4Why Awareness? (cont) Heightened Activity Regulatory Drivers FERPA HIPPAGLBAState Legislation (House Bills)Online Privacy StatementMisuse of State of Arizona EquipmentMany more to comeKelley California SB 1386
5Relationship of Privacy & Security Why Awareness? (cont.)Relationship of Privacy & SecurityRoles and ResponsibilitiesKelley Can’t talk one without the other.
6Where to start and how? Step 1: Where are we now? Current Situation AssessmentStep 2. Where do we want to be?Strategic DirectionStep 3 - How do we plan to get there?Implementation PlanningStep 4 - How will we monitor progress?Monitoring
7Level 5 Level 4 Level 3 Level 2 Level 1 Goal: Set the stage for all security efforts by bringing about a change in attitudes,which will change the campus culture.University of Arizona CharacteristicsLevel 5CONTINUOUS IMPROVEMENTThreats are continually reevaluated based on changing threat population and security incidents. Additional or more cost effective alternatives are continually identified. The practice of Security is considered a component of the campus culture. Security Awareness is viewed as a business enabler.Level 4COMMON PRACTICEThe integration of Security programs and services in the campus departments is complete. Security is involved at the onset of projects. U of A is considered as a Security Awareness Best Practice campus.General acceptance of campus-wide standards based on Security Infrastructure and displayed through noticeable behavior change. Staff, faculty and students actively and visibly participate in the programs and services. Security incidents are reported immediately to the appropriate area.Level 3INTEGRATIONLevel 2ACKNOWLEDGEMENTRealization that existing Information Security processes are fragmented. Executive level support and involvement is visible. Some Security Awareness interventions are implemented and are ongoing.Click to show were we started.Level 1COMPLACENCYSecurity Policies & Standards are minimal and may or may not be documented. Security Incidents are viewed as someone else's problem. Existing programs and services are perceived as sufficient. Security is viewed as an enforcer.
8Diversity and Decentralization ChallengesFunding & ResourcesDiversity and DecentralizationVaried AudiencesAdministratorsStudentsStaffFacultyTechnical vs. Non-technicalGil
9Message vs. Delivery Method Timeline / Opportunities Surveys SolutionsMessage vs. Delivery MethodTimeline / OpportunitiesSurveysInclude WIIFM - What’s in it for me?Include Knowledge, Skill and AttitudeKelley Message Campus Memo’s, Webpage Content, Posters,Audience (Students vs staff versus Faculty)Timeline/Opportunity (Blaster at the opening of school, downtimes for staff (summer))The What, How & Why or Want to do
10Security is Everyone's responsibility! The following three slides are a consistent message we communicate or incorporate in our awareness / education efforts to help reinforce the message thatSecurity is Everyone's responsibility!That technology alone cannot keep us secure. People are the last layer of defense.
11The key to security is embedded in the word security. SEC YYOU ARE IT!
13During your typical day, you may be exposed to situations where you become aware of an attempt to breach an area of security.You need to be prepared to:ProtectDetectReact
14Key Partnerships formed BenefitsHeightened AwarenessKey Partnerships formedCampus wide understanding, acknowledgement and supportGil Heightened awareness (accountability and ownership)Partnerships (HR, Legal)Recognition of Security OfficeIncreased reporting & requests
15Security Awareness Day CostsPamphletsSecurity Awareness DayDedicated StaffPostersKelley
16Initiatives Monthly “Brown Bag” Presentations Customized group presentationsRedesigned Security Pagesecurity.arizona.eduCampus Security Awareness Daysecurity.arizona.edu/awarenessday.htmlNew Employee Orientation HandoutWe have done away with brown bagPresentations - Ctrl alt delWebpage - We are on the second redesignAwareness Day Just held our 3rd annual awareness day. Each year has been slightly different. Each year has been slightly more successful then the previous year.Currently we only have a handout that included in the new hire handout. This will be changing due to a ABOR initial requiring a security/privacy session for new hires and refreshers for current employees.
