Skip to main content

Internet Security Education

Tips, terminology, and articles to help educate you and your family on how to stay secure online.

The names for the most common types of Internet invaders are always changing, but the goals are the same-someone or something is trying to access your computer to use it in a way you normally wouldn't allow. Fortunately, with a little know-how and the right tools you can stop most threats in their tracks.

Backdoor
A backdoor is not malware, but a method of bypassing authentication to secure access to a device. A backdoor often gains access to a device before a virus or Trojan, since doing so facilitates the transfer of other threats.
Bot
A bot is a malicious form of software that could use your device to send spam, host a phishing site or steal your identity by monitoring your keystrokes. Botnets are composed of individual bots-sometimes numbering in the hundreds of thousands. They are then used to spread viruses and attack other devices and servers.
KeyLogger
A piece of software which captures a user's strokes on a keyboard. This software can be distributed through a Trojan horse or virus to hack into and capture private information from an unsuspecting user.
Malware
Malware is short for "malicious software" that is designed to cripple your device or destroy your information. Malware includes viruses, worms, spyware, Trojans and other threats.
Mobile Threats
Most malware for mobile devices consists of Trojans that pose as legitimate applications often found on mobile application marketplaces in the hope that users will download and install them. On some occasions, attackers take popular legitimate applications and add malicious code.
Phishing
The attempt of acquiring personally sensitive information by sending an email to a user falsely claiming to be a legitimate business. A phishing email will direct the user to a fake website posing as a legitimate one where users are asked to update personal information, such as passwords, credit cards, social security- or bank account numbers.
Rootkit
A set of software tools that enables an unauthorized user to gain control of a computer system without being detected.
Security threats on Public WiFi
Whenever you connect to a public WiFi you cannot be sure that the network is safe from hackers or surveillance. It is relatively easy for any criminal to set up a rogue access point and lure people to connect to it. By recording or forwarding the traffic to a phishing site online, criminals can obtain login credentials and other private information from the user.
Spyware
Spyware is software that performs certain behaviors, such as filling your screen with advertising pop-ups (such programs are known as adware), collecting or transmitting personal information (through KeyLoggers listed above), or changing the configuration of your device, generally without your consent. Spyware can find its way onto your device through free software downloads, malicious or compromised websites, clicking on pop-up ads, file transfers over instant messaging, or opening infected email attachments.
Tracking
Most websites track their visitors' online activity using techniques like cookies and tracking pixels. Online tracking is used to track private browsing as market research or as a way to target advertising. Many websites share tracking information with other websites and networks. By using online tracking, advertising companies can create online profiles as a basis for targeted marketing.
Trojans
Trojans are malicious code that users unwittingly install onto their devices, most commonly through either opening email attachments or downloading from the Internet. Trojans are often downloaded and installed by other malicious code as well. Trojan programs differ from worms and viruses in that they do not propagate themselves.
Viruses
A virus is a piece of computer code that attaches itself to a program or file so it can easily spread from device to device and is usually meant to damage your software, hardware, and files.
Worms
Worms are malicious code threats that automatically copy themselves from one device to another.
Zero-day Vulnerability
A zero-day vulnerability is a software vulnerability which is exploited by hackers before it becomes public knowledge, usually prior to a patch becoming publicly available.

In addition to what you can do to prevent threats, which includes downloading complimentary Norton™ Security Online, and as an ongoing initiative to make the internet safer for its customers, Xfinity offers tools to detect and help remediate against bots, and verify the authenticity of websites accessed.

Bot Threats

A bot is a malicious form of software that could use your computer to send spam, host a phishing site or steal your identity by monitoring your keystrokes. Xfinity may notify you if we believe a device in your home may be infected with a bot. The notification will advise you to follow steps to remove the bot from your device and prevent future attacks. Click here to remove the bot and prevent future attacks.


DNSSEC

DNSSEC (Domain Name System Security Extensions) allows websites and Internet Service Providers (ISPs) to validate domain names to ensure they haven't been tampered with, compromising your online security.

DNSSEC helps provide you with the best and safest online experience possible. With DNSSEC, a website name such as xfinity.com is signed into the Domain Name System (DNS). Then, when you try to connect to that website, the Comcast DNS servers verify its security signature. You will only be connected if the website passes the verification process, which happens so quickly you shouldn't even notice that it's being done. If validation fails on a website, you'll receive a "page not found" or "server not found" error. This process prevents hackers from re-directing you to fake, phishing, or criminal sites.

Social engineering is the art of manipulating people to performing actions or divulging confidential information. Before you let anybody in on sensitive details about you, make sure that you can verify their credibility. While companies remain vigilant of any threats to their customers, security is a responsibility we all share. This includes protecting our personal and corporate data by practicing safe online habits.

