Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Awareness Campaign

Similar presentations


Presentation on theme: "Security Awareness Campaign"— Presentation transcript:

1 Security Awareness Campaign
University of Arizona Security Awareness Campaign Kelley Bogart University Information Security Coordinator Gil Salazar Network Administrator University of Arizona

2 Agenda Why Awareness Challenges Solutions Benefits Costs Initiatives
Demonstration

3 Campus Policy, Standards & Guidelines
Why Awareness? Campus Policy, Standards & Guidelines Privacy Guidelines Acceptable Use Policy Security Policy – Draft Supporting Security Standards & Guidelines Business Continuity & Disaster Recovery Incident Reporting Management Responsibilities for Security Networked Device Security Gil

4 Why Awareness? (cont) Heightened Activity Regulatory Drivers FERPA
HIPPA GLBA State Legislation (House Bills) Online Privacy Statement Misuse of State of Arizona Equipment Many more to come Kelley California SB 1386

5 Relationship of Privacy & Security
Why Awareness? (cont.) Relationship of Privacy & Security Roles and Responsibilities Kelley Can’t talk one without the other.

6 Where to start and how? Step 1: Where are we now?
Current Situation Assessment Step 2. Where do we want to be? Strategic Direction Step 3 - How do we plan to get there? Implementation Planning Step 4 - How will we monitor progress? Monitoring

7 Level 5 Level 4 Level 3 Level 2 Level 1
Goal: Set the stage for all security efforts by bringing about a change in attitudes, which will change the campus culture. University of Arizona Characteristics Level 5 CONTINUOUS IMPROVEMENT Threats are continually reevaluated based on changing threat population and security incidents. Additional or more cost effective alternatives are continually identified. The practice of Security is considered a component of the campus culture. Security Awareness is viewed as a business enabler. Level 4 COMMON PRACTICE The integration of Security programs and services in the campus departments is complete. Security is involved at the onset of projects. U of A is considered as a Security Awareness Best Practice campus. General acceptance of campus-wide standards based on Security Infrastructure and displayed through noticeable behavior change. Staff, faculty and students actively and visibly participate in the programs and services. Security incidents are reported immediately to the appropriate area. Level 3 INTEGRATION Level 2 ACKNOWLEDGEMENT Realization that existing Information Security processes are fragmented. Executive level support and involvement is visible. Some Security Awareness interventions are implemented and are ongoing. Click to show were we started. Level 1 COMPLACENCY Security Policies & Standards are minimal and may or may not be documented. Security Incidents are viewed as someone else's problem. Existing programs and services are perceived as sufficient. Security is viewed as an enforcer.

8 Diversity and Decentralization
Challenges Funding & Resources Diversity and Decentralization Varied Audiences Administrators Students Staff Faculty Technical vs. Non-technical Gil

9 Message vs. Delivery Method Timeline / Opportunities Surveys
Solutions Message vs. Delivery Method Timeline / Opportunities Surveys Include WIIFM - What’s in it for me? Include Knowledge, Skill and Attitude Kelley Message Campus Memo’s, Webpage Content, Posters, Audience (Students vs staff versus Faculty) Timeline/Opportunity (Blaster at the opening of school, downtimes for staff (summer)) The What, How & Why or Want to do

10 Security is Everyone's responsibility!
The following three slides are a consistent message we communicate or incorporate in our awareness / education efforts to help reinforce the message that Security is Everyone's responsibility! That technology alone cannot keep us secure. People are the last layer of defense.

11 The key to security is embedded in the word security.
SEC Y YOU ARE IT!

12 If not you, who? If not now, when?

13 During your typical day, you may be exposed to situations where you become aware of an attempt to breach an area of security. You need to be prepared to: Protect Detect React

14 Key Partnerships formed
Benefits Heightened Awareness Key Partnerships formed Campus wide understanding, acknowledgement and support Gil Heightened awareness (accountability and ownership) Partnerships (HR, Legal) Recognition of Security Office Increased reporting & requests

15 Security Awareness Day
Costs Pamphlets Security Awareness Day Dedicated Staff Posters Kelley

16 Initiatives Monthly “Brown Bag” Presentations
Customized group presentations Redesigned Security Page security.arizona.edu Campus Security Awareness Day security.arizona.edu/awarenessday.html New Employee Orientation Handout We have done away with brown bag Presentations - Ctrl alt del Webpage - We are on the second redesign Awareness Day Just held our 3rd annual awareness day. Each year has been slightly different. Each year has been slightly more successful then the previous year. Currently we only have a handout that included in the new hire handout. This will be changing due to a ABOR initial requiring a security/privacy session for new hires and refreshers for current employees.

