Presentation on theme: "Don’t Click That Link and other security tips… Laura Perry Chris Huys Mike Trice."— Presentation transcript:
Don’t Click That Link and other security tips… Laura Perry Chris Huys Mike Trice
About Us Laura Perry – Information Security Chris Huys – Windows System Administrator Mike Trice – Network Engineer
Mail vs. Email vs. URL Mail address: Laura Perry Alabama Supercomputer Center 686 Discovery Drive Huntsville, AL 35806 Email address: firstname.lastname@example.org URL (Uniform Resource Locator): http://www.asc.edu/
What does it mean? lperry – who? @ - at asc – which organization?.edu – which domain? Common Domains –.com,.edu,.org,.gov,.mil
International Domains –.ca,.uk,.au (Canada, United Kingdom, Australia) –.ru – Russia –.br – Brazil –.kg – Kyrgyzstan –.cn – China –.ua – Ukraine –.fi – Finland –.lv – Latvia –.nl - Netherlands Unless you are specifically expecting email from someone you know who lives in one of these countries, be very suspicious of anything from any of these domains.
Where.ru? Why does this matter??? Do you check return addresses on regular mail? Do you check return addresses on email? What’s the real URL?
Go Phish Bad guys camouflage their phishing as the sort of messages we expect to receive Look for slight irregularities in wording, spelling or the appearance of images Don’t click on the links! If you think the warning is genuine, either call the service provider or type the provider URL yourself
Stinky Phish A warning that your email account will be disabled if you don’t respond. An email or text from a loved one saying they need money urgently. Someone you never met wants you to deposit their money in your account. You just won a prize for something you didn’t enter. Here is a receipt for something you didn’t buy. – The “receipt” may not be a document but a program that will install a virus on your computer.
Note the “From” address: email@example.com is probably NOT your system administrator When you hover over the hyperlink, the actual URL doesn’t match the text that you see.
When you hover over the Accept button, the actual URL is volunteeryouthministry.com and NOT LinkedIn! Who is Chasity Jeffers and why is she sending an invitation for Gregory Rice?
Celine.Karich@duluth.k12.mn.us is NOT your system administrator! http://lojadopolicial.com.br is not your email administration system! Remember what I said about the.br domain? Beware!
Uh oh! This one actually came from a valid email address in your school system. Now what? This could be bad… Most spam blockers will trust Google docs. If you click on this and enter the requested info, your account will immediately start sending spam emails.
Your Friend Got Hacked It has your friend’s name, but that’s not the right email address. See the.nl? Beware!
What’s the Big Deal? Identity theft Bank account compromise APT – Advanced Persistent Threat software installed on your computer without your knowledge Key logging – see everything you type Web site redirection – send you to malicious site even if you type a “good” URL
Value of Hacked Email Account Image from: http://krebsonsecurity.com/
Beware of Imposters Avoid tech support phone scams: – Microsoft will NEVER call you! – NEVER give your user name or password to anyone who calls you. – If you suspect something is wrong with your computer, call your System Administrator or Help Desk. Avoid credit card warning scams – Your credit card provider MAY call you to report suspicious activity. – NEVER give your credit card number, expiration, CVV or pin number to anyone who calls you! – To be safe, hang up and call your bank or call the customer support number printed on your card.
What is Network Security Network security consists of the provisions made in an underlying computer network infrastructure, policies adopted by the network administrator to protect the network and the network-accessible resources from unauthorized access, and consistent and continuous monitoring and measurement of its effectiveness (or lack) combined together. - Wikipedia
Your Information Technology (IT) Policy Do you know if you have an IT policy? – Acceptable use policy? Do you know what your IT policy is? Do you know where to find your IT policy? Do you know all of your local technical contacts?
Know the Policy Check with your Tech Coordinator to find out your school system’s policy on cleaning compromised systems. Depending on the policy or level of infection you may or may not be able to recover items from an infected system. Based on this and your system’s backup strategies you may need to implement a personal backup strategy to safeguard your files.
Know Your System Do you know what Antivirus (AV) product is loaded on your system? We have all seen the pop-ups saying our system is infected and to click here to load/protect our system. By knowing the AV product loaded on your system you will be able to tell if this is a false pop-up attempting to get you to install it. Most of these products are loaded with spyware, adware, viruses, or trojans.
