Internet Security Awareness

Towards a Secure Cyber Environment

The services available on the Internet have increased significantly, which allowed it to be used for multiple purposes such as online shopping, entertainment, social media, message exchange, photos, data, and videos.

On the other hand, cyber risks and threats facing our society have also increased as a result of the unsafeuse of the Internet.

How do you protect yourself and your family from the dangers of the Internet?

• Use strong and complex passwords for different accounts, consisting of a mixture of capital letters (A – Z) and lowercase letters (a – z), in addition to numbers (1 – 9) and symbols (# $ % @ & !). Ensure the password length is not less than 12 characters, and make sure to change your passwords periodically.
• Talk to your children in a calm and open manner and discuss with them the risks resulting from using the Internet. Encourage them to report anything that exposes them to anxiety, threat or fear on the Internet.
• Warn children about the danger of publishing any personal information relating to you or them (such as your home address, workplace, phone number, email address, etc.) to avoid having the information abused for bad purposes.
• Warn children not to communicate with or meet strangers or share with them photos, videos, or private information, in order to avoid becoming a victim of extortion, exploitation, impersonation …
• Update Operating Systems, Applications and Anti-Virus software regularly.
• Advise your children to use appropriate search engines made for children such as kidrex.org and Kiddle.co
• Follow-up with children when using the Internet either directly or through parental control software that monitors and blocks malicious programs and websites.
• Advise children not to post any information, videos or pictures that are considered offensive or bullying to others, as it exposes them to legal prosecution.
• Advise children to take care of e-mails from unknown senders, and not to click on the attachments and links contained in the e-mails, because they may be used to trick them or represent a phishing tool or may contain harmful viruses.
• Educate children about not clicking on advertisements or links that promote advertisements or prizes on the Internet as most of these links contain malware or contribute to the spread of malicious content.
• Determine the time allowed for children to connect to the Internet, this encourages them to be responsible, as they need to balance Internet and physical activities, to enjoy a healthy childhood.
• Apply additional security and privacy settings on applications (e.g. email, web browser, Social media, instant messaging, etc.) especially Two-Factor Authentication, Privacy Settings, Unauthorized Login, Mail Filter, Spam Protection, Ad Blocking.
• Be sure to Logout from all accounts once finished from using them.
• Maintain, on a permanent and periodic basis, backup copies on external media of important information, data and emails.
• Change the Wi-Fi identification name (SSID) and change the default username and password specified by the WI-FI manufacturer. Enable Automatic Updates and ensure you are using the most recent WPA2/3 encryption on the Wi-Fi Router.

What do you do if you fall victim of a cyber threat?

  1- If you receive a threat of blackmail, the following steps should be taken:

• Ask a trusted friend or family member for help and document evidence of extortion.
• Do not pay the blackmailers any amount of money and do not negotiate with the blackmailers or fulfill their requests even if you come under intense pressure.
• Call the Internal Security Forces and ask for help.
• Report the blackmail or bullying on the social media website
  where the actions occurred.

  2- If your account was compromised (social media, email…), the following steps should be taken:

• Log in to your account and click the link “Account Compromised”
  or “Account Hacked”.
• Change your password on the social media or email account that was hacked.
• Enable additional security settings on your account especially Two Factor Authentication.
• If you cannot recover your account, inform your contacts that your account was hacked so they will be cautious of any message they receive from your hacked account.

Contact the Internal Security Forces (ISF) for help

The Internal Security Forces will always maintain complete confidentiality in dealing with cybercrime investigations and will make every effort to help you solve the problem you are facing.

Report to the ISF any cybercrime, online blackmail threat, or cyber threat you may encounter through one of the following means:

• The Cybercrime and Intellectual Property Bureau telephone number: 01/293293
• The ISF website (isf.gov.lb) and complete the “Anonymous Complaints” form.

Introduction

The number of electronic devices used to connect to the Internet (computers, smartphones, laptops, smart devices, etc.) has increased significantly over the last few years, and each has various use cases that make these devices vulnerable to a wide range of cyber threats and attacks. Therefore, suitable prevention and protection measures are required to reduce the risk of device hacking or data theft.