17 Security Awareness Posters
Initiatives (cont.) Pamphlets Privacy Basics - Guide to Protecting Personal Information Risk Reduction - Computer Protection and Prevention Security Basics - Guide for Protecting Your Computer Computer Security and Privacy Information - What everyone needs to know Security Awareness Posters security.arizona.edu/posters.html Our Awareness Posters have received international recoginition and awards. We had so many inquiries about them that we now sell customized versions of them (color and 3 inch contact real estate at the bottom)

18 First Set

19 First Set

20 First Set

21 Second Set

22 Second Set

23 Second Set

24 Level 5 Level 4 Level 3 Level 2 Level 1
Goal: Set the stage for all security efforts by bringing about a change in attitudes, which will change the campus culture. University of Arizona Characteristics Level 5 CONTINUOUS IMPROVEMENT Threats are continually reevaluated based on changing threat population and security incidents. Additional or more cost effective alternatives are continually identified. The practice of Security is considered a component of the campus culture. Security Awareness is viewed as a business enabler. Level 4 COMMON PRACTICE The integration of Security programs and services in the campus departments is complete. Security is involved at the onset of projects. U of A is considered as a Security Awareness Best Practice campus. General acceptance of campus-wide standards based on Security Infrastructure and displayed through noticeable behavior change. Staff, faculty and students actively and visibly participate in the programs and services. Security incidents are reported immediately to the appropriate area. Level 3 INTEGRATION Level 2 ACKNOWLEDGEMENT Realization that existing Information Security processes are fragmented. Executive level support and involvement is visible. Some Security Awareness interventions are implemented and are ongoing. Click to move cursar to where we are today. Level 3 In some cases we have reached 4 Level 1 COMPLACENCY Security Policies & Standards are minimal and may or may not be documented. Security Incidents are viewed as someone else's problem. Existing programs and services are perceived as sufficient. Security is viewed as an enforcer.

25 Questions Gil: Kelley: take questions

26 § ¦ µ Gil Salazar UA Network Administrator
§ ¦ µ Gil Salazar UA Network Administrator On Screen at the beginning. Then click to next screen movie Kelley Bogart Information Security Coordinator

27 After movie, Kelley to go on stage, Gil to collect Credit cards (3)

28 State of the Internet today Viruses, Worms & Spies! How to Protect
Agenda State of the Internet today Viruses, Worms & Spies! How to Protect Yourself Kelley to Intoduce agenda

29 Internet goes thru your computer
State of the Internet Today Kelley: According to Internetworldstats.com, there are 938,710,929 (938 million) internet users worldwide. 23.8 % or 223,392,807 million (223 Million) from North America 76.2 % or 715,318,122 million (715 Million) are from the rest of the world. Once connected to the internet your computer is accessible to # users. It now goes thru your pc if you get online, whether you like it or not Just like the freeway built in a small town Car analogy: private driveway or road versus main highway. Internet goes thru your computer

30 Some Local Statistics University of Arizona Campus Cyber attacks per day
# of outside to inside attacks : 64,959 # of Inside to outside attacks : 60,040 # of Inside to Inside attacks : ,941 Total of related victim machines : ,734 Kelley: Stats on campus attempts: This was a day in October of last year. This is pretty much a typical day.

31 Threat Follows Value Today, the money is in Cyberspace!
The 1950s American bank robber Willie Sutton was asked why he robbed banks. He said he robbed banks because, “That’s where the money is.” Today, the money is in Cyberspace! Kelley: talk about theft Physical crime (stealing a car) is one to one relationship. Cybercrime is one to millions. It’s not about you, it’s about gaining access to your system to collect your personal information, or use your computer to launch attacks or simple to use your hard drive to store pirated movies and music files. The Internet provides for criminals the two capabilities most required for the conduct of criminal activities: Anonymity & Mobility

32 Do The Math Spam mailed to over 100 million inboxes
If 10% read the mail and clicked the link = 10 million people If 1% of people who went to site signed up for days free trial = (100,000 people) x ($0.50) = $50,000 If 1% of free trials sign up for 1 year = (1,000 people) x ($144/yr) = $144,000/yr Kelley: Example of why

