Skip to main content
Build the future with Agentforce at TDX in San Francisco or on Salesforce+ on March 5–6. Register now.

Safeguard Internet Use

Learning Objectives

After completing this unit, you’ll know how to:

  • Keep your email secure.
  • Use social media safely.
  • Create a secure Wi-Fi connection.
  • Describe how a firewall works.
  • Identify an encrypted website.

Protect Email

Phishing threats work like this: Hackers pose as a person or organization an email recipient trusts or recognizes. Then there is a call to action, enticing the targeted individual to click a link or open an attachment. The unsuspecting victims “take the bait,” inadvertently downloading corrupt software or handing over information on phony websites. 

Here are a few tips for spotting and avoiding phishing attempts.

  • Don’t open emails or attachments from people you don’t know.
  • Carefully check the email address. Just because a message says it’s coming from the name of a person you know or trust, it does not mean that it truly is that person.
  • Be wary of clicking on embedded links. One tactic to protect yourself is to hover over links before you click them to see where they’re directing you. However, this method isn’t foolproof. Attackers use sophisticated techniques to attempt to disguise malicious links. If in doubt, don’t click.
  • Open an up-to-date browser and manually type in URLs to see what’s happening.
  • Be wary of any messages that include typos, bad graphics, and threats, that ask you to take urgent action, or that promise you rewards.
  • Use another form of trusted communication to verify that the message is legitimate before taking action.

An envelope floating in the ocean with a fishing hook attached

In addition to watching out for phishing, here are a few other ways to keep email secure. 

  • Configure your email client to not display downloaded graphic images, which can tell the spammer that there’s a person looking at the email, increasing the value of your email address as a target.
  • Only keep emails for up to one year. This limits the amount of data a hacker has access to in the case of a breach.
  • When filling out To and CC fields, double-check to ensure you’re directing emails to the correct parties. Let’s admit it—we’ve all emailed the wrong person when we’re in a hurry. Slowing down just a bit can help you avoid a costly mistake.
  • If at all possible, don’t send sensitive information via email. But if you do, make sure to delete those emails from your sent folder immediately.

It’s pretty scary that even password-protected email accounts pose security threats. But think of the field day hackers can have with all of the information you share publicly on social networks. We’ve got some suggestions for keeping that info secure, too. 

Using Social Media Safely

When using social media, always be mindful of the personal information you share, as oversharing can compromise your data privacy and make you vulnerable to cyber threats. How can we balance our craving for community with a sense of security? 

Here are four tips for keeping your social media life secure.

  • Sweep privacy settings. Once a year, take an hour to go through the privacy settings on each of your social network profiles. You have several options for locking down your info. Choose the ones that protect your data and ensure your privacy.
  • Keep it personal. To protect yourself from social engineering, try not to connect with people you don’t know personally, and update your settings so your posts can be viewed only by your friends. Your social network profiles are chock-full of information that can be used against you via social engineering.
  • Lock down your location. If possible, turn off location services. Many times we don’t realize they’re on, and we unwittingly leak information because location information is attached to our posts.
  • Remember: It’s all public. You may think that snap or story will disappear tomorrow, but anything can be screenshotted. Use social media under the assumption that everything you post can one day go public.

Protecting your email and social networks feels pretty good, but your work isn’t done. All of your efforts can be undone if you don’t have a secure internet connection.  

Wise Wi-Fi Use

These days, you can find public Wi-Fi almost anywhere—from the neighborhood park to a hotel lobby. This ease of access certainly makes our lives easier, but it also poses a major security threat to the personal information stored on our devices. Avoid joining unknown Wi-Fi networks, which can expose you to a man-in-the-middle (MITM) attack, in which a hacker is able to position himself between you and the connection point and steal your personal information. You should assume that others can see all of your internet activity when you’re using a public Wi-Fi network, that is, unless you’re using a virtual private network (VPN). 

A VPN is a connection method used to add a layer of security and privacy to your internet activity. VPNs protect the data on your computer by ensuring your connection is private when you’re online. It works as a force field, creating a safe, encrypted connection over a less secure network.

There are more than 300 VPN services out there. As you select one, keep in mind that the VPN itself can still see your activity, so go with a company you trust. 

Your email, social media, and Wi-Fi connections are now secure. Next let’s learn how to fight back with firewalls.

Fight Back with Firewalls

A person on a ladder attempting to break down a wall.

“Source address 153.19.1.1 is allowed to reach destination 171.18.2.1 over port 24.”

Sounds like a foreign language, right? Well, it’s really the language a firewall uses to communicate whether traffic coming in and out of your network is safe. 

Just as physical walls are put in place to limit fire damage, in the digital arena, firewalls are barriers that limit damage from a cyberattack. Usually, they’re your first line of defense in securing your sensitive information. 

So, how do they work? 

A digital firewall is a piece of hardware or software installed on your computer that gives you control over what data can come through your system. Based on the rules you’ve set up, it filters out potentially harmful information coming through the internet into your network.

For example, you can set up your firewall to block traffic to and from unsecure websites, or use an email firewall to block incoming content from a specific IP address. 

Lastly, get ready to slide into the digital security home plate with our final topic on encryption. 

Explaining Encryption

Documents moving across a conveyor belt.

We provide websites with personal information all the time. At this point, it’s just a part of daily life. But before you hand over that sensitive information, it’s important to make sure the website is secure. You should encrypt all sensitive data and communication paths.

Encryption has been around for centuries and is an essential building block of information security. Simply put, it’s the conversion of data from something that’s readable to something that’s not. It can only be read again after being decrypted.

You probably don’t realize it, but this happens all the time as you send emails or browse the internet. Take a website, for example. If its URL includes an “s” at the end of “http” then it means encryption and decryption are happening in the background when pages load. 

How does this keep your information safe? As information travels between the browser and the website’s server, the content gets encoded so that an attacker can't intercept it while it’s in transit. 

Here are things to look for to ensure encryption is in place.

  • A web address that starts with https versus http. This indicates you have a secure connection.
  • Mixed content. Even if a site uses https, it might contain insecure resources like images, scripts or stylesheets that are loaded over http. This creates a security risk because the http content is susceptible to man-in-the-middle attacks, potentially compromising the entire page. Modern browsers will often warn you about this.
  • A closed padlock icon next to the web address. Click this icon to get details about the site’s security certificate. Make sure it's issued by a reputable certificate authority and that it's not expired.
  • Any other type of icon next to the web address. Sites that are not secure show other icons such as a red padlock or an open padlock.

Remember that new house from the Cybersecurity Threats and Threat Actors module? The one you’ve always dreamed of but forgot to lock? Don’t make the same mistake with your digital life. You can save your future self time and money by putting these tips into practice. If you’re interested in learning more about cybersecurity and meeting practitioners in the field, visit the Cybersecurity Career Path on Trailhead.

Resources

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback