INVITATION TO CYBERSECURITY 250 Internet dark alleys should be avoided at all costs because they pose real danger. The risk is significant that a user of these sites might inadvertently invite a hacker or cyber criminal right into his computer. They also open users up to associations that could result in being harassed, blackmailed, or even victimized in physical space. 9.2.5.2 Caveat Emptor “If you didn’t buy the product, you are the product.” - Anonymous Internet saying Caveat emptor is a Latin phrase that translates to “let the buyer beware.” It means that a buyer accepts the risk for a purchase. In the Internet age, many online services do not cost anything. However, caveat emptor still applies, because there are hidden costs to using free services. It may be the case that the user’s data is being monetized by the online service by selling it to third parties who may then use it for targeted marketing or other purposes. Most users do not realize that they are providing consent for their data to be used in this way, but it is likely stated in the end-user license agreement (EULA) they clicked “Accept” to when signing up. People rarely read these documents but that does not make them invalid. The social media website Facebook faced public criticism in 2018 when it became known that they were selling their users’ data to third parties. Since people share so much of their lives on Facebook’s website, Facebook has the ability to create detailed dossiers of their users, and this information has substantial value. Users did not realize that the information they shared on Facebook could be used by Facebook and third parties to manipulate them and shape their opinions. For example, Facebook users could be shown targeted propaganda designed to subtly shift their political views further to the right or the left. Facebook (since renamed Meta) did not violate any laws, but their founder and president, Mark Zuckerberg, was forced to testify before Congress about their privacy practices, and many people believe that what they did was unethical. This is a good illustration that there is no such thing as a free lunch. When online, if you are not paying for the product, you are the product! 9.2.5.3 Exercise Caution In addition to the dark alleys of the Internet, users can be exposed to danger anytime they are online—they are only one click away from compromise. When users download files and click on links, they are exercising trust and need to be cautious. Downloading files whether from a website or in an email is a risk because any file could contain a virus. Installing programs from unknown or unvetted sources is clearly dangerous, but merely opening files, including documents, pictures, and videos, can also pose a risk. Phishing emails are a prime example of how a user can be attacked online (see Section 4.1.2.1). Links in emails can sometimes be deceiving. A user should always hover over a link to verify the URL before clicking—the link text may not always match the actual URL (see Section 2.4.3). Subdomains are not officially registered so domain name owners can choose any text they want for a subdomain, and bad actors have no problem including trademarked names. If the primary domain looks suspicious, then a user should not click
RkJQdWJsaXNoZXIy MTM4ODY=