Lesson video

Hello, my name is Ms. Wroth.

Today, I'm going to be your RSHE teacher, and we're going to be looking at the lesson called "Financial security online." This fits into the lesson unit "Our online lives: How can I stay in control?" By the end of the day's lesson, you will be able to evaluate the financial security of different websites and explain how to avoid online scams. Let's begin by taking a look at our ground rules together.

Laura reminds us that we should listen to others.

"It is okay to disagree with each other, but we should listen properly before making assumptions or deciding how to respond.

When disagreeing, challenge the statement, and not the person." Jacob says, "No judgments.

We can explore beliefs and misunderstandings about a topic without fear of being judged." Izzy reminds us that we can choose our levels of participation.

"Everyone has the right to choose not to answer a question or join discussion.

We never put anyone 'on the spot.

' " And Andeep says we should respect privacy.

"We can discuss examples but do not use names or descriptions that identify anyone, including ourselves." All of these ground rules are here to keep everyone safe in the lesson.

Here are today's keywords.

We have HTTPS, two-factor authentication, identity theft, and phishing.

HTTPS stands for HyperText Transfer Protocol Secure, used to secure communications over a computer network.

Two-factor authentication is a security system that requires two or more methods of confirming a user's identity.

Identity theft means the deliberate use of someone else's identity, usually as a method to gain a financial advantage.

And phishing means messages or calls, disguised as if from someone trustworthy or a trustworthy organisation, sent to trick people into giving sensitive information.

Here is the lesson's outline, and we're going to begin with how do I identify a secure website? Our lives are increasingly reliant on online spaces and, as a result, we might put a lot of sensitive financial information online.

Utilising online banking or spending money online can be convenient, helpful, and safe, if we know how to identify secure websites and online services.

One of the ways that we can identify whether a website is secure is by looking out for the letters HTTPS.

When visiting a website, we should look out for those letters at the beginning of the website URL.

Just like on this example on your screen.

The "s" in HTTPS literally means secure, and that the data on this site is encrypted.

This means the data entered into this site is protected.

If a website only says HTTP, it means that the information is not encrypted and therefore, we should not input sensitive data.

Okay, time for a check for understanding.

Which of these websites are secure? Pause this video so you can have a think about your answer.

Okay, well done if you identified that letter "s" in the first URL link.

The "s" at the end of the HTTPS means secure, so we know that the information we put is encrypted and secure.

We should be looking out for a padlock icon as well as the HTTPS in the URL.

Secure websites should also have a padlock icon in the web address bar.

Here is an example.

This padlock means the site is secure and has a security certificate known as an SSL, which means secure sockets layer.

However, not every SSL is valid.

To check it, you can click on the padlock icon and it will tell you if the site is secure.

We should also be looking carefully at the URL.

By checking the URL, which is the web address, we can make sure that a website is legitimate.

It can sometimes be difficult to identify scam sites, as they try to imitate legitimate websites in order to trick people into inputting sensitive data.

For example, this website link here.

Two-factor authorization.

Due to the sensitive nature of the data that banking apps deal with, they require a two-factor authorization.

This protects a user by checking thoroughly they are who they say they are.

For example, you might see a message like this.

"Confirm your sign-in request.

A code has been sent to this email.

Please input this code and confirm your login." Okay, time for a check for understanding.

True or false? It is always easy to spot a scam site.

Pause this video so you can have a think about your answer.

Well done if you said false.

Many scam websites try to imitate legitimate websites in order to trick people into sharing sensitive data.

Company information.

Legitimate, secure websites should have information relating to their privacy policies as a company.

If you are unsure about a website's legitimacy, look for the following information.

A physical address of the business, a privacy policy, and a custom service number, not just an online form.

Be cautious.

Legitimate sites and businesses should never ask for personal and sensitive data up front.

Legitimate banking sites and apps would never ask a customer to tell them their banking data or financial information over a written message or over the phone.

Your financial data and banking information is private to you and should never be shared unless you are certain the site is legitimate.

And reviews.

There are online security checkers you can look at if you're still unsure.

Some sites online are dedicated to verifying the security of websites before you use them.

If you are ever in doubt, it is always best to check.

Putting sensitive data in an unsecured website can lead to us experiencing financial scams and identity theft.

Okay, time for a check for understanding.

What would a legitimate banking site never ask you to do? Pause this video so you can have a think about your answer.

Okay, so your answer should be similar to mine.

They would never ask you to share your banking data or any financial information over the phone or in a written message.

Well done if you got that correct.

Time for a task now.

Label the image with four to five ways to identify if a website is secure.

Pause this video so you can have some time to do the task and then we will go through the answers together.

Well done for having a go.

You may have written the URL contains HTTPS.

The URL has a padlock icon at the beginning.

The website contains a privacy policy.

The URL is that of a legitimate site, not an imitation.

And finally, banking sites have two-factor authentication.

Well done if you included those in your answers.

We're now going to move on to the second part of our lesson.

What are the risks of online financial activity? Financial activity online can be safe if we are careful.

It is important to be careful because there are risks, such as phishing scams and identity theft.

Phishing scams are just like going fishing.

These scams will put out bait to potential victims in the hope that they will bite.

Scammers will send emails, texts, or create websites that are designed to trick someone into inputting their sensitive financial data.

Just like the example on your screen now.

Phishing scams may appear as emails, text, and phone calls.

These scammers may pretend to be banks, government agencies, shops, or financial service sites.

They are hoping that the victim will send them their banking details or passwords so that they can access their information.

Okay, time for a check for understanding.

Complete the sentence.

Phishing scams can be used to steal a person's banking details or.

Pause this video so you can think about your answer.

Well done if you said passwords.

Phishing scams can be used to steal a person's banking details or passwords.