17Security Awareness Posters Initiatives (cont.)PamphletsPrivacy Basics - Guide to Protecting Personal InformationRisk Reduction - Computer Protection and PreventionSecurity Basics - Guide for Protecting Your ComputerComputer Security and Privacy Information - What everyone needs to knowSecurity Awareness Posterssecurity.arizona.edu/posters.htmlOur Awareness Posters have received international recoginition and awards. We had so many inquiries about them that we now sell customized versions of them (color and 3 inch contact real estate at the bottom)
24Level 5 Level 4 Level 3 Level 2 Level 1 Goal: Set the stage for all security efforts by bringing about a change in attitudes,which will change the campus culture.University of Arizona CharacteristicsLevel 5CONTINUOUS IMPROVEMENTThreats are continually reevaluated based on changing threat population and security incidents. Additional or more cost effective alternatives are continually identified. The practice of Security is considered a component of the campus culture. Security Awareness is viewed as a business enabler.Level 4COMMON PRACTICEThe integration of Security programs and services in the campus departments is complete. Security is involved at the onset of projects. U of A is considered as a Security Awareness Best Practice campus.General acceptance of campus-wide standards based on Security Infrastructure and displayed through noticeable behavior change. Staff, faculty and students actively and visibly participate in the programs and services. Security incidents are reported immediately to the appropriate area.Level 3INTEGRATIONLevel 2ACKNOWLEDGEMENTRealization that existing Information Security processes are fragmented. Executive level support and involvement is visible. Some Security Awareness interventions are implemented and are ongoing.Click to move cursar to where we are today. Level 3In some cases we have reached 4Level 1COMPLACENCYSecurity Policies & Standards are minimal and may or may not be documented. Security Incidents are viewed as someone else's problem. Existing programs and services are perceived as sufficient. Security is viewed as an enforcer.
26§ ¦ µ Gil Salazar UA Network Administrator § ¦ µGil Salazar UA Network AdministratorOn Screen at the beginning. Then click to next screen movieKelley Bogart Information Security Coordinator
27After movie, Kelley to go on stage, Gil to collect Credit cards (3)
28State of the Internet today Viruses, Worms & Spies! How to Protect AgendaState of the Internet todayViruses, Worms & Spies!How to ProtectYourselfKelley to Intoduce agenda
29Internet goes thru your computer State of the Internet TodayKelley:According to Internetworldstats.com, there are 938,710,929 (938 million) internet users worldwide.23.8 % or 223,392,807 million (223 Million) from North America76.2 % or 715,318,122 million (715 Million) are from the rest of the world.Once connected to the internet your computer is accessible to # users.It now goes thru your pc if you get online, whether you like it or notJust like the freeway built in a small townCar analogy: private driveway or road versus main highway.Internet goes thru your computer
30Some Local Statistics University of Arizona Campus Cyber attacks per day # of outside to inside attacks : 64,959# of Inside to outside attacks : 60,040# of Inside to Inside attacks : ,941Total of related victim machines : ,734Kelley: Stats on campus attempts:This was a day in October of last year. This is pretty much a typical day.
31Threat Follows Value Today, the money is in Cyberspace! The 1950s American bank robber Willie Sutton was asked why he robbed banks. He said he robbed banks because,“That’s where the money is.”Today, the money is in Cyberspace!Kelley: talk about theftPhysical crime (stealing a car) is one to one relationship.Cybercrime is one to millions. It’s not about you, it’s about gaining access to your system to collect your personal information, or use your computer to launch attacks or simple to use your hard drive to store pirated movies and music files.The Internet provides for criminals the two capabilitiesmost required for the conduct of criminal activities:Anonymity & Mobility
32Do The Math Spam mailed to over 100 million inboxes If 10% read the mail and clicked the link= 10 million peopleIf 1% of people who went to site signed up for days free trial= (100,000 people) x ($0.50) = $50,000If 1% of free trials sign up for 1 year= (1,000 people) x ($144/yr) = $144,000/yrKelley: Example of why
33Situation: It is getting scary! Most attacks occur hereWhy does this gap exist?Product shipVulnerabilityDiscovered|Potential attackSoftwareModifiedPatch releasedPatch deployedat home/officeGil:As this slide opens, it represents a timeline in the life of a software product in which the following events occur, in order:Product Ship—the product is made available and customers implement itVulnerability discovered—either Microsoft or a “white hat” hacker (a responsible person or organization who notifies Microsoft of the vulnerability privately)Component modified--Microsoft engineers develop and test a patch that effectively addresses the software component that has the vulnerabilityPatch released—Microsoft makes a patch available for customers to download to their systems (note that this may be concurrent with or very close to the vulnerability being made public and the component modification being developed)Patch deployed at customer site—The customer installs the patchCLICK SLIDEPoint out that most attacks occur in the period between the time that Microsoft’s deploys the patch and the customer installs it.“Why does this gap exist?” – leads into the next slide.
34Exploit Timeline 1 331 180 151 25 Why does this gap exist? exploit codepatchWhy does this gap exist?Days between patch and exploit151180331BlasterWelchia/ NachiNimda25SQL Slammer1Days From Patch to ExploitThe average is now nine days for a system to be reverse-engineeredGil:[The gap is smaller from exploit to patching.]ZoTob
35Exploit Survival TimeThe SANS Institute has studied what it calls the "survival time" of an unprotected computer hooked up to the Internet.A year ago, the average time before it was compromised was about 55 minutes.Today it's 20 minutes.On the UA campus it can be less then ONE MINUTE.Gil:
36State of the Internet Questions? Why do criminals use the internet today?To be Anonymous & MobileKelley:
38Virus: This is changing… Old “traditional” viruses usually required human interactionYou have to save it, run it, share floppy disksing a program / document, without knowing it is infectedTypically just attach themselves to programs & documents, and then depend on humans to propagateThis is changing…Kelley:In the “old days” (mainly before the Internet was so big) viruses were spread via floppy disk. If your computer had a virus, it would attach itself to every program on the computer, and then also infect any floppy disks that were inserted. When the floppy was moved to another machine, it would get infected.This can still happen today, it is just easier with . You could actually have a virus in a Microsoft Word file, and not even know it. Then you to your teammates, and now they have the virus as well.
39How It Spreads E-mail Instant Messenger Networks P2P/Filesharing softwareDownloadsFloppy disks, Flash Drives. CDs, etc.Kelley:Viruses do a couple things. Not only does it infect the computer system that the infected file was opened on but it also propagates by sending itself to all addresses found on the infected computer. It typically will use one of the addresses it finds in the address book as the sender.Thing to point out is the file name. It looks like a picture, but notice that there are like 100 spaces and then a .EXE at the end.Some web sites bring up a dialog box saying like “You must click OK to continue” and keep bringing it up 100 times. Finally the user will click OK in desperation and install some spyware / virus.Thing to point out is the file name. It looks like a picture, but notice that there are like 100 spaces and then a .EXE at the end. Make sure you display extensions.
40This has a virus attached! SampleThis has a virus attached!To: Subject: Notify about your account utilization. From:Dear user of Arizona.edu gateway server,Your account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. For further details see the attach. For security reasons attached file is password protected. The password is "03406" Best wishes, The Arizona.edu teamKelley:Example of the bagel virus.Came from administrator, help, consult, support (I think there were 13 from variations as well as 13 subject line and message contents. Oh yeah and that is just one version of bagel. There are currently 30 something. Bagel- a through last I checked it was on Bagel –mm.Basic point used Social Engineering to spread. Social Engineering is using human factors to make you do something you feel you have to do as well as spoofing making it look like it came from someone of authority. Human Factors such as trust, authority, helpfulIn this case it used the threat of losing access to your account or internet if you did not do what was requested.If you look closely to these type of s they typically have many misspellings and/or grammar mistakes (3 instances).Also gives you the “password”, passwords might be displayed in an message but only when you have requested it because you lost it and went the process to identify that you are who you are.Also it refers you to a website, in this case arizona.edu. So it does not give you a clear contact.
41Virus:Questions?What is the most common way viruses are spread today?Kelley:
42Worms: Sub-class of Virus Replicated Automatically without human help Example is address book attackBogs down networks and InternetZotob, Blaster are examplesGil:Worms are really what we’re seeing a lot more of today (which are also viruses).These are a lot scarier because they self-replicate to other systems automatically.A typical worm will get every address in your address book, and send the virus to all of those people automatically.
44Worms:Scary part – you don’t have to do anything but turn your computer on!Or make a simple click.Gil: ease of infection
45Trojan HorseProgram that appears to be a “good” program, but really isn’tMight do what it is supposed to, plus a whole lot more!programs installed in this category use several methods to enter the computer;Web, , spywareGil: what is a trojan
46Botnets or “Zombies”Botnets are networks of captive computers (often called zombies) that are created by trojans or worms that have infected unprotected PCs.These networks are frequently used to send spam and initiate distributed denial of service (DDoS) attacks.Gil: Home computers used for attacksPCs without virus protection are the most likely to become zombies, but even a protected PC can be infected if its antivirus software's virus definitions are out of date or don't properly detect certain compressed files
47Worms:Questions?What is it called when a program sneaks onto your computer?A Trojan
49Have you ever received an email that says something like this? “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”OR“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing s threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
50This is a typical “phishing” attempt Kelley: Introduce phishing
51What is Phishing?Phishing is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or legitmate business in an apparently official electronic communication, such as an , pop-up window or an instant message.This is WIKIPEDIA’s definition. Well I addes “legitimate” and added “pop-up window”Social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes.
52Social engineering preys on qualities of human nature: Social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes.Social engineering preys on qualities of human nature:the desire to be helpfulthe tendency to trust peoplethe fear of getting into troubleWikipedia’s definition for Social EngineeringBottomline Social Engineering uses human factors such asto make you do something you feel you have to do as well as spoofing making it look like it came from someone of authority. Human Factors such as trust, authority, helpful
53EBAYKelley:This is a classic, common form of Phishing. User gets an like this saying their account has been blocked.Notice that when the user clicks the link, they are not really going to that link…they are going to some link in Korea.
54EBAYKelley:When you click the link, you are taken to this web site. Looks just like an eBay site. Funny that it accepts any name / password combination!
55EBAYKelley:Once you have “signed in” you are asked to verify your data. Since when does any web site in the world ask for this much stuff? No web-site in the world will ask for you PIN number either!
56EBAYKelley:After you type everything in, you even get a final screen tells you that you did it successfully.
61VisaKelley:…Again, asks for way too much information.
62MicrosoftKelley:Even Microsoft is not immune! This is one saying the user needs to get some security updates.
63Stats from Anti-Phishing Working Group The total number of unique phishing reports submitted to APWG in December 2005 was 15,244 - a considerabledecrease from November - this is a count of unique phishing reports.
64Stats from Anti-Phishing Working Group The number of unique phishing websites detected by APWG was 7197 in December 2005, a huge increase in uniquephishing sites from the previous two months.So while the number of unique phishing reports went down (from 16,882 in Nov. to 15,244 in Dec.) the number of unique phishing sites almost doubled.Any thoughts on why that is? Based on what I have seen, it appears that the bad guys are branching out. Meaning then use the same content but each those ’s point to many different sites. The lastest e-bay spoof brought that to my attention.
65Stats from Anti-Phishing Working Group December 2005 showed a disturbing trend of far more brands being spoofed than in any month on record. Over 120 brands were used in phishing attacks this month. A large number of banks, credit unions and credit card associations were attacked.A larger number of European financial institution attacks were reported than in previous months. We also received complaints of attacks against numerous ISPs, webmail providers and even P2P networks. There were numerous reports in December of a US Internal Revenue Service phishing attack.Financial Services continue to be the most targeted industry sector, growing to 89.3% of all attacks in the month of December. Reports of spearphishing attacks continue to increase. Often these attacks target employees of a particular company (for example, pretending to be from the IT department, requesting a password change). There was at least one well coordinated attack targeted at the faculty and students of a US University and the bank that many of them bank with. This level of sophistication in social and technical engineering is of great concern to security practitioners.
66Arizona State Credit Union Profiling our community
67DM Federal Credit Union More Southern Arizona Specific Dec then again in Feb.