33 Situation: It is getting scary!
Most attacks occur here Why does this gap exist? Product ship Vulnerability Discovered | Potential attack Software Modified Patch released Patch deployed at home/office Gil: As this slide opens, it represents a timeline in the life of a software product in which the following events occur, in order: Product Ship—the product is made available and customers implement it Vulnerability discovered—either Microsoft or a “white hat” hacker (a responsible person or organization who notifies Microsoft of the vulnerability privately) Component modified--Microsoft engineers develop and test a patch that effectively addresses the software component that has the vulnerability Patch released—Microsoft makes a patch available for customers to download to their systems (note that this may be concurrent with or very close to the vulnerability being made public and the component modification being developed) Patch deployed at customer site—The customer installs the patch CLICK SLIDE Point out that most attacks occur in the period between the time that Microsoft’s deploys the patch and the customer installs it. “Why does this gap exist?” – leads into the next slide.

34 Exploit Timeline 1 331 180 151 25 Why does this gap exist?
exploit code patch Why does this gap exist? Days between patch and exploit 151 180 331 Blaster Welchia/ Nachi Nimda 25 SQL Slammer 1 Days From Patch to Exploit The average is now nine days for a system to be reverse-engineered Gil: [The gap is smaller from exploit to patching.] ZoTob

35 Exploit Survival Time The SANS Institute has studied what it calls the "survival time" of an unprotected computer hooked up to the Internet. A year ago, the average time before it was compromised was about 55 minutes. Today it's 20 minutes. On the UA campus it can be less then ONE MINUTE. Gil:

36 State of the Internet Questions?
Why do criminals use the internet today? To be Anonymous & Mobile Kelley:

37 Viruses, Worms & Spies

38 Virus: This is changing…
Old “traditional” viruses usually required human interaction You have to save it, run it, share floppy disks ing a program / document, without knowing it is infected Typically just attach themselves to programs & documents, and then depend on humans to propagate This is changing… Kelley: In the “old days” (mainly before the Internet was so big) viruses were spread via floppy disk. If your computer had a virus, it would attach itself to every program on the computer, and then also infect any floppy disks that were inserted. When the floppy was moved to another machine, it would get infected. This can still happen today, it is just easier with . You could actually have a virus in a Microsoft Word file, and not even know it. Then you to your teammates, and now they have the virus as well.

39 How It Spreads E-mail Instant Messenger Networks
P2P/Filesharing software Downloads Floppy disks, Flash Drives. CDs, etc. Kelley: Viruses do a couple things. Not only does it infect the computer system that the infected file was opened on but it also propagates by sending itself to all addresses found on the infected computer. It typically will use one of the addresses it finds in the address book as the sender. Thing to point out is the file name. It looks like a picture, but notice that there are like 100 spaces and then a .EXE at the end. Some web sites bring up a dialog box saying like “You must click OK to continue” and keep bringing it up 100 times. Finally the user will click OK in desperation and install some spyware / virus. Thing to point out is the file name. It looks like a picture, but notice that there are like 100 spaces and then a .EXE at the end. Make sure you display extensions.

40 This has a virus attached!
Sample This has a virus attached! To: Subject: Notify about your account utilization. From: Dear user of Arizona.edu gateway server, Your account will be disabled because of improper using in next three days, if you are still wishing to use it, please, resign your account information. For further details see the attach. For security reasons attached file is password protected. The password is "03406" Best wishes, The Arizona.edu team Kelley: Example of the bagel virus. Came from administrator, help, consult, support (I think there were 13 from variations as well as 13 subject line and message contents. Oh yeah and that is just one version of bagel. There are currently 30 something. Bagel- a through last I checked it was on Bagel –mm. Basic point used Social Engineering to spread. Social Engineering is using human factors to make you do something you feel you have to do as well as spoofing making it look like it came from someone of authority. Human Factors such as trust, authority, helpful In this case it used the threat of losing access to your account or internet if you did not do what was requested. If you look closely to these type of s they typically have many misspellings and/or grammar mistakes (3 instances). Also gives you the “password”, passwords might be displayed in an message but only when you have requested it because you lost it and went the process to identify that you are who you are. Also it refers you to a website, in this case arizona.edu. So it does not give you a clear contact.

41 Virus: Questions? What is the most common way viruses are spread today? Kelley:

42 Worms: Sub-class of Virus Replicated Automatically without human help
Example is address book attack Bogs down networks and Internet Zotob, Blaster are examples Gil: Worms are really what we’re seeing a lot more of today (which are also viruses). These are a lot scarier because they self-replicate to other systems automatically. A typical worm will get every address in your address book, and send the virus to all of those people automatically.