If an online scammer gains access to your secure accounts, there is a risk of identity theft.

Identity theft can put people's financial security at serious risk.

If people can access another person's banking data, they might try to make purchases in your name, withdraw money from your account, or take out loans in your name.

We are more susceptible to financial security risks if we use public WiFi networks when accessing banking sites or inputting sensitive data.

Public WiFi networks do not always have a high level of security and, therefore, can be open to the "man in the middle" attacks.

"Man in the middle" attacks occur when a cyber attacker hacks into a network and places themselves between the user and the website they're connecting to.

The process works like this.

The user accesses their banking site on an unsecure WiFi network.

The hacker intercepts the data and passwords as the user enters them.

Then, the user logs on, unaware anything has happened.

The rise of online shopping has also brought with it scam sites and scammers who want people to input their financial information on these sites in order to steal this data.

These websites can look real but their intention is not to sell products, but to steal the information of users.

Okay, time for a check for understanding.

True or false? It is not safe to access financial information on your device if you are using a public WiFi network.

Pause this video so you can think about your answer.

Well done if you said true.

Time for a task now.

With your partner, discuss the risks of online financial activity.

Consider the following in your discussions.

Phishing scams, identity theft, man in the middle attacks, and fake sites.

Pause this video so you can have some time to do the task and then we will go through the answers together.

Well done for having a go.

You may have mentioned the following in your discussions.

Online financial activity can be risky due to phishing scams, such as emails, texts, or phone calls that appear to be from legitimate sources and ask for sensitive data in order to steal it.

If scammers have access to your passwords or banking details, they may commit identity theft, using your details to spend money, take out loans, or withdraw money.

You must always make sure you use a secure WiFi connection when accessing or inputting private data to prevent "man in the middle" attacks.

Finally, there are fake shopping sites set up that appear to be real, but their intention is to steal the data inputted when you purchase something.

Well done if your answers were similar to mine.

We're now going to move on to the third and final part of our lesson.

How can I avoid online financial scams? Seeing all the risks to online financial activity can be worrying, but there are lots of ways to ensure we avoid scams. Some helpful suggestions include having secure passwords, enabling two-factor authentication, being cautious with links, and monitoring bank statements regularly.

So first of all, we need to think about our secure passwords.

We should always have a password that is secure and cannot be guessed easily.

Lucas says, "A secure password should contain a combination of capital and lowercase letters, numbers, and symbols." Passwords should not be something easy to guess, such as a series of numbers like 12345, and they should definitely not have your name and date of birth in them, or the word "password." If you are ever stuck for how to come up with a truly secure password, many internet browsers have a system that will generate a strong random password for you.

This can be really useful, as we can often lean towards creating passwords that relate to us in some way.

These systems can create a truly random set of letters or numbers that cannot be guessed easily.

Okay, time for a check for understanding.

Which of the following is a secure password and why? Pause this video so you can have a think about your answer.

Well done if you said Aisha.

Aisha's password contains capital letters, lowercase letters, symbols, and numbers which cannot be easily guessed.

Alex's is his name and date of birth, which is easy for hackers to guess.

Two-factor authentication.

Make sure that where possible, you have enabled two-factor authentication.

This means that if someone did somehow access your account with a password, you will be notified via email or text that someone is trying to log in.

You can then contact the site or bank to inform them that your account has been compromised and they can assist you in re-securing it.

Be cautious with links.

Remember, your bank will never ask for your banking details via text, email, or phone.

If you are sent a link and you are unsure about who has sent it, do not click on it and never share private data.

Furthermore, by clicking on links, you may be inviting malware, which is malicious software, onto your device.

If you are unsure, contact the real company to confirm whether it was them or not.

Monitor your statements regularly.

Banks provide customers with monthly statements which give an overview of activity on your bank account.

Banking apps also allow you to check activity as it happens.

If you have been a victim of identity theft, there may be activity on your account that you are unaware of.

By regularly checking your bank statements, you can identify suspicious activity as soon as it happens and contact your bank for help in securing your account.

Remember, your financial details are personal and private to you.

They should not be shared with anyone, and legitimate organisations would never ask you to send those details.

Always check HTTPS is at the start of the URL, there is a padlock icon in the URL, sites are visited using a non-public WiFi, and any links or messages relating to financial information are from legitimate sources.

Time for a check for understanding.

True or false? Monitoring your banking statements regularly can help you spot identity theft quickly.

Pause this video so you can think about your answer.

Well done if you said true.

Time for a task now.

Create a checklist of four ways to avoid online scams. Pause this video so you can have some time to do the task and then we will go through the answers together.

Well done for having a go.

You may have written.

Have a strong password on all your accounts.

You can use a password creation tool on a trusted browser to make a truly random password.

Enable two-factor authentication on sites where possible to ensure security and to ensure that you are notified if someone tries to access your accounts.

Be cautious when clicking on links in texts and emails.

If you are sent a link and you are unsure about who has sent it, do not click on it and never share private data.

Check your bank account statements regularly, so you can spot identity theft quickly.

Well done if your answer was similar to mine.

Here is a summary of everything that we've covered today.

Secure websites can be identified by looking at the URL and should begin with HTTPS.

There are common scams that can occur online, including phishing scams, identity theft, and fake websites.

These scams can be done to steal money from us or our passwords.

In order to protect our financial data online, we should have a secure password on our account and enable two-factor authentication wherever possible.

We must stay cautious, as scams tend to come from sites or addresses that imitate real sites, and this means that they are difficult to spot.

Here's a slide of different places that you can get support.

We have the Childline, which is a website and phone line which is able to offer confidential advice and support.

We have the CEOP.

The CEOP helps protect children from online abuse and exploitation.

And the Internet Matters.

The Internet Matters teaches children and parents how to stay safe and happy online while using the internet.