68Recognizing PhishingFalse Sense Of Urgency - Threatens to "close/suspend your account," or charge a fee.Indirect invitation - "Dear valued customer", "Dear reader", "In attention to [service name here] customers“.Misspelled or Poorly Written - Helps fraudulent s avoid spam filters.Urgency. People usually make mistakes when they are in a hurry. If you are a power seller on eBay and an says your account will be closed in 48 hours, you will worry for sure. And when you worry and rush, you probably will not notice that you are taken to a counterfeit site and will give your account data to the cheater.
69Recognizing PhishingSuspicious-Looking Links & Pop-Ups Links containing all or part of a real company's name asking you to submit personal information.Hyperlinks spoofing You see the "http://www.yourbank/Login" link in the message, but if you hover the mouse cursor over the link, you will see that it points to "http://www.spoofedbanksite.com/Login"absence of your first and last name in the message is often the fingerprint of a scamThe was received to an address you do not use as an address for this particular service, the "To:" field of the message contains only address, the "To:" field is empty or contains recipients that are unknown to you. This is because widespread phishing attacks are usually done using address databases gathered by or for spammers. Naturally, in this case, the cheaters do not know your name.
70Discover Card Awareness This is an example of a legitimate communication from Discover Card
72Spyware or Phishing-based Trojans – Keyloggers ?
73Phishing-based Trojans – Keyloggers Designed with the intent of collecting information on the end-user in order to steal those users' credentials.Unlike most generic keyloggers, phishing-based keyloggers have tracking components which attempt to monitor specific actions (and specific organizations, most importantly financial institutions and online retailers and ecommerce merchants) in order to target specific information, the most common are; access to financial based websites, ecommerce sites, and web-based mail sites.
74Phishing-based Trojans – Keyloggers, Unique Variants Phishing-based Trojans reached an all time high in December with 180 unique applicationsdetected and recorded by APWG researchers.
75Unique Websites Hosting Keyloggers The number of websites spreading password-stealing malicious code soared, nearly doublingbetween November and December of last year.
76Yet Another Form of Phishing to worry about Unlike a scam which tries to trick you into providing personal information.This:executes codeChanges your host fileRedirects legitimate webpage to spoofed site….and all you did was open an or view it in a preview pane in programs like Microsoft OutlookSuppose you are the unsuspecting recipient of a phishing . When you open the , or view it in a preview pane in programs like Microsoft Outlook, a phishing program script hidden inside the then runs in the background, unseen by you, the reader of the . The program goes to the HOST file located within your computer's operating system, locates your bank’s legitimate web address, such as and replaces the bona fide Internet Protocol (IP) number with an IP number for the criminal’s fraudulent site. The next time you enter your bank’s legitimate web address, such as in your web browser, you will automatically be sent to the criminal's fraudulent site.It’s difficult to defend against these attacks because host file phishing scams do not change the destination site name ( or 'URL'), which happens in ordinary phishing scams that can be detected when users notice the url in their web browser has been altered. Most users are not sophisticated enough to know what a HOST file is or how it can be manipulated to 'spoof' users, because it happens behind the scenes, not visible on the browser interface, which continues to show the legitimate web address, such asWhen the user wants to check their bank account, and goes to the web site, they are shown the criminal's fake web site, which looks just like the real bank site. Because the URL is the same address, the user thinks the site is real, but because the criminals changed the host file, users are completely fooled. When users enter their account login name and password, they have no idea they are giving the information to the criminals. According to the Anti-Phishing Working Group, Phishers are able to convince up to 5% of recipients to respond to their hijacking of trusted brands of well-known banks, online retailers and credit card companies.
