Subject Guides: Skills Guides: Online safety

IT Services: IT security
IT Services' advice for how to secure your device and keep safe online

Don't get phished

Be careful what you click on...

No, really. It's easy to get taken in. Even members of IT get caught out. So please, please, take a look at the resources below... especially the link to our phishing advice.

IT Services: Spam and phishing emails
Tips on how to spot dodgy emails and websites

Managing negative attention

Dealing with online harassment
University of York Staff guidance for dealing with online harassment

The internet is a wonderful thing, but it can empower people in troubling ways. How can we handle negative comments and behaviours?

The act of speaking your mind on the internet can lead you open to all manner of abuse, and this risk is increased for certain groups. Yes, you can ignore some of it. But you can only ignore so much. And let’s be clear: you shouldn’t have to ignore anything of this kind.

In her Guide to Internetting While Female, Feminist Frequency’s Anita Sarkeesian defines six forms of online trolling. Perhaps you’ve experienced some for yourself…

Sealioning: named after a Wondermark webcomic, sealions pop up, unsolicited, in your online conversations, and politely asks you to evidence seemingly self-evident points as a means of derailing your original point.
Concern trolling: manifest in ‘helpful’ comments and ‘constructive criticism’, concern trolls operate from a seeming position of support as a means of cushioning their opposing views.
Gish-galloping: drowning out by recourse to a torrent of arguments (often petty). Responding to a gish-galloper’s every comment will demand significant time and effort.
Impersonation trolling: hoax accounts posting inflammatory comments under your name.
Dogpiling: when the cyber-mob are called in to overwhelm you with a barrage of responses, insults, accusations or threats.
Gaslighting: presenting false information in an attempt to make you doubt your own memory. In terms of online abuse, it extends to questioning the abuse itself, and underplaying its impact; for instance: “You’re not getting all of this abuse”, or “It’s not as bad as you’re making out”.

Feminist Frequency have produced a guide to protecting yourself from online harassment which offers best-practice for online privacy and safety, as well as advice for reporting harassment. It’s important to have the confidence to recognise problems as quickly as possible so that you can speak out against abusers, document their abuse and report them. It’s also important to remember that if someone harasses or threatens you online, it’s not you that is in the wrong.

Speak Up & Stay Safe(r)
A Guide to Protecting Yourself From Online Harassment

• •

The 10 Commandments of Rational Debate
10 of the more popular logical fallacies - things to watch for and avoid when engaging in debate

• •

The data self

Here, Dr David Beer explains how we live in an environment where the amount of data accumulated about us is huge, and contemplates how this might affect the way that we behave in ‘real life’.

Keeping yourself safe online

The information trail we leave online isn’t just a reputational concern. We can give away a lot of personal details, and while for the most part this will be just noise in the internet, it is information that can be used against us, as IT expert Tom Smith explores:

The TV series Hunted provides an effective (and entertaining) illustration of how our online activity can betray our movements, our intentions and our personal networks. In some cases, confiscated devices, phishing attempts and hacked passwords are used as a means of gaining sensitive information, but all too regularly the clues hide in plain sight: on open social media accounts that any of us can see. If you're posting in an open forum, anybody can access that information.

• •

Tweeting something like…

Holiday! Just hope my new bike can bear 2 weeks without me, languishing in the backyard of 12A The Grove, Chepstow. Forgot to chain it. Oops

…is obviously a bad idea. But communicating even snippets of such information has risks, because snippets can build into a larger picture about you and your circumstances.

It isn't just what we post that poses a potential risk. Our accounts themselves may be sharing more than we might think. If you've ever seen your Facebook profile picture staring back at you from the comments section of a blog post, or if you've seen adverts targeting your interests, you'll have an idea of the kind of thing that can get passed around. It's a good idea to go through your social media security settings with a fine-toothed comb now and again, to lock down as much as you're able, but inevitably there is a tradeoff between security and functionality.

There are other measures you can take to stay private online. For more sensitive activity you could use the privacy mode on your web browser, and there are browser extensions like Privacy Badger, Ghostery and uBlock Origin (the latter installed on University instances of Chrome and Firefox) which can be used to block tracking activity and social media integration. But perhaps the simplest way of staying private on the internet is to not share personal information in the first place.

• •

Online safety and digital wellbeing
Series of short courses from Google on online security

If the product's free, you're the product

Would you argue that the best things in life are free?
Or do you take the view that nothing in life is free?

Whichever side you are positioning yourself on, it’s difficult to escape the evidence that, in the internet age, when we use free applications, platforms, and services, often the trade off is that we ‘pay’ the price of using these services by allowing them to harvest our personal data. In short:

“If you are not paying for it, you’re not the customer; you’re the product being sold.”

— blue_beetle

You don’t have to do much searching to find examples of companies building enormous databases filled with billions of our interactions, searches, website visits, purchases and other personal information. Sometimes they will be trading this information to advertising and marketing agencies to ‘personalise’ our online experience and encourage sales based on our previous behaviours; at other times they will be using this information to inform the development of their products based on those behaviours. Even a privacy application may be making money out of your data in some way.

You may consider it a fait accompli, then, that to make use of new technologies you have to forfeit your privacy, but one might take a more positive view: that we can still protect our privacy if we are savvy about reading the terms and conditions, especially the privacy policy. If we are more aware of how applications are using our data, we can then make an informed choice about whether we are happy with what they are doing or whether we instead need to select another product. Often we can even change the settings in products to prevent out data being shared.

"Terms & Conditions Apply" game
A frustrating mini-game about pop ups, and the deviousness of websites and apps

Forthcoming training sessions

Forthcoming sessions on :

Taught students

Staff

Researchers

Show details & booking for these sessions

There's more training events at:

Skills Guide: Training
Take a look at our list of events

Skills Guides

Online safety