
o Effects of Worms
 Modify and delete files
 Inject additional malicious software onto a computer
 Depletes system resources by copying itself over and over
 Steal data, install a backdoor, allowing hacker to gain control cover a system
 Cause sluggish computer and programs crashing or not running properly
o How to Prevent Worms
 Make sure the operating system and applications are up to date
 Be extra cautious when opening unsolicited emails
 Invest in a strong internet security software solution

References:
 Adware Protection for Your Computer. (n.d.). Spam Laws. Retrieved August 13, 2020, from
https://www.spamlaws.com/adware-protect.html
 Comodo. (n.d.). Rootkit Definition. Comodo Enterprise. Retrieved August 17, 2020, from
https://enterprise.comodo.com/rootkit-definition/
 Kaspersky. (2017, September 5). Web Threats. Usa.Kaspersky.Com.
https://usa.kaspersky.com/resource-center/threats/web
 Malwarebytes. (n.d.). What is Spam? Definition & Types of Spam. Retrieved August 18, 2020, from
https://www.malwarebytes.com/spam/
 Norton. (n.d.). What Are Bots? Retrieved August 13, 2020, from
https://us.norton.com/internetsecurity-malware-what-are-bots.html
 Norton. (n.d.-a). Ransomware is malicious software that can take over your computer. Retrieved
August 17, 2020, from https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-
donts.html
 Norton. (n.d.-c). What is a computer worm and how does it work? Retrieved August 18, 2020, from
https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html
 Rootkit: What is a Rootkit? (n.d.). Veracode. Retrieved August 17, 2020, from
https://www.veracode.com/security/rootkit
 What’s the Difference between a Virus and a Worm? (n.d.). Www.Kaspersky.Com. Retrieved
August 18, 2020, from https://www.kaspersky.com/resource-center/threats/computer-viruses-vs-
worms

FORMATIVE ASSESSMENT

1. What internet threat is striking to you the most? Why?

Page 9 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines 2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: HUMSS 11G & H, STEM 12T
Email: [email protected]; Website: www.uc-bcf.edu.ph

MODULE 4 – Techno Subject Teacher: Lovely Jenn Reformado

ACTIVITY 4: Case Study – Internet Threats

Instructions:
 The students are to answer this activity individually. All students must answer this activity in the
text editor on Canvas.
 Students are to look up the profile of real life one internet threat based on the categories given
in the lecture (e.g. hacking, viruses, DDoS, etc.). This activity is worth a total of 50 points. The
student must provide the following information for their chosen internet threat:
1. What is the name of the internet threat? (2 points)
2. What is the type of internet threat? (2 points)
3. Who or what was affected by the internet threat? (2 points)
4. What, who or where is the origin of the internet threat? (2 points)
5. List down exactly 3 characteristics of the internet threat. (6x3=18 points)
6. List down 3 impacts of the internet threat. (6x3=18 points)
7. Provide a minimum of 3 references for your answers (Cite your sources using the APA
format). (2x3=6 points)
Sample Answer:
1. WannaCry
2. Ransomware
3. Users with unpatched computers who opened suspicious files from the internet.
4. Appeared on May 12, 2017.
5.
o The ransomware encrypted the user’s files making them inaccessible.
o Attackers demanded Bitcoin as ransom.
o If the ransom was not paid, the user’s files were deleted.
6.
o Affected more than 230,000 computers globally.
o Hospitals were affected, with ambulances, MRI scanners and other hospital equipment
malfunctioning.
o Cost $4 billion in losses worldwide.
7.
o Kaspersky Lab. (2020). What is WannaCry ransomware? Retrieved on 11/12/2020 from:
https://www.kaspersky.com/resource-center/threats/ransomware-wannacry
o Symantec Security Response. (2017). What you need to know about the WannaCry
Ransomware. Retrieved on 11/12/2020 from: https://symantec-enterprise-
blogs.security.com/blogs/threatintelligence/wannacry-ransomware-attack
o Trend Micro Incorporated. (2020). Preventing WannaCry (WCRY) ransomware attacks
using Trend Micro products. Retrieved on 11/12/2020 from:
https://success.trendmicro.com/solution/1117391-preventing-wannacry-wcry-
ransomware-attacks-using-trend-micro-products
How to Submit:
 Use the text editor option when answering “PT1 – Case Study – Internet Threats” under
“Module 4 – Internet Threats”. Include the ANSWERS only.
 For Messenger submissions, place the ANSWERS only in a text editor file (.txt) with the file name:
PT1 – Last Name, First Name – Strand and Section.txt.
 For Messenger submissions, paste your ANSWERS only on the chat itself.
Submission Channels:
 Canvas K-12 LMS (Assignments)
 Private messenger in Facebook messenger: fb.com/lovelyjenn.reformado.50

Page 10 of 10