77Phishing-based Trojans – Redirectors Designed with the intent of redirecting end-users network traffic to a location where it was not intended to go to. This includes crimeware that changes hosts files and other DNS specificinformation, crimeware browser-helper objects that redirect users to fraudulent sites, and crimeware that may install a network level driver or filter to redirect users to fraudulent locations.This is particularly effective because the attackers can redirect any of the users requests at any time and the end-users have very little indication that this is happening as they could be typing in the address on their own and not following an or Instant Messaging lure.Phishing-based Trojans – RedirectorsExample: Rising Numbers of Phishing Attacks Using Hosts File Over-write ExploitsAPWG observed an increase in phishing attacks that used modifications to the Windows hosts file to deceive users.Various exploits and social engineering tricks are used to execute malicious code that appends several entries to theWindows hosts file. These entries redirect traffic from the legitimate web addresses of several banks to the IPaddress of a phishing site created by the attacker. The next time the user attempts to visit one of the targeted banks,they are instead redirected to arrive at a phishing site. However, the web address shown in the browser's address barappears to be the correct address. The logon information of the unsuspecting user is captured, as they attempt toaccess the site.
78Interesting Statistic. I would think the key word here is hosted. Phishing SitesIn December, Websense® Security Labs™ saw a continuation of the top three countries hosing phishing websites.The United States remains the on the top of the list with 34.67%. The rest of the top 10 breakdown is as follows:Republic of Korea 9.83%, China 8.98%, Germany 3.78%, United Kingdom 3.4%, Japan 3.33%, Taiwan 2.19%,Romania 1.96%, France 1.96%, and Canada 1.85%Republic of KoreaRomaniaMalicious Code SitesThe United States is still the top geographic location with 25.85%The rest of the breakdown was as follows; Spain 14.25%, Brazil 11.95%, China 6%, Russia 4%, Canada 3%,Argentina 3%, UK 2.5%, Netherlands 2%, and Switzerland 1%
79FTC suggestions to help avoid getting hooked by a phishing scam: If you get an or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either.Use anti-virus software and a firewall, and keep them up to date.Don’t personal or financial information.If you get an or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via . If you are concerned about your account, contact the organization mentioned in the using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site.Use anti-virus software and a firewall, and keep them up to date. Some phishing s contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit.Don’t personal or financial information. is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
80FTC suggestions (cont’d) Review credit card and bank account statements as soon as you receive themBe cautious about opening any attachment or downloading any files from sForward spam that is phishing for information to and to the company, bank, or organization impersonated in the phishing .Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.Regularly log into you online accounts……don't leave it for as long as a month before you check each accountBe cautious about opening any attachment or downloading any files from s you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.Forward spam that is phishing for information to and to the company, bank, or organization impersonated in the phishing . Most organizations have information on their websites about where to report problems.If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See for details on ordering a free annual credit report. You can learn other ways to avoid scams and deal with deceptive spam at ftc.gov/spam.
81Additional Protection Tips Treat all with suspicionNever use a link in an to get to any web pageEnsure that all of your software is up to dateUse anti-spyware detection software on a regular basisKelley:Treat all……..I mean what do you really know about who sent the .Never use a link…..What you see in the body can be forged, the sender's address or return address can be forged and the header can also be manipulated to disguise its true originIf you must go there, type the URL directly into your browser's address barEnsure that all your software is up to date……for instance, if you use Microsoft's Windows, run Windows Update every day when you first connect to the internet. If you use other operating systems or browsers then check daily for patches or updates. Security loop holes are regularly discovered in software and many of these scams have utilized a vulnerability in Internet Explorer
82Additional Protection Tips If you must use your financial information online, ensure that you have adequate insurance against fraudBe aware or beware.KelleyBottom line you need to use caution…..be aware or beware.
83Questions? What does the term “Phishing” refer to? Attempt to gather information for illicit useKelley
84SpywareEver get pop-ups that constantly ask for you to click “OK” and won’t go away?This is most likely Spyware of some sortGil: introduce spyware
85Spyware: What it isspyware is programming that is put in your computer to secretly gather information about You or your pc and relay it to advertisers or other interested partiesadware pushes ads, track Internet habits and performs other sneaky tricksGil: what spyware does
86Spyware : How Do I know I have it? Computers slow down to a crawlAnnoying Pop-ups appearBrowser Start Page changesUnwanted toolbars, tray programsNew programs are installed on your PC and show up on the desktopGil: introduce spyware
87Corrupt/alter the current software Steal passwords, information etc. Spyware: why is it bad?Corrupt/alter the current softwareSteal passwords, information etc.Track browsing habits, sitesinterferes with system settings(registry, startup)Even after removal, it can leave crumbswhich helps program re-install itselfGil: why its bad
88Spyware: How did I get it? Instant MessagingInternet BrowsingP2P Software (kazaa, limewire, bearshare, AIM)Downloads and InstallsPotentially Unwanted Programs (PUPs)
91Spyware : Why do they do it? 0x80 is a hacker… he says: "Most days, I just sit at home and chat online while I make money," 0x80 says. "I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days." He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.