Tax season is a popular time for consumers to experience an uptick in phishing and spam messages to their personal and work emails. Phishing is using email to attempt to acquire sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by posing as a trustworthy source.

Here's a list of increasingly common online scams you should be aware of throughout the year and how to best avoid them.

  1. W-2 fraud: Cyber criminals may attempt to trick you into disclosing sensitive information in order to carry out identity theft. Only use trusted, well-known online tax services for filing taxes. Make sure the website has "HTTPS" in the URL before submitting any sensitive information.
  2. Fake charities: Cybercriminals will exploit crises in the news by creating fake charity websites and then sending phishing emails that ask you to donate for the cause. Take these precautions to make sure your donations benefit the people and organizations you want to help.
  3. Bogus gift cards: Be wary of buying digital gift cards from third-party websites. Only submit your credit card information on well-known, trusted websites in which the URL starts with HTTPS.
  4. Bank loan or credit card scams: Cyber criminals will try to take advantage of people who may be in a financial pinch by offering fake "pre-approved" offers with low interest rates. Learn how to spot phishing emails in your inbox.
  5. Lottery scams: Like all phishing attempts, a cybercriminal will try to appeal to your emotions or logic. Avoid emails and links asking you to collect large sums of money. Learn how to spot fraudulent lottery scams.
  6. Social media impersonation scam: If you receive an odd message from a contact on social media, their account may have been hacked. Let that person know via another communication channel that they should change their password.
  7. Travel scams: Before you book a flight or hotel online, keep in mind that scammers are looking to hook you with too-good-to-be-true deals. Phony travel websites with beautiful pictures and rock-bottom prices are used to get you to hand over your financial details. The following travel trips will help you plan a great vacation for a great price, but also how to avoid scams.

Tips for strong passwords include using longer passwords by creating a pass "phrase" instead of a pass "word" and avoiding password re-use. Here's how to create secure passwords:

  • Use longer passwords: Strong passwords should have at least eight characters and contain a mixture of letters, numbers and symbols, but do you know why? Hackers have developed sophisticated software that can crack simple passwords within days or weeks. A strong password is virtually impossible to crack because it would take the hacking software nearly forever to correctly guess the password.
  • Create a passphrase: A passphrase is an easy to remember long string of text that is also hard to guess. It's similar to a password in usage, but is generally longer for added security. For example, the phrase "My dream car is a 68 Chevy Camaro" can be turned into a strong password like "MyDreamCarIsA68ChevyCamaro."
  • Avoid password re-use: When passwords are stolen from a website, hackers often put them in a database and run software that will attempt these same credentials on thousands of other sites. For example, in 2012, a Dropbox employee had re-used the same LinkedIn password on their corporate Dropbox account, which led to cyber criminals stealing over 68 million login credentials from Dropbox.
  • Keep passwords private: Never share your password with another person.
  • Use multi-factor authentication: Xfinity offers two-step verification to help protect online access to My Account, Xfinity web pages, and most apps. Learn more and enroll today!

Kids spend an average of over two hours a day online. It's important to know how your family is spending their time and if they are being safe. Social media, in particular, is in all of our lives. We use it to express ourselves as individuals, to market our products and services, and to connect with people worldwide. The problem with using social media is that everything we share, private or public, is stored, easily discoverable and can potentially be used against us.

Some ways you can protect you and your family's online presence are:

  • Protect your kids online and when they're watching TV with help from Xfinity. Visit our dedicated parental controls site for tips, resources, and support.
  • Set the privacy and security settings on websites to your comfort level for information sharing.
  • Instruct your family to avoid posting personal information online. Print out Xfinity's Top 10 Security Tips checklist and keep it handy for quick reference.
  • Track search and online activity on all household devices.
  • Create strong passwords for all household devices and never use the same password across multiple accounts.
  • Teach your family to be cautious when clicking on links.
  • Instead of answering security questions with answers that can easily be discovered with a quick Google search, make sure you and your family mix up your questions and answers to further prevent vulnerability.
  • Educate your kids on cyberbullying and what to do if they find themselves being bullied online.
    • Tell a trusted adult what's going on
    • Don't respond or retaliate
    • If the site or app allows you to block people, do it.

Cyberbullying can have serious long-term effects for the person being picked on as well as the person doing the harassment. It's important to teach children that the Internet is not anonymous, and everything posted online leaves a permanent digital footprint, traceable by law enforcement, educational institutions and future employers.

It's important to teach your family good internet habits to ensure your personal information stays safe and secure.

Comcast partners with trusted national organizations who provide digital media awareness for children, education on how it affects them, and articles on how to promote safe online habits.