Skip to Main Content

Learning Portal - Learning Online: Online Security

Online Security 

Computer or device security, internet security, and cybersecurity are interrelated concepts. At their core, they aim to identify and set up best practices for protection against unwanted external threats.

Top Tips

✓ Keep your device updated. Make sure to download the latest software updates on your device. Updates typically include security patches for known threats, which are important to keep up-to-date.

✓ Install security software. Security software, like antivirus software, will help protect your device against digital threats. Keep the software up to date, so that you have access to the latest virus definitions.

✓ Lock your device with strong passwords. Make sure to use strong passwords, and two-factor authentication where possible. Use strong lock screen security on your mobile devices.

✓ Consider what you access on public networks. Public Wi-fi networks are convenient, but they are also open to security threats. Don't access secure information when connected to a public network.

✓ Consider encryption services. If you want to ensure your messages are 100% private, find an email service that offers encryption. Encryption is the default in communication apps like Whatsapp and iMessage.

✓ Back up your device. Schedule regular device backups. This way you will always have your data available in the event it's compromised on your device.

Keep Your Device Secure

Security Threats

The Threats to Your Online Security

You need to know about the different types of threats out in the world wild web in order to protect yourself from their impact. Click through the tabs to learn more about each security threat. 

What is Spam?

Spam messages, emails and texts, are sent to people in order to advertise new products or trick individuals into sharing sensitive information through a process called phishing (more about phishing in the next tab). 

In Canada, Anti-Spam Legislation protects individuals by outlining clear digital communication processes for businesses. 


Check out these links:

→ Protecting Yourself from Spam

→ Recognizing and reporting spam

→ Spam Reporting Centre

What is Phishing?

Phishing is an attempt to steal sensitive information, including passwords, user names, credit card info, through the use of email and any other personal messaging system (e.g. text message, WhatsApp message, etc.). 

Here's an example: You receive what looks like a trustworthy message asking you to login to your personal account, for example, your banking account.  The link in the message goes to a fake website, created to look real. The process of logging in to this fake website collects your sensitive information, providing hackers with your complete banking login information. This information can be used to login to your account and steal your assets. 



What is Phishing?

  • What is phishing? Learn how to spot phishing emails and how to protect yourself against common scams.

Stay Safe from Phishing and Scams

  • Social engineering, phishing and online scams. What they are and how to recognize them so that you stay safe online.


Check out these links: 

→ Canadian Anti Fraud Centre: Phishing

→ Fact sheet: Phishing

→ Phishing - How to Recognize it, and Better Protect Yourself

→ Signs of a phishing campaign: How to keep yourself safe

What is Malware?

Malware is short for malicious software. Malware is typically installed on a user's device with the purpose of stealing of personal information. Types of malware include adware (or forced advertising), spyware (collects and steals personal information from unsuspecting users), or ransomware (money extortion).

Watch the video and access the individual tabs to learn more about the various types of malware.



  • virus is an executable program (one that requires user action) that gets unintentionally installed on a device and has the potential to corrupt data and impact the operation of that device. A virus needs to be opened (executed) in order to infect the device.
  • worm, is a self-replicating computer program that spreads automatically across a computer, or a computer network, exploiting vulnerabilities. Computer worms are self acting and do not rely on user activation. Worms are considered a subclass of viruses. 
  • Trojan horse, commonly known as trojan, is malware disguised as legitimate software. Once installed it allows access to your device. 
  • Adware is a type of malware that installs popup advertising (ads) on a device. The ads are typically unwanted and can be very annoying. Some adware can track personal information such as browsing data and record keystrokes.
  • Spyware is installed without user knowledge and is used by hackers to spy on people in order to get access to personal information, including passwords, data, or to track online activity. Once spyware is on your device it can copy, delete, share and compromise your files, control programs and enable remote access allowing someone else to control your device. 

  • Ransomware is a type of malware that encrypts or locks files on your computer. In order to regain access to your information, cybercriminals require a payment - a ransom.

  • Cryptojacking is the newest type of malware that aims to mine computers and networks for cryptocurrencies (digital currencies) like Bitcoin. Once illegally mined, the funds are transferred to the hacker.


What is Hacking?

Computer hacking is a form of "creative problem solving" that takes advantage of computer and network vulnerabilities. 


Why do hackers hack?

  1. Intellectual curiosity - to see how things work

  2. Personal protection - to patch their own networks

  3. Enjoyment - to have fun with unsuspecting users

  4. Activism - to support a social cause

  5. Financial gain - to make money by identifying software glitches

  6. Criminal activity - to cheat people out of sensitive information and for the financial gain  of sensitive information and for financial gain 



The Secret Lives of Hackers

  • Why do hackers hack? A NOVA Lab video

How Hackers are Making the World Safer

  • Is hacking good or bad? Can hackers make us safer? We talk to two good hackers who find the flaws in products before the bad guys do.


Check out these links: 

→ The Changing Faces of Cybersecurity

→ Tip Sheet: How Not To Get Hacked

→ Breaking Down Five 2018 Breaches and What They Mean for Security in 2019

What are Denial of Service Attacks?