43

44 Worms: Scary part – you don’t have to do anything but turn your computer on! Or make a simple click. Gil: ease of infection

45 Trojan Horse Program that appears to be a “good” program, but really isn’t Might do what it is supposed to, plus a whole lot more! programs installed in this category use several methods to enter the computer; Web, , spyware Gil: what is a trojan

46 Botnets or “Zombies” Botnets are networks of captive computers (often called zombies) that are created by trojans or worms that have infected unprotected PCs. These networks are frequently used to send spam and initiate distributed denial of service (DDoS) attacks. Gil: Home computers used for attacks PCs without virus protection are the most likely to become zombies, but even a protected PC can be infected if its antivirus software's virus definitions are out of date or don't properly detect certain compressed files

47 Worms: Questions? What is it called when a program sneaks onto your computer? A Trojan

48 Phishing

49 Have you ever received an email that says something like this?
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.” OR “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.” The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing s threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

50 This is a typical “phishing” attempt
Kelley: Introduce phishing

51 What is Phishing? Phishing is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or legitmate business in an apparently official electronic communication, such as an , pop-up window or an instant message. This is WIKIPEDIA’s definition. Well I addes “legitimate” and added “pop-up window” Social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes.

52 Social engineering preys on qualities of human nature:
Social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes. Social engineering preys on qualities of human nature: the desire to be helpful the tendency to trust people the fear of getting into trouble Wikipedia’s definition for Social Engineering Bottomline Social Engineering uses human factors such as to make you do something you feel you have to do as well as spoofing making it look like it came from someone of authority. Human Factors such as trust, authority, helpful

53 EBAY Kelley: This is a classic, common form of Phishing. User gets an like this saying their account has been blocked. Notice that when the user clicks the link, they are not really going to that link…they are going to some link in Korea.

54 EBAY Kelley: When you click the link, you are taken to this web site. Looks just like an eBay site. Funny that it accepts any name / password combination!

55 EBAY Kelley: Once you have “signed in” you are asked to verify your data. Since when does any web site in the world ask for this much stuff? No web-site in the world will ask for you PIN number either!

56 EBAY Kelley: After you type everything in, you even get a final screen tells you that you did it successfully.

57 PayPal Kelley: This is another one, from PayPal.

58 PayPal Kelley: Again, it asks for very detailed information

59 PayPal Kelley: …and then thanks you for using PayPal.

60 Visa Kelley: Looks legitimate…

61 Visa Kelley: …Again, asks for way too much information.

62 Microsoft Kelley: Even Microsoft is not immune! This is one saying the user needs to get some security updates.

63 Stats from Anti-Phishing Working Group
The total number of unique phishing reports submitted to APWG in December 2005 was 15,244 - a considerable decrease from November - this is a count of unique phishing reports.

64 Stats from Anti-Phishing Working Group
The number of unique phishing websites detected by APWG was 7197 in December 2005, a huge increase in unique phishing sites from the previous two months. So while the number of unique phishing reports went down (from 16,882 in Nov. to 15,244 in Dec.) the number of unique phishing sites almost doubled. Any thoughts on why that is? Based on what I have seen, it appears that the bad guys are branching out. Meaning then use the same content but each those ’s point to many different sites. The lastest e-bay spoof brought that to my attention.

65 Stats from Anti-Phishing Working Group
December 2005 showed a disturbing trend of far more brands being spoofed than in any month on record. Over 120 brands were used in phishing attacks this month. A large number of banks, credit unions and credit card associations were attacked. A larger number of European financial institution attacks were reported than in previous months. We also received complaints of attacks against numerous ISPs, webmail providers and even P2P networks. There were numerous reports in December of a US Internal Revenue Service phishing attack. Financial Services continue to be the most targeted industry sector, growing to 89.3% of all attacks in the month of December. Reports of spearphishing attacks continue to increase. Often these attacks target employees of a particular company (for example, pretending to be from the IT department, requesting a password change). There was at least one well coordinated attack targeted at the faculty and students of a US University and the bank that many of them bank with. This level of sophistication in social and technical engineering is of great concern to security practitioners.