Protect Your Devices

• Use strong, complex passwords for all your accounts that include a mix of upper case letters (A- Z), lowercase letters (a – z), as well as numbers (9 – 0) and symbols (# $ % @ & !).
• Password length should be at least 12 characters, and make sure to change them regularly.
• Make sure to download the applications you really need from their trusted sources, such as Google Play Store and Apple Store and delete/uninstall applications you no longer need.
• Enable Auto-lock screen / Device Lock after a short period of time of device inactivity.
• Ensure that Automatic Updates is enabled for all software / applications, operating systems (Windows, IOS, Android, …) and Internet browsers (Chrome. Firefox, …) in order to fix security gaps and vulnerabilities as soon as they are discovered.
• Download and install Antivirus software on all your devices and update it regularly.
• Ensure to cover the camera on your laptop when not in use.
• Turn off the device’s network connectivity (WiFi, NFC, Bluetooth) when not in use.
• Enable the Find my Phone feature to help you find your device, if it is lost or stolen.
• Reset your computer, smartphone, or tablet (Wipe Data / Factory Reset) before you dispose the device or give it away.
• Always keep up-to-date backup copies of your device content and data.
• Do not accept requests you receive from unknown sources (Email, WhatsApp, Facebook Messenger, …) to upload / download software. The software may be malicious and thus attempts to hack your device or steal your information.
• Be careful of emails from unknown senders which contain attachments or have links in the body, because they may be a type of scam / Phishing attack, or they may contain harmful viruses.
• Be careful of your surrounding while working on your devices in public places (such as: plane, train, cafe, airport, etc.), to avoid eavesdropping on your sensitive documents or information.
• Avoid visiting suspicious websites on the Internet as they may compromise your device and install harmful viruses without your knowledge.
• Avoid using untrusted Public WiFi networks and Delete / Forget Public WiFi networks you had to use previously.

What do you do if your smart-phone or tablet is lost or stolen?

Take the following steps:

• Try calling your phone.
• If you have previously enabled the Find My Phone feature:
  • a- Check the device’s location on the app interface and turn on the Alarm
    if the location is nearby.
  • b- Do not go to the location of the device if it is far away; instead
    immediately report to the Internal Security Forces.
  • c- Lock your phone remotely through the Find my Phone interface.
• Contact the phone service provider, explain the situation, and ask them to disable your phone number, and suspend the available services.
• Change the passwords for all accounts linked to the phone (Apple, Google, …) and those used on the phone (Facebook, Twitter, Instagram, WhatsApp, Webmail, …).

How do you deal with common computer problems?

If you feel that there are some strange signs in the way your computer is working such as (slow opening of files, fast battery consumption,lack of control of applications on the device, deletion of files, file locations being changed, malfunctions of some services, …), then there could be malware or viruses running on your device. In this case, you can take the following steps:

• Back up all data and files on your device.
• Restart your device in Safe Mode.
• Work through your operating system options to run Check Disk and clean it using Disk Clean-up.
• Perform a full scan of the device through your anti-virus software and follow the advice from the software.
• In the event that the anti-virus software did not succeed in removing the malware, perform a Format of the device, and re-download a reliable and powerful antivirus program.
• Restore clean data from the most recent backup you made previously.

Contact the Internal Security Forces (ISF) for help

The Internal Security Forces will always maintain complete confidentiality in dealing with cybercrime investigations and will make every effort to help you solve the problem you are facing.

Report to the ISF any cybercrime, online blackmail threat, or cyber threat you may encounter through one of the following means:

• The Cybercrime and Intellectual Property Bureau telephone number: 01/293293
• The ISF website (isf.gov.lb) and complete the “Anonymous Complaints” form.

Towards a Secure Cyber Environment

The services offered to the users on the Internet and social media platforms have increased recently, allowing them to complete various business activities, in addition to electronic banking transactions.

Below are some procedures and measures to be taken online to keep your money, credit cards and banking transactions safe

Protecting Electronic Transactions and Banking Funds online

• Use strong and complex passwords for different accounts, consisting
  of a mixture of capital letters (A – Z) and lowercase letters (a – z), in addition to numbers (1 – 9) and symbols (# $ % @ & !). Ensure the password length is not less than 12 characters, and make sure to change your passwords periodically.
• Report Immediately any financial fraud, through contacting the bank or financial institution fraud team so they can take the necessary actions.
• Conduct electronic banking transactions on reliable computers or portable devices, equipped with the latest Antivirus software that can detect and treat vulnerabilities and malicious software.
• Do not conduct electronic banking or shopping transactions when connected to public Wi-Fi networks, or on websites that do not have HTTPS.
• Do not disclose details of your bank accounts or your credit cards, in front of untrusted strangers (e.g. representatives of banks, hotels, online stores, restaurants, etc.)
• Be aware that the bank will never ask you for sensitive details (for example passwords) related to your bank accounts or credit cards, therefore do not share such details with anyone under any circumstances.
• Make sure you cover the number pad when entering your PIN on ATM machines or Point of Sale (POS) devices and avoid revealing the PIN in front of anyone.
• Destroy expired credit cards by cutting them into small pieces and make sure the Magnetic Stripe and Chip Inside the card are destroyed.
• Review your bank accounts regularly, especially those linked to your credit cards to ensure executed transactions are accurate. Report any suspicious transactions or payments to your bank immediately.
• Be aware of cases where small sums of money are being withdrawn from your account over a long period of time, to avoid raising any suspicions.
• Always check any banking requests – for example to make new payments or amend account details – with a trusted person in the bank, your personal banker or bank branch manager.
• Carry out additional checks for any payment requests that exceed the limit set by you before making the transaction (e.g., call back the person requesting the payment and confirm details).
• Avoid entering details related to your bank account through links contained in emails or anonymous text messages. This is typically a phishing campaign used to steal your personal information or bank funds.
• Always logout of your internet banking accounts immediately when you finish using them.
• Be cautious, when shopping online, from providing additional information than is not necessary to complete the transaction.
• Read the experience reviews and opinions, positive or negative, expressed by customers who have used the Internet shopping websites you are planning to use.
• Inform the bank immediately, when you find cash withdrawals on your credit cards, without your knowledge.
  This means, most probably, your credit card was copied or skimmed.

What do you do if your credit card was stolen?

If you suspect your credit card was lost or stolen, or used without your knowledge, the following procedures should be followed to limit the financial losses that may be incurred:

• Contact the credit card issuer and report immediately that your card was lost or stolen so it can be cancelled and replaced with a new one.
• Request a statement on the card’s account, in preparation for doing what is necessary to recover any unauthorized transactions.
• Update the Mobile Wallet on your phone and all the shopping accounts on the Internet where you have used the lost or stolen card.

What do you do if you are a victim of financial fraud?

• Contact your bank immediately and inform them of the matter.
• Stop communicating with the website or the suspect who is trying
  to scam you.
• Change your password on the internet shopping website or in the phone application you were using.
• Document the date and time that the fraud was discovered or reported, and other relevant information.
• Monitor your bank account, and document any suspicious transactions stating all the details (transaction source, date and time, value …). These will be used as an evidence in legal proceedings.

Contact the Internal Security Forces (ISF) for help

The Internal Security Forces will always maintain complete confidentiality in dealing with cybercrime investigations and will make every effort to help you solve the problem you are facing.

Report to the ISF any cybercrime, online blackmail threat, or cyber threat you may encounter through one of the following means:

• The Cybercrime and Intellectual Property Bureau telephone number: 01/293293
• The ISF website (isf.gov.lb) and complete the “Anonymous Complaints” form.

This guide aims at raising awareness of all society members about the most significant cyber threats and cybercrimes, and at enhancing protection and personal privacy when connecting to the internet and benefiting from digital services.

Furthermore, this guide highlights the preventive measures and the best practices that should be followed to protect the information and personal data against theft, to prevent hacking of electronic devices, to avoid being victim to cyber extortion, and finally to help children and other family members staying safe on the internet.