Most websites have an infrastructure in place that can accommodate a large number of access requests per day, think millions. Denial of Service (DoS) attack takes place when cyber criminals overwhelm a website with too many simultaneous requests, billions or trillions of requests at a time, which causes the website to crash.

Distributed Denial of Service (DDoS) is when the attack comes from a large number of computers at once. This causes network overload, the website stops responding and appears to be down. 

DoS and DDoS attacks are made possible through the use of botnets. Botnets are networks of remotely controlled (hijacked) devices injected with malware and controlled by cybercriminals. Botnets are also called zombies, or zombie bots. Read more about botnets in this post.



What Is a DDoS Attack?

  • A Kaspersky Lab video explaining how Distributed Denial of Service (DDoS) attacks work and their impact.


Check out this link: 

Cybersecurity & Crime

The most common types of cybercrime. A video from 2015.


Cybersecurity 101

Quick overview and introduction of cybersecurity. A NOVA Labs video from 2014. 

Networks and Security Implications

Introduction to Online Security

Do you think about security when connecting to a network? How many times have you accessed your bank account while connected to a public WiFi network? Find out more about security and network access in each tab.

Network Security

Your home internet connection is an example of a secure wireless network. Protected with a password, secure wireless networks are best to use when accessing and sharing sensitive information like banking, your SIN (social insurance number) and any other information you'd like to keep protected.

If you have ever accessed a Wi-Fi network at a coffee shop, a mall, at school, or at an airport, you most likely connected to an open wireless network. Open networks are typically unsecured and you can connect to them without a password. While this is convenient and saves your data, public Wi-Fi networks pose a number of security risks, so try to not access any sensitive information when connected to one. 

One way to ensure the privacy and security of your data when browsing on a public Wi-Fi network is to use a VPN or a virtual private network. A VPN creates an encrypted tunnel through which you can access information online away from "prying eyes". This protects your privacy and helps with device security. 



Public Wi-Fi Networks

  • An overview of Wi-Fi networks, encryption, secure websites and tips to protect yourself when using an open hotspot. Developed by the US Federal Trade Commission video.

Tips to stay safe on public Wi-Fi

  • Steps you can take today to keep safe on public Wi-Fi.

What is a VPN and How Does It Work?


Check out these links: 

→ Tips for Using Public Wi-Fi Networks

→ Staying Safe on Public Wi-Fi

→ Simple Steps to Protect Yourself on Public Wi-Fi

→ 11 Reasons Why You Should be Using a VPN

Secure Passwords

Passwords are your first line of defence against external intruders. Complex passwords that are 8 characters or longer and include a combination of letters, numbers and symbols are a great first step to keeping your information secure. Two-factor authentication, where, for example, a code is sent to you as a text message to use in your login, is a step up in the security game. 

Biometrics like iris scanning, facial recognition, and fingerprinting are yet another way of securing your devices, but they have their own security issues.



2-Minute Tips: Smart Passwords


Check out these links: 

→ Using Passwords

→ Two-factor Authentication: What You Need to Know (FAQ)

→ Two-Factor Authentication: Who Has It and How to Set It Up

→ What is Biometrics? And Why Collecting Biometric Data is Risky

Encrypted Information

Encryption scrambles data so that it is unreadable to those without a public key, which unlocks or decrypts the data. Encryption makes information secure as the message is sent in code and appears to those without the public key as random series of letters and numbers.



Encryption & Public Keys

  • This educational video explains 256-bit encryption, public and private keys, SSL & TLS and HTTPS

Think Your Email's Private? Think Again

  • Scientist Andy Yen's TED Talk on the subject of email security and encryption


Check out these links: 

→ Why You Should Be Encrypting All of Your Devices and How to Easily Do It

→ How To Encrypt Email (Gmail, Outlook, iOS, Yahoo, Android, AOL)

The Internet of Things

Fitness and health trackers, smart TVs, smart thermostats, connected baby monitors, networked security cameras and cars are just a few examples of physical objects connected to the Internet that comprise the Internet of Things (IoT).

Every device connected to a network is open to security threats. Have you heard of hackers taking control of a car, or speaking to a baby through an unsecured baby monitor? While connected devices can make our lives much easier if left unsecured they can become a problem.



What Is the Internet of Things? | Mashable Explains

  • A quick overview of the Internet of Things. What it is, what it does, and how it integrates into your life.

#ConnectSmarter with the Internet of Things

  • An overview of potential cybersecurity risks associated with IoT devices found in our homes.

How Hackers Could Use Smart Home Devices to Spy on You

  • CBC Marketplace explores how smart home devices can put people's security at risk.


Check out these links: 

→ We Hired Ethical Hackers to Hack a Family's Smart Home - Here's How it Turned Out

→ The Internet of Things Connectivity Binge: What are the Implications?

→ The Internet of Things at Home

→ 6 Hot Internet of Things (IoT) Security Technologies

→ In the News: How a Fish Tank Helped Hack a Casino


Unless otherwise stated, the material in this guide is from the Learning Portal created by College Libraries Ontario. Content has been adapted for the NWP Learning Commons in May 2021. This work is licensed under a Creative Commons BY NC SA 4.0 International License.

All icons on these pages are from The Noun Project. See individual icons for creator attribution.