Is My PC Infected? Will you know if your system is infected? Many times users do not realize their system has been compromised with bots or malware. Malware used to slow down your computer, or display annoying popups, but now malware is becoming increasingly discreet. A ‘bot’ is a malicious form of software that uses your computer without your knowledge to send spam, host a phishing site, or steal your identity by monitoring your keystrokes.
What to Look For What are common signs of a ‘bot’ infection: Undelivered email notifications in your inbox to unknown email addresses. Bots will frequently use email accounts to send out spam. Spam to unknown email addresses will result in a “failure to deliver” notification in your inbox. Suspicious email account activity. Bots create multiple email addresses in your email account. If you notice additional email addresses in your account that you didn’t create, you may have an infected computer.
What to Look For (Cont.) Multiple toolbars on your Internet web browser. Bots will frequently install various toolbars to help collect search information from your web browser. Unusual error messages. Error messages that suggest applications cannot run or drives cannot be accessed can be indications of a bot infection. Your computer is “busy” even when not in use. Pop-ups driving you crazy.
Is Your Password Safe Do you use a strong P@$$w0rd? Many places recommend a password that is 8 characters long containing 2 uppers, 2 lowers, 2 numbers, and 2 special characters. Think of your password like the lock on your front door. You want to make it difficult for the bad guys to get through that door.
Password Tips Depending on your school system’s password policy you can use one of these examples to easily come up with a complex password you can remember: Bruce Schneir’s advice is useful: “take a sentence and turn it into a password. Something like “This little piggy went to market” might become "tlpWENT2m". That nine-character password won't be in anyone's dictionary.” Use a password you can change regularly (but still remember easily) such as #Jun$Cmh2013 Use a random password generator
More Password Tips Don’t store your password in your wallet or purse. If you do write it down, place it in a secure locked location as a last resort. You might also consider using an online password management tool. Use different passwords for different sites. If one password is compromised your other accounts won’t be affected. A longer password is a stronger password. Each additional character may add an exponential amount of time for cracking especially if you avoid common words or patterns.
When to Use Encryption Where are you? – At the local coffee shop on their wireless network – On travel on the hotel wireless – At home on your wireless network – On the school public wireless network Are you sure the network you are connecting to is trusted? – Ask what the name of the provided Wi-Fi is What sites are you going to, and what data is available if your account gets hacked?
When to Use Encryption (Cont.) Should you use your personal laptop on the school network, and should you use your work laptop at home? What are the implications? Virtual Private Networks (VPNs) – Upside: Secure access to remote resources – Downside: You are now on the remote network – Sometimes not all traffic is encrypted when using a VPN. Ask your technology contact
Is Your Connection Secure? When surfing the web, look for the in the address bar.
Is Your Connection Secure? (Cont.) When using a VPN client look for the VPN icon and hover over it to get a status.
Why Can’t I Get to xyz.com?!? Did you get a block page? This is a content filter message, not a firewall issue. – Talk to your technology contacts and tell them that you got a block page Getting the block page is not the same as not getting a response from the server.
How Did Little Johnny Get to that Site? Web Proxy – acts as an intermediary for requests from clients seeking resources from other servers - Wikipedia Image from: http://upload.wikimedia.org/wikipedia/commons/b/bb/Proxy_concept_en.svg
Web Proxies (Cont.) Very difficult to block web proxies because they are constantly changing – Alert your technology contact Very easy for kids to setup at home or find on the internet
Why Can’t I Access My Home Computer From School? This is most likely a firewall issue. – Check your IT policy – Ask your local technology contact Firewalls either block or deny traffic. Connections that only work sometimes are not likely a firewall issue, but more likely a server issue.
Home Wi-Fi Change your administrator password and login name if possible Enable encryption – WEP is old and easily hacked – WPA2 is newer and better Change/disable broadcast of your SSID (Wi-Fi network name) Use MAC address filtering to allow devices to connect to your network
What have we learned? Know your system Know your school’s policies Know your school’s IT staff Use good passwords Never use default passwords Don’t send “secret” information over WiFi networks without using VPN … and the most important lesson …