Empowerment Technologies

Governor Pack Road, Baguio City, Philippines

2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

Page 1 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

Course Objectives:
a. enumerate and define the commonly known internet threats
b. provide examples of each
c. discuss the impacts of these internet threats and how to avoid them

Motivation:
1. What do you think when you hear the word “internet threat”?

INTERNET THREATS

Definition of terms:
• Internet Threats – also known as “web threats”
o are malware programs that can target you when you’re using the Internet
o they include a range of malicious software programs that are designed to
infect victims’ computers

Internet Threats:
SPAM
• Spam – unsolicited digital communication, often an email, that gets sent out in
bulk, unwanted emails mostly from bots or advertisements. This can be used to
send malware.

Types of Spam:
1. Phishing emails: trick victims into giving up sensitive information, e.g. website
logins, and credit card info, by way of social engineering and email spoofing.
Spoofed emails mimic, or spoof, an email from a legitimate sender, demanding
some sort of action. Well executed spoofs will contain familiar branding and
content, and sound urgent—even threatening.
Common phishing ploys include:
o A request for payment of an outstanding invoice.
o A request to reset your password or verify your account.
o Verification of purchases you never made.
o A request for updated billing information.

2. Malspam: any kind of malware spread via spam, it relies on social engineering to
trick recipients into taking some kind of action, often against our better
judgment, like clicking a download link, or opening an attachment contained in
the email that infects your computer with malware.

Effects of Spam How to prevent Spam

1. Makes the computer 1. Ignore and delete unwanted

vulnerable to malware, if messages
spam is not ignored 2. Learn how to spot phishing
2. Spam blocks communication emails
channels and creates traffic 3. Use multi-factor authentication
Page 2 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

3. Inconvenience/nuisance to 4. Install anti-malware

customers

3. Malicious Botnets: group of compromised computers connected to a “network”

(zombie). This can be used to do other malicious activities in a remote location

Activities of Botnets:
1. Distributed Denial of Service (DDoS) attacks that cause unplanned
application downtime
2. Validating lists of leaked credentials (credential-stuffing attacks) leading
to account takeovers
3. Web application attacks to steal data
4. Providing an attacker access to a device and its connection to a network

What are Botnets Used for? How to prevent Botnets

1. Financial theft — by extorting 1. Improve all user passwords for

or directly stealing money smart devices
2. Update admin settings and
2. Information theft — for access
passwords across all your
to sensitive or confidential
devices.
accounts
3. Be wary of any email
3. Sabotage of services — by attachment
taking services and websites 4. Never click links in any message
offline, etc. you receive
5. Install effective anti-virus
4. Cryptocurrency scams — using
software.
users’ processing power to mine
6. Make sure computer system
for cryptocurrency
and programs are up to date
5. Selling access to other
criminals

Page 3 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

MALWARE
• Malware – Malicious Software
o Can be used to cause harm to the computer, compromise computer
functions, bypass access controls, steal data and personal information, etc.

Types of Malware:

• Adware – Advertising Supported Software, hence it

displays advertisements on your computer
o Least dangerous and most lucrative malware In many cases, ads may be
within the software itself.
Examples: pop-up ads on websites, ads on software Alternatively, the adware may
encourage you to install
additional software provided by
third-party sponsors.
Adware programs exist across
all computers and mobile
devices. Most of these are
perfectly safe and legitimate,
but some might have dark
motives that you are unaware
of.

How to acquire Effects of Adware to How to prevent Adware

Adware computer system
1. Through 1. Changes internet settings 1. Keep your systems and
Shareware 2. Slows down the programs updated -
Programs processing speed of a (operating system, internet
2. Through computer service provider, anti-virus
infected 3. Can carry the security software and email
websites threat of spyware program updates)
4. Changes to browser 2. Adjust your Browser Settings
homepage and search to Medium Security or
results above.
3. Install a Firewall
4. Watch what you click!
5. Use pop-up blockers and
adware removers

• Malicious Bots – self-propagating malware that infects its host and connects
back to a central server
o bots that attempt to carry out cybercrime, such as identity theft or account
takeover

Page 4 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

o usually used to infect large numbers of computers. These computers form a

“botnet,” or a bot network.

Activities of Malicious Bots:

• credential stuffing
• web/content scraping
• DDoS attacks
• Brute force password cracking
• Spam content
• Email address harvesting

There are GOOD BOTS!

One of the typical “good”
bot uses is to gather
information. Bots in such
guises are called web
crawlers. Another “good”
use is automatic interaction
with instant messaging,
instant relay chat, or
assorted other web
interfaces. Dynamic
interaction with websites is
yet another way bots are
used for positive purposes.

How to acquire Bots Effects of Malicious Bots How to prevent

Malicious Bots

1. Download Tactics: 1. Internet access is slow for 1. Install firewalls to

Malware is delivered in no apparent reason block malicious
download format via 2. The computer crashes attacks
social media or email for no apparent reason 2. Use a long and
messages that advise 3. The fan goas into complicated
clicking a link. The link overdrive when the password
is often in picture or device is idle 3. Never use the same
video form, with either 4. Computer takes a long password for
containing viruses and time to shut down, or multiple programs
other malware. fails to shut down 4. Install quality anti-
2. Scare Tactics: a bot correctly malware software
will appear as a 5. Pop-up windows and 5. Ensure software and
warning saying that if advertisements appear programs are up to
you do not click on even when you aren’t date, never ignore
the associated link, using a web browser system updates
your computer will 6. Computer programs are 6. Refrain from using

Page 5 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

get a virus. Clicking running slowly flash drives in an

the link subsequently 7. The browser features infected computer
infects your computer contents you didn’t
with a virus. download

• Security Bugs – are the most severe type of bugs and can allow attackers to
bypass user authentication, override access privileges, or steal data. This can
cause crashing or freezing.
• Ransomware – Holds a computer system captive while demanding a ransom.

Types of Ransomware:

1. Crypto Malware – a form of ransomware that causes a lot of damage

because it encrypts things like your files, folders, and hard-
drives.
2. Locker-ransomware – known for infecting operating systems One of the most familiar
examples is the destructive
to completely lock out computer or devices, making it 2017 WannaCry ransomware
impossible to access any of the files or applications. This attack. It targeted thousands
type of ransomware is most often Android-based. of computer systems around
3. Scareware – fake software that acts like an antivirus or a the world that were running
Windows OS and spread
cleaning tool. It often claims to have found issues on your itself within corporate
computer, demanding money to resolve the problems. networks globally. Victims
4. Doxware – commonly referred to as leakware or were asked to pay ransom in
Bitcoin to retrieve their data.
extortionware. It threatens to publish stolen information
online if user doesn’t pay the ransom. As more people store
sensitive files and personal photos on their computers, it’s
understandable that some people panic and pay the
ransom when their files have been hijacked.

How to acquire Effects of Ransomware How to prevent

Ransomware Ransomware
1. By clicking malicious 1. Computer systems will 1. Install firewalls to
attachments be locked out block malicious
2. Downloading and 2. Files will be attacks
installing software compromised 2. Install quality anti-
that has malicious malware software

Page 6 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

contents 3. Ensure software and

programs are up to
date, never ignore
system updates
4. Don’t automatically
open email
attachments

• Rootkit – type of malware that are designed so that they can remain hidden on
your computer. But while you might not notice them, they are active.
Rootkits give cybercriminals the ability to remotely control your
computer.

What are Rootkits used for? Rootkits can hijack or subvert

1. Stealth capabilities: Modern rootkits add stealth security software, they are
especially hard to detect,
capabilities to malicious software payloads (such as making it likely that this type
keyloggers and viruses) to make them undetectable. of malware could live on
2. Backdoor access: Rootkits permit unauthorized access your computer for a long
time causing significant
through backdoor malware. The rootkit subverts the
damage. Sometimes the only
login mechanism to also accept a secret login access way to completely eliminate
for the attacker. Standard authentication and a well-hidden rootkit is to
authorization mechanisms are bypassed to provide erase your computer’s
operating system and rebuild
admin privileges to the attacker. from scratch.
3. DDoS attacks: Rootkits allow the compromised
computer to be used as a bot for distributed-denial-of-
service attacks. The attack would now be traced to
the compromised computer and not to the attacker's
system. These bots are also called as zombie computers and are used as part of
bot networks to launch the DDoS attacks, and other malicious activities such as
click fraud and spam email distribution.

How to acquire Rootkits Effects of Rootkits How to prevent Rootkits

1. Drive-by downloads: 1. Can compromise computer 1. Update computer

happen when you visit security making the system system and software
a website and it vulnerable to attacks 2. Watch out for phishing
automatically installs 2. Help cybercriminals hide emails
malware on your and protect malwares in 3. Be careful of drive-by
computer the system downloads
2. Phishing emails 4. Do not just open
3. Spam messages with attachments from
links attached suspicious senders

Page 7 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

• Spyware – malicious software designed to gain access to or damage computer,

often without the knowledge of the user. This infiltrates your computing device,
stealing internet usage data and sensitive information

Types of Spyware:

1. Adware: This type of spyware tracks your browser history and downloads, with
the intent of predicting what products or services you’re interested in. The
adware will display advertisements for the same or related products or services
to entice you to click or make a purchase. Adware is used for marketing
purposes and can slow down your computer.
2. Trojan: This kind of malicious software disguises itself as legitimate software. For
example, Trojans may appear to be a Java or Flash Player update upon
download. Trojan malware is controlled by third parties. It can be used to access
sensitive information such as Social Security numbers and credit card
information.
3. Tracking cookies: These track the user’s web activities, such as searches, history,
and downloads, for marketing purposes.
4. System monitors: This type of spyware can capture just about everything you do
on your computer. System monitors can record all keystrokes, emails, chat-room
dialogs, websites visited, and programs run. System monitors are often disguised
as freeware.

