Digital Self-Defense

Digital street-smarts are a necessity in a digital world. The concepts of ‘avoiding unfamiliar areas’ and ‘not talking to strangers’ are transferable, but they are not intuitive in a realm where there is no face-to-face interaction. Even those individuals who might consider themselves tech-savvy routinely fall into the traps set by hackers and scam artists. Web safety skills are built up by understanding the digital world and the threats in that world. In order to defend against an attack, we must consider what an attacker is after and what an attack looks like.

shades of gray hats
White hats, black hats and everything in-between

Protecting Personal Information

With the rise of social media and the ease of access to the internet has come the impulse to share. Sharing a picture or a heartfelt “Happy birthday!” seems very innocent in the context of a friendship. Unfortunately, when this is put in front of a global audience, we have to accept that this level of public sharing has to be viewed outside the scope of our good intentions.

Consider the post below. What kinds of personal information can you glean from the individuals given the details listed?

A sample social media post
All photos used are free to use under a Creative Commons license.


With a peer, discuss the following questions:

  • What kinds of information you were able to obtain from the post?
  • What additional information could you gain by exploring the profiles of the people listed here?
  • How could the information you were able to gain be used to the detriment of Alisa, Georgia or Llana?
  • Who is made most vulnerable by this post?
  • Have you ever seen a post similar to this one?

Social Engineering

Defending yourself online is less about understanding computer code and more about understanding human nature. A hacker is less likely to crack a bad password than he is to simply ask you for it. Scam artists and marketing strategists both rely on social engineering to manipulate individuals into giving them access to their personal information. Below are four common social engineering strategies.

Quid Pro Quo

By offering something simple to get something in return, hackers, con-artists, private investigators, and, most often, salesmen all use quid-pro-quo as a strategy. A contest form can be used to get the email, address and phone number and other information that can be used to identify an individual.

Quid pro quo: It is important to remember that Personally Identifiable Information is most often gained by individuals who simply ask and offer something in return.


Spoofing is when an attacker uses a fake address or contact number to contact their target. Many hackers and scam artists rely on tools that allow them to send emails from fake e-mail addresses or call from non-existent numbers. Many digital safeguards block these senders before they even get to your inbox, but these are not perfect.

Spoofing: Pretending to be someone who you’re not is as simple as putting on a costume and doing a little bit of acting.


Hackers rarely break into secure areas on the web. They are far more likely to obtain access by assuming the identity of another person. Using the right language, an individual can take on role and convince a whole group of people to act in a way that benefits them.                                           

Play Video

Pretexting: A well disguised message using all the right language is all that’s needed to get others to do as you ask.


A phishing scam relies on all three of the other social engineering strategies to acquire sensitive information from it’s targets. A phishing email is sent to a wide audience.

Consider this sample phishing email message.

Note that the sender is using spoofing and pretexting to convince their victims that they are sending the message on behalf of US Bank. Further, they use quid pro quo to offer a link for the target to click on and input their username and password to “fix” the problem.

© 2021 Mountain Song Community School Public Charter School.

Mountain Song Community School does not discriminate on the basis of race, color, religion, gender, gender expression, gender identity, age, national origin, disability, marital status, pregnancy status, financial status, sexual orientation or military status in any of its activities, operations, or employment.  We are committed to providing an inclusive and welcoming environment for all students, staff, families, partners, volunteers, subcontractors and vendors.

Mountain Song Community School cannot be responsible for the content of any site external to its own. By linking to other sites, MSCS is not endorsing any particular product, practice, service, provider or institution, nor does it necessarily endorse views expressed or facts presented on these sites.

Read Offline:
WP2Social Auto Publish Powered By :