2. Cyber Security

As a sales representative of Norton products, you’ll need all the information there is to know about its products. Against what threats do Norton products offer protection? How much do you know about cyber security? What is your knowledge of viruses, phishing mails, drive-by downloads, scams and ransomware?

In this module you’ll learn about cyber security, which includes:

  1. The behaviour changes of customers and criminals
  2. The cybercrime scene
  3. Different types of threats

This module will take about 15 minutes to complete.

Changes in consumers and cybercriminals

Change in consumers' behaviour

Today’s consumers shop, bank, and pay bills online. They watch videos, share photos with friends and family, download music, manage their healthcare, research homework assignments, chat -- and more. They’re aware that the Internet has become an increasingly risky place, where fraud and identity theft can seriously impact their lives. Viruses, worms, spam and other threats can harm their valuable desktop and laptop computers and even prevent them from going online.

In recent years, the use of devices has developed in two major ways. The first change is in the sheer number of devices. Consumers used to have only one device. Nowadays they’ll often own multiple devices: one PC, one tablet, one smartphone. The other change is in the increase in usage of mobile devices. Mobile devices have quickly become the go-to for a whole range of digital services that consumers rely on every day.

As consumer habits have evolved, so have the threats. Along with the continual arrival of new malware specifically targeting mobile devices, malware has also been created for PCs which attempts to infect Android devices. In short, the range of threats has become ever more complex.


Cybercrime is growing in both its volume and sophistication and is already one of the largest illegal industries in the world. According to the latest Symantec Internet Security Threat Report (ISTR), 12 adults become a victim of cybercrime every second. That adds up to more than a million global cybercrime victims each day, costing the global economy around $113 billion a year.

Personal information is the currency of the underground economy, and each datatype sells for a different price. 

Process of cybercrime

Cybercriminals who obtain this data can sell it, usually in packs, to a variety of buyers. That includes identity thieves, organized crime rings, spammers and botnet operators, who use the data to make even more money. They are increasingly leveraging sophisticated management principles in the creation and expansion of their activities. Cybercrime is maturing as a business model.

Changes in threats

From visible to invisible threats

We distinguish two types of threats:

  • Visible threats are threats that are visible to the system and are identifiable via their signature by the system, such as a virus or worm.
  • Invisible threats are threats that aren’t visible to the system. A phishing mail, for example, won’t be visible to a system because there is no threat inside it. The phishing mail just sends the user to a website.

What percentage of all the threats do you think are invisible threats nowadays?


Difference in protection

Nowadays, as you can see in the image below, cybercriminals prefer using the Internet for stealing information rather than installing a virus on a device.

Consumers need protection against all types of threats, but there is a difference in the protection levels against those threats. An antivirus will only look for malware installed within a system and recognise its signature. The antivirus won’t discover phishing mails because they have no signature in the system. An Internet security solution has an anti-phishing tool enforced with an anti-spam tool that will advise the user not to click on suspicious links. Or, if they click on the link, additional controls will be activated before the user is redirected to the suspicious website.

To obtain full protection, consumers need an Internet security solution.

Visible threats

Types of visible threats

Malware, short for malicious software, is a general term used to refer to a variety of forms of hostile or intrusive software. Malware programs are designed by cybercriminals to disrupt computer operation, gather sensitive information, or gain access to computer systems. It can appear in the form of code, scripts, active content, and other software.

Last year, the malware rate detected globally reached 317 million!

Do you know these types of malware?
Try to match the correct description to the type of virus.

  • Virus
    Can copy itself and infect a computer without the user’s permission or knowledge.
  • Worm
    Spreads functional copies of itself to other computer systems.
  • Trojan horse
    Often disguised as legitimate software and facilitates unauthorised access to the user’s computer system.
  • Adware
    Displays advertisements, usually through pop-up or pop-under windows.
  • Spyware
    Monitors and gathers personal information and sends to a third party without the user’s knowledge or consent.
  • Ransomware
    Prevents or limits users from accessing their system and forces victims to pay a ransom in return for having access restored -- or for their files.


Adware, or advertising-supported software, is any software package that automatically generates advertisements in order to produce revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process. The functions may be designed to analyse which Internet sites the user visits and to present advertising pertinent to the types of goods or services featured there.

Adware itself is not inherently malicious, but is often invasive, annoying and may arrive bundled with malware. Adware routines can weaken network connection and system performance.


  • Bundling with free programs
  • Social engineering
  • Search toolbars

Spyware usually finds its way onto your computer without your knowledge or permission. It runs in the background, collecting information -- or monitoring your activities. A lot of spyware harvests information related to your computer and how you use it, like your Web browsing patterns. However, more sophisticated forms of spyware have been known to capture and transmit highly personal information to identity thieves such as website passwords and usernames, credit card numbers, and even copies of your instant messages.

Spyware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user.

Which of the following methods does spyware use to install on an end user’s machine?


Ransomware is a type of malware which restricts access to the computer system or mobile device that it infects, and demands a ransom paid in order for the restriction to be removed. Some forms of ransomware encrypt files on the victim’s machine using strong cryptography. After that, it notifies the user that their files have been encrypted and demands a ransom for decryption. Since the decryption key is stored on the attacker’s server, victims cannot recover their files without paying the ransom.

Ransomware attacks grew 500 percent from 2013 to 2014, along with 45 times more crypto-ransomware attacks on all devices.

Do you know the difference between regular ransomware and crypto-ransomware?
Drag the text and drop it at the right image.

  • Your computer is unusable, but it is fixable.
  • Your data is encrypted, possibly forever.

Invisible threats


Phishing is one of the most common methods employed by criminals to trick people into revealing sensitive information like usernames, passwords and credit card data.

It is a two-step process:

  1. Pretending to be a bank or some other legitimate entity, criminals send e-mails which typically include a link.
  2. After clicking this link, you're guided to a fake website where you are asked to provide personal information.

Smishing is very much like phishing but uses text messages on cell phones and smartphones instead of e-mails to try to get you to open links and give out personal and financial information. A smishing message usually contains something that looks like it was sent from an official institution, or an alarming message stating you will be charged a certain fee if you don’t act immediately. Acting immediately means clicking on the provided link or calling the phone number, where criminals hope to collect all sorts of confidential information from you or deliver a virus.

How do you recognise phishing? ​What on this website tells you it’s not an official website, but a phishing website?
Click on the spot that tells you it’s a fake website and press ‘Submit’.

Drive-by downloads

Cybercriminals are increasingly using drive-by downloads to distribute malware. A 'drive-by-download' attack is a malware delivery technique that is triggered simply because the user visited a website. There are two types of drive-by downloads:

  1. Traditionally, malware was only 'activated' as a result of the user proactively opening an infected file (for example, opening an e-mail attachment or double clicking on an executable that had been downloaded from the Internet). This is the first type of drive-by download.
  2. Unfortunately, hackers have become increasingly sophisticated over recent years and this level of interaction is no longer required. This is the second type of drive-by download. Malware may be served as hidden codes within a website content, served content like banners, advertisements and used as a vehicle for hacking and other cybercrime. The simple act of visiting a site is enough to infect your computer or have your personal information stolen.

The infographic below shows the stages of a drive-by download.


Another group of invisible threats are scams. the dishonest way to make money by deceiving people. Scams have been around forever, but as technological innovations have emerged, so has a new breed of scam artist. Utilising various aspects and tools of the Internet, the online scammer has become more successful than ever in defrauding people.

With the increased global use of the Internet, scammers have more opportunities than ever before to trick people into giving their personal and financial information. For example, you receive a €10 voucher via e-mail. To activate the voucher, you're asked to click on a link. This link is actually a link subscribing you to a fake service with a monthly pay frequency. By the time you realise it’s a scam, you’ve already paid one or two month's worth of fees.

What are five common social media scams?

These rely on victims to do the actual work of sharing the scam by presenting them with intriguing videos, fake offers or messages that they share with their friends.
These scams invite social network users to join a fake event or group with incentives such as free gift cards. Joining often requires the user to share credentials with the attacker or send a text to a premium rate number.
Using fake ‘Like’ buttons, attackers trick users into clicking website buttons that install malware and may post updates on a user’s newsfeed, spreading the attack.
Users are invited to subscribe to an application that appears to be integrated for use with a social network and may be used to steal credentials or harvest other personal data.
This attack is similar to likejacking, where the attacker tricks the user into submitting a comment about a link or site which will then be posted to his or her wall.


End of module

You have reached the end of this module.

In this module you learned about:

  1. The changes in the behaviour of consumers and cyber criminals;
  2. The cybercrime market;
  3. The different types of visible and invisible threats.

If you want to test your knowledge, go over to the quiz on Cyber Security. To open this you have to return to the learning management system.