How to acquire Effects of Spyware How to prevent

Spyware Spyware

1. Accepting a prompt 1. Your device is slow or 1. Don’t open emails

or pop-up without crashes unexpectedly from unknown
reading it first 2. Your device is running senders.
2. Downloading out of hard drive space 2. Don’t download files
software from an 3. You get pop-ups when from untrustworthy
unreliable source you are online or offline sources.
3. Opening email 3. Don’t click on pop-
attachments from up advertisements.
unknown senders 4. Use reputable
4. Pirating media such antivirus software.
as movies, music, or
games

• Virus – type of malicious code or program written to alter the way a computer
operates and is designed to spread from one computer to another. This is designed to
spread from host to host and has the ability to replicate itself. This operates by inserting
or attaching itself to a legitimate program or document that supports macros in order
to execute its code.

Page 8 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

Types of Virus:

1. Boot sector virus: This type of virus can take control when you start — or boot —
your computer. One way it can spread is by plugging an infected flash drive into
your computer.
2. Web scripting virus: This type of virus exploits the code of web browsers and web
pages. If you access such a web page, the virus can infect your computer.
3. Resident virus: This is a general term for any virus that inserts itself in a computer
system’s memory. A resident virus can execute anytime when an operating
system loads.
4. Direct action virus: This type of virus comes into action when you execute a file
containing a virus. Otherwise, it remains dormant.
5. Polymorphic virus: A polymorphic virus changes its code each time an infected
file is executed. It does this to evade antivirus programs.

Onel de Guzman was an IT

Filipino student who created
the “I love you” virus, one of
the most well-known and
worst computer viruses of all
time. This virus spread all
over other countries in a
span of 5 hours on May
5,2020, attacking tens of
millions of Windows PCs.

• Worm – a stand-alone, self-replicating program that can spread throughout a

network without human assistance, it does not need to attach itself to a software
program in order to cause damage

How to acquire Worms Effects of Worms How to prevent Worms

1. Transmitted via file- 1. Can modify and delete 1. Make sure OS and
sharing networks, files applications are up
information- transport 2. Inject additional to date because
features and software malicious software onto updates often
vulnerabilities a computer include patches for
2. When clicking links to 3. Depletes system security flaws
malicious websites resources by copying 2. Be extra cautious
3. Could arrive as itself over and over when opening
attachments in spam 4. Can steal data, install a unsolicited emails,
emails or IMs backdoor, allowing especially those
hacker to gain control from unknown

Page 9 of 10
 Empowerment Technologies
Governor Pack Road, Baguio City, Philippines
2600
Tel. Nos.: (+6374) 442-3316, 442-8220; 444-2786;
442-2564; 442-8219; 442-8256; Fax No.: 442-6268 Grade Level/Section: Grade 11 and 12
Email: [email protected]; Website: www.uc-
bcf.edu.ph

Module 4: Internet Threats Subject Teacher: Angeli Cabilitazan

cover a system senders that contain

5. Can cause sluggish attachments
computer and 3. Invest in a strong
programs crashing or internet security
not running properly software solution

References:

Adware Protection for Your Computer. (n.d.). Spam Laws. Retrieved August 13, 2020, from
https://www.spamlaws.com/adware-protect.html

Comodo. (n.d.). Rootkit Definition. Comodo Enterprise. Retrieved August 17, 2020, from
https://enterprise.comodo.com/rootkit-definition/

Kaspersky. (2017, September 5). Web Threats. Usa.Kaspersky.Com.

https://usa.kaspersky.com/resource-center/threats/web

Malwarebytes. (n.d.). What is Spam? Definition & Types of Spam. Retrieved August 18, 2020, from
https://www.malwarebytes.com/spam/

Norton. (n.d.). What Are Bots? Retrieved August 13, 2020, from
https://us.norton.com/internetsecurity-malware-what-are-bots.html

Norton. (n.d.-a). Ransomware is malicious software that can take over your computer. Retrieved
August 17, 2020, from https://us.norton.com/internetsecurity-malware-ransomware-5-dos-
and-donts.html

Norton. (n.d.-c). What is a computer worm and how does it work? Retrieved August 18, 2020,
from https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html

Rootkit: What is a Rootkit? (n.d.). Veracode. Retrieved August 17, 2020, from
https://www.veracode.com/security/rootkit

What’s the Difference between a Virus and a Worm? (n.d.). Www.Kaspersky.Com. Retrieved
August 18, 2020, from https://www.kaspersky.com/resource-center/threats/computer-
viruses-vs-worms

FORMATIVE ASSESSMENT

1. What internet threat is striking to you the most? Why?

Page 10 of 10