Presentation on theme: "THE MEMBERS GROUP Safeguard Iowa Partnership – Cybersecurity Webinar Series."— Presentation transcript:
THE MEMBERS GROUP Safeguard Iowa Partnership – Cybersecurity Webinar Series
THE MEMBERS GROUP Social Engineering and It’s Effects
THE MEMBERS GROUP What is Social Engineering? Define: psychological manipulation of people into performing actions or divulging confidential information.
THE MEMBERS GROUP Types of Attacks Phishing - email SMishing - texting Pharming – website Whaling – targeting of executives Vishing - phone Tailgating/Piggybacking
THE MEMBERS GROUP UPS Email Example ***Do not reply to this e-mail. UPS will not receive your reply. Important Delivery Information Delivery Status:Could not deliver package due to invalid information. Fix Errors:HERE Please click the above link to correct the errors and we will attempt to re-deliver your package Driver Release Location: COULD NOT DELIVER Shipment Detail Number of Packages1 UPS Service:1 DAY OVERNIGHT - URGENT Weight:2.8 LBS
THE MEMBERS GROUP Smishing Example firstname.lastname@example.org/VISA. (Card Blocked) Alert. For more information please call 1-877-269-XXXX.
THE MEMBERS GROUP In October 2013, RSA identified more than 62,000 phishing attacks, which raised the bar in terms of number of attacks carried out within a single month. The median takedown time for attacks is 12 hours -- worth roughly $300 each hour. During October 2013 alone, phishing attacks netted $233 million. ** ** http://searchsecurity.techtarget.com/feature/Social- engineering-attacks-Is-security-focused-on-the-wrong-problem Cost of Social Engineering
THE MEMBERS GROUP What happens after…
THE MEMBERS GROUP Effects of Cyber Crime Cybercrime has surpassed illegal drug trafficking as a criminal moneymaker.* Every 3 seconds an identity is stolen.** Without security, your unprotected PC can become infected within four minutes of connecting to the internet.*** *Cybercrime More Profitable Than Drugs", NineMSN, **Identity Theft Statistics, Identity Protection Online ***"Eliminating Mobile Security Blindfolds", Tech News World
THE MEMBERS GROUP Target, Neiman Marcus, Michaels, and more… Eastern European hackers developed software BlackPOS malware – Memory parsing software How did they get in the network? 6 other breaches, software downloaded 60x globally
THE MEMBERS GROUP Prevention Practices
THE MEMBERS GROUP Organizational Tips Never disclose password Limit who talks about IT structure Question people Be sure to be aware of guests/non-employee access If something does not feel right – STOP Education and training
THE MEMBERS GROUP Industry Measures Increased Communications EMV Mobile Tokenization
THE MEMBERS GROUP Fragmented Implementation Aite Survey – Merchants 75% of small to mid-sized merchants were not aware of EMV/Chip cards – Of those that were aware 52% were planning on upgrading by 2015 67% of large merchants are planning to upgrade by 2015 – Issuers 64% of large issuers plan to be completed by Oct 2015 14% of large issuers in the middle of reissuance by Oct 2015 58% of issuers planning on chip and signature CVM 25% of issuers planning on chip and PIN CVM
THE MEMBERS GROUP Fraudsters Take Advantage
THE MEMBERS GROUP Education
THE MEMBERS GROUP Questions?
THE MEMBERS GROUP Safeguard Iowa Partnership Cybersecurity Webinar Series: October 23: Passwords Under Attack & Two Factor Authorization October 30: Iowa Fusion Center Cyber Crime Component & How the DCI Proceeds in Criminal Investigations
THE MEMBERS GROUP Become our newest Partner TODAY! www.safeguardiowa.org