92Spyware: Questions? What are a couple things Spyware does? Create pop-ups, hijacks web pages, collect info, slow pc down.
94Practice Good Surfing Sense You know there are bad parts of town that you don’t go toThe Internet is the same way – be wary!Kelley:For exampleMy house- wall and gates in the front- security iron- 2 large dogsMy neighbor- No wall or gates in front- No security Iron- oh yeah and let’s not forget their ChihuahuaIf I’m a thief which house would I be more likely to break into?Cyber crime is much the same. It’s the opportunity, it’s not personal. It’s about gaining access to a computer and then using information I can get to.If you have some of these measures in place (personal firewall, anti-virus, up to date software, strong passwords as well as education in now knowing that you really can’t trust everything you get via ) versus someone that does not have security practices, who is more likely to have their computer compromised?It’s the same as my house analogy, it’s not that they absolutely can’t get in it will just take more time and effort.
95Download RulesNever download or open something, if you don’t know what it isEven if you know the sender by name, check with them to see if they sent you somethingKelley:
96True company-based e-mails never send attachments Download RulesTrue company-based s never send attachmentsMake sure the link actually goes to their site & not a spoofed one!Only download what you trust, and even then be wary!KelleyNever trust anything. No companies send actual attachments in their s….they will always send links. But even then, make sure the link goes to the company’s site, not a spoofed site!
97Be Aware of SpoofingHave you ever received an telling you that you have a virus?It is possible that :Your address could’ve been spoofed and sent to someone elseIt could be a trick to get you to install some “anti-virus” or “patch” (which is really a virus itself!)Kelley:
99The Best Defense Use Strong Passwords Passwords should contain 8 characters including upper and lowercase, special characters (*^#) and numbersDon’t take downloads from strangersOnly install what you trust“free” music & file sharing programs are wide open doors for hackersGil: what users can do
100The Best Defense Check if your PC has any issues: Does your browser open to a new home page, or search page?Increase in advertisements & pop-ups?Computer seems sluggish?Know your system and what is installedGil
101The Best Defense Get a detect & removal tool for spyware Ad-Aware: easiest to use, free for home use onlySpyBot: Free for any use, more advanced, has automated protection featuresMicrosoft Anti-spyware: Free for any use, has automated protection and updates.Use all three together for complete protection!Gil
102The Best Defense Install anti-virus software Install a Firewall (Sophos, Norton, McAfee etc…)Install a Firewall(Windows built-in, Kerio, ZoneAlarm)Keep everything up-to-date!Windows Automatic Updates, Anti-virus, Spyware detection.Gil:
104The Best Defense Limit access to your computer keep doors locked if your not around and system is onThumb drives can be used to steal dataGil:Give password program demo for accounts
105The Best DefenseAt home use multiple user accounts when sharing computers and switch users/lock workstation when leaving system on when you are away from the desktopControl Alt DeleteWindows Key – l for XPGil
106Quote from a victim…"Overall, you've got to realize that, just like if you don't secure your home, you run the risk of getting burglarized; if you're crazy enough to leave the door on your computer open these days, like I did, someone's gonna walk right in and make themselves at home." ~Pastor Michael White
107The Best Defense Questions? What is the best way to keep passer bys from accessing your computer?Control-alt-delete or Windows-Key L
108Other Reminders…. Back up your computer data. Keeping system patches updatedFirewalls, pop-up blocker, spyware apps updated.Know your systemsGil: what are we doing to help
109Now for any Final Q&A…Gil: Kelley: take questions
110If the situation seems hopeless: Don’t ever give up!Don’t let the computercontrol you!Encourage them Kelley sometimes you’ll feel like the frog……but don’t give up.