66 Arizona State Credit Union
Profiling our community

67 DM Federal Credit Union
More Southern Arizona Specific Dec then again in Feb.

68 Recognizing Phishing False Sense Of Urgency - Threatens to "close/suspend your account," or charge a fee. Indirect invitation - "Dear valued customer", "Dear reader", "In attention to [service name here] customers“. Misspelled or Poorly Written - Helps fraudulent s avoid spam filters. Urgency. People usually make mistakes when they are in a hurry. If you are a power seller on eBay and an says your account will be closed in 48 hours, you will worry for sure. And when you worry and rush, you probably will not notice that you are taken to a counterfeit site and will give your account data to the cheater.

69 Recognizing Phishing Suspicious-Looking Links & Pop-Ups Links containing all or part of a real company's name asking you to submit personal information. Hyperlinks spoofing You see the "http://www.yourbank/Login" link in the message, but if you hover the mouse cursor over the link, you will see that it points to "http://www.spoofedbanksite.com/Login" absence of your first and last name in the message is often the fingerprint of a scam The was received to an address you do not use as an address for this particular service, the "To:" field of the message contains only address, the "To:" field is empty or contains recipients that are unknown to you. This is because widespread phishing attacks are usually done using address databases gathered by or for spammers. Naturally, in this case, the cheaters do not know your name.

70 Discover Card Awareness
This is an example of a legitimate communication from Discover Card

71 Citibank Citibanks page on phishing

72 Spyware or Phishing-based Trojans – Keyloggers ?

73 Phishing-based Trojans – Keyloggers
Designed with the intent of collecting information on the end-user in order to steal those users' credentials. Unlike most generic keyloggers, phishing-based keyloggers have tracking components which attempt to monitor specific actions (and specific organizations, most importantly financial institutions and online retailers and ecommerce merchants) in order to target specific information, the most common are; access to financial based websites, ecommerce sites, and web-based mail sites.

74 Phishing-based Trojans – Keyloggers, Unique Variants
Phishing-based Trojans reached an all time high in December with 180 unique applications detected and recorded by APWG researchers.

75 Unique Websites Hosting Keyloggers
The number of websites spreading password-stealing malicious code soared, nearly doubling between November and December of last year.

76 Yet Another Form of Phishing to worry about
Unlike a scam which tries to trick you into providing personal information. This: executes code Changes your host file Redirects legitimate webpage to spoofed site ….and all you did was open an or view it in a preview pane in programs like Microsoft Outlook Suppose you are the unsuspecting recipient of a phishing . When you open the , or view it in a preview pane in programs like Microsoft Outlook, a phishing program script hidden inside the then runs in the background, unseen by you, the reader of the . The program goes to the HOST file located within your computer's operating system, locates your bank’s legitimate web address, such as and replaces the bona fide Internet Protocol (IP) number with an IP number for the criminal’s fraudulent site. The next time you enter your bank’s legitimate web address, such as in your web browser, you will automatically be sent to the criminal's fraudulent site. It’s difficult to defend against these attacks because host file phishing scams do not change the destination site name ( or 'URL'), which happens in ordinary phishing scams that can be detected when users notice the url in their web browser has been altered. Most users are not sophisticated enough to know what a HOST file is or how it can be manipulated to 'spoof' users, because it happens behind the scenes, not visible on the browser interface, which continues to show the legitimate web address, such as When the user wants to check their bank account, and goes to the web site, they are shown the criminal's fake web site, which looks just like the real bank site. Because the URL is the same address, the user thinks the site is real, but because the criminals changed the host file, users are completely fooled. When users enter their account login name and password, they have no idea they are giving the information to the criminals. According to the Anti-Phishing Working Group, Phishers are able to convince up to 5% of recipients to respond to their hijacking of trusted brands of well-known banks, online retailers and credit card companies.

77 Phishing-based Trojans – Redirectors
Designed with the intent of redirecting end-users network traffic to a location where it was not intended to go to. This includes crimeware that changes hosts files and other DNS specific information, crimeware browser-helper objects that redirect users to fraudulent sites, and crimeware that may install a network level driver or filter to redirect users to fraudulent locations. This is particularly effective because the attackers can redirect any of the users requests at any time and the end-users have very little indication that this is happening as they could be typing in the address on their own and not following an or Instant Messaging lure. Phishing-based Trojans – Redirectors Example: Rising Numbers of Phishing Attacks Using Hosts File Over-write Exploits APWG observed an increase in phishing attacks that used modifications to the Windows hosts file to deceive users. Various exploits and social engineering tricks are used to execute malicious code that appends several entries to the Windows hosts file. These entries redirect traffic from the legitimate web addresses of several banks to the IP address of a phishing site created by the attacker. The next time the user attempts to visit one of the targeted banks, they are instead redirected to arrive at a phishing site. However, the web address shown in the browser's address bar appears to be the correct address. The logon information of the unsuspecting user is captured, as they attempt to access the site.

78 Interesting Statistic. I would think the key word here is hosted.
Phishing Sites In December, Websense® Security Labs™ saw a continuation of the top three countries hosing phishing websites. The United States remains the on the top of the list with 34.67%. The rest of the top 10 breakdown is as follows: Republic of Korea 9.83%, China 8.98%, Germany 3.78%, United Kingdom 3.4%, Japan 3.33%, Taiwan 2.19%, Romania 1.96%, France 1.96%, and Canada 1.85% Republic of Korea Romania Malicious Code Sites The United States is still the top geographic location with 25.85% The rest of the breakdown was as follows; Spain 14.25%, Brazil 11.95%, China 6%, Russia 4%, Canada 3%, Argentina 3%, UK 2.5%, Netherlands 2%, and Switzerland 1%

79 FTC suggestions to help avoid getting hooked by a phishing scam:
If you get an or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Use anti-virus software and a firewall, and keep them up to date. Don’t personal or financial information. If you get an or pop-up message that asks for personal or financial information, do not reply. And don’t click on the link in the message, either. Legitimate companies don’t ask for this information via . If you are concerned about your account, contact the organization mentioned in the using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser — phishers can make links look like they go to one place, but that actually send you to a different site. Use anti-virus software and a firewall, and keep them up to date. Some phishing s contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. It’s especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software “patches” to close holes in the system that hackers or phishers could exploit. Don’t personal or financial information. is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

80 FTC suggestions (cont’d)
Review credit card and bank account statements as soon as you receive them Be cautious about opening any attachment or downloading any files from s Forward spam that is phishing for information to and to the company, bank, or organization impersonated in the phishing . Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances. Regularly log into you online accounts…… don't leave it for as long as a month before you check each account Be cautious about opening any attachment or downloading any files from s you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security. Forward spam that is phishing for information to and to the company, bank, or organization impersonated in the phishing . Most organizations have information on their websites about where to report problems. If you believe you’ve been scammed, file your complaint at ftc.gov, and then visit the FTC’s Identity Theft website at Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See for details on ordering a free annual credit report. You can learn other ways to avoid scams and deal with deceptive spam at ftc.gov/spam.

81 Additional Protection Tips
Treat all with suspicion Never use a link in an to get to any web page Ensure that all of your software is up to date Use anti-spyware detection software on a regular basis Kelley: Treat all…….. I mean what do you really know about who sent the . Never use a link….. What you see in the body can be forged, the sender's address or return address can be forged and the header can also be manipulated to disguise its true origin If you must go there, type the URL directly into your browser's address bar Ensure that all your software is up to date…… for instance, if you use Microsoft's Windows, run Windows Update every day when you first connect to the internet. If you use other operating systems or browsers then check daily for patches or updates. Security loop holes are regularly discovered in software and many of these scams have utilized a vulnerability in Internet Explorer

82 Additional Protection Tips
If you must use your financial information online, ensure that you have adequate insurance against fraud Be aware or beware. Kelley Bottom line you need to use caution…..be aware or beware.

83 Questions? What does the term “Phishing” refer to?
Attempt to gather information for illicit use Kelley

84 Spyware Ever get pop-ups that constantly ask for you to click “OK” and won’t go away? This is most likely Spyware of some sort Gil: introduce spyware

85 Spyware: What it is spyware is programming that is put in your computer to secretly gather information about You or your pc and relay it to advertisers or other interested parties adware pushes ads, track Internet habits and performs other sneaky tricks Gil: what spyware does

86 Spyware : How Do I know I have it?
Computers slow down to a crawl Annoying Pop-ups appear Browser Start Page changes Unwanted toolbars, tray programs New programs are installed on your PC and show up on the desktop Gil: introduce spyware

87 Corrupt/alter the current software Steal passwords, information etc.
Spyware: why is it bad? Corrupt/alter the current software Steal passwords, information etc. Track browsing habits, sites interferes with system settings (registry, startup) Even after removal, it can leave crumbs which helps program re-install itself Gil: why its bad

88 Spyware: How did I get it?
Instant Messaging Internet Browsing P2P Software (kazaa, limewire, bearshare, AIM) Downloads and Installs Potentially Unwanted Programs (PUPs)

89 Gil:

90

91 Spyware : Why do they do it?
0x80 is a hacker… he says: "Most days, I just sit at home and chat online while I make money," 0x80 says. "I get one check like every 15 days in the mail for a few hundred bucks, and a buncha others I get from banks in Canada every 30 days." He says his work earns him an average of $6,800 per month, although he's made as much as $10,000. Not bad money for a high school dropout.

92 Spyware: Questions? What are a couple things Spyware does?
Create pop-ups, hijacks web pages, collect info, slow pc down.

93 How to Protect Yourself

94 Practice Good Surfing Sense
You know there are bad parts of town that you don’t go to The Internet is the same way – be wary! Kelley: For example My house - wall and gates in the front - security iron - 2 large dogs My neighbor - No wall or gates in front - No security Iron - oh yeah and let’s not forget their Chihuahua If I’m a thief which house would I be more likely to break into? Cyber crime is much the same. It’s the opportunity, it’s not personal. It’s about gaining access to a computer and then using information I can get to. If you have some of these measures in place (personal firewall, anti-virus, up to date software, strong passwords as well as education in now knowing that you really can’t trust everything you get via ) versus someone that does not have security practices, who is more likely to have their computer compromised? It’s the same as my house analogy, it’s not that they absolutely can’t get in it will just take more time and effort.

95 Download Rules Never download or open something, if you don’t know what it is Even if you know the sender by name, check with them to see if they sent you something Kelley:

96 True company-based e-mails never send attachments
Download Rules True company-based s never send attachments Make sure the link actually goes to their site & not a spoofed one! Only download what you trust, and even then be wary! Kelley Never trust anything. No companies send actual attachments in their s….they will always send links. But even then, make sure the link goes to the company’s site, not a spoofed site!

97 Be Aware of Spoofing Have you ever received an telling you that you have a virus? It is possible that : Your address could’ve been spoofed and sent to someone else It could be a trick to get you to install some “anti-virus” or “patch” (which is really a virus itself!) Kelley:

98 The Best Defense Gil

99 The Best Defense Use Strong Passwords
Passwords should contain 8 characters including upper and lowercase, special characters (*^#) and numbers Don’t take downloads from strangers Only install what you trust “free” music & file sharing programs are wide open doors for hackers Gil: what users can do

100 The Best Defense Check if your PC has any issues:
Does your browser open to a new home page, or search page? Increase in advertisements & pop-ups? Computer seems sluggish? Know your system and what is installed Gil

101 The Best Defense Get a detect & removal tool for spyware
Ad-Aware: easiest to use, free for home use only SpyBot: Free for any use, more advanced, has automated protection features Microsoft Anti-spyware: Free for any use, has automated protection and updates. Use all three together for complete protection! Gil

102 The Best Defense Install anti-virus software Install a Firewall
(Sophos, Norton, McAfee etc…) Install a Firewall (Windows built-in, Kerio, ZoneAlarm) Keep everything up-to-date! Windows Automatic Updates, Anti-virus, Spyware detection. Gil:

103 Gil: Why need to be updated

104 The Best Defense Limit access to your computer
keep doors locked if your not around and system is on Thumb drives can be used to steal data Gil: Give password program demo for accounts

105 The Best Defense At home use multiple user accounts when sharing computers and switch users/lock workstation when leaving system on when you are away from the desktop Control Alt Delete Windows Key – l for XP Gil

106 Quote from a victim… "Overall, you've got to realize that, just like if you don't secure your home, you run the risk of getting burglarized; if you're crazy enough to leave the door on your computer open these days, like I did, someone's gonna walk right in and make themselves at home." ~Pastor Michael White

107 The Best Defense Questions?
What is the best way to keep passer bys from accessing your computer? Control-alt-delete or Windows-Key L

108 Other Reminders…. Back up your computer data.
Keeping system patches updated Firewalls, pop-up blocker, spyware apps updated. Know your systems Gil: what are we doing to help

109 Now for any Final Q&A… Gil: Kelley: take questions

110 If the situation seems hopeless:
Don’t ever give up! Don’t let the computer control you! Encourage them  Kelley sometimes you’ll feel like the frog……but don’t give up. 


Download ppt "Security Awareness Campaign"

Similar presentations


Ads by Google