SlideShare a Scribd company logo

TheCyberThreatAndYou2_deck.pptx

Download as PPTX, PDF
K
KevinRiley83

This document discusses various cyber threats and provides tips to protect against them. It begins by outlining groups that may want personal information, such as nation states, cyber criminals, and corporate spies. It then details common cyber threats like malware, viruses, worms, spyware, and social engineering. The document provides examples of these threats and discusses how to prevent identity theft, protect sensitive data, use social media securely, and identify phishing attempts. It concludes by offering advice on mobile, wireless, and internet security best practices.

Internet
Related topics:
Cybersecurity Awareness
1 of 36
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
The Cyber Threat and You Kevin Riley Cybersecurity Architect Orange County Dept. of Education kriley@ocde.us OCDE IT Cybersecurity Awareness 2019
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
TheCyberThreatAndYou2_deck.pptx
Who Wants My Stuff? Nation States Cyber Thugs Corporate Espionage Activists
TheCyberThreatAndYou2_deck.pptx
What Are The Threats? Malware
What Are The Threats? Viruses A program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". -Wikipedia Symantec executive believes anti-virus products stop only 45% of the cyber attacks today
What Are The Threats? Computer Worms • A computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. -Wikipedia
What Are The Threats? Spyware • Software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. -Wikipedia
What Are The Threats? Malvertising • injecting malicious or malware laden advertisements into legitimate online advertising networks and webpages. Online advertisements provide a solid platform for spreading malware because significant effort is put into them in order to attract users and sell or advertise the product. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to "push" their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. -Wikipedia
Identity Theft • Someone uses your identity to commit a crime, take out a loan or credit, or anything else in your name. • Results: • Be arrested for a crime you did not commit • Refused credit (CC’s, Auto, Mortgages) for bad credit • Lose hundreds or thousand of dollars to thieves and countless hours clearing up them mess
Social Media https://cyberaware.securingthehuman.org/use-social- media-securely/
P2P File Sharing and IM • Be extremely careful with file sharing software (BitTorrent, Kazaa, eDonkey, Limewire, etc.) and Instant Messaging (IM). • File sharing can expose your computer to the risk of malicious files and attackers: • Improperly configured file sharing software can allow others access to your entire computer • Files may not always be what they say they are • Also, if you share copyrighted files, you risk being sued by the RIAA, • Some anti-virus programs cannot detect viruses in P2P/IM/chat files, so viruses and other malicious code can be spread this way.
Social Engineering • The practice of trying to trick or manipulate people into breaking normal security procedures is called “Social Engineering”. The principle behind social engineering and scams in general is that people are the weak link in security – that it can be easier to trick people than to hack into computing systems by force. • Social engineers exploit people’s natural tendency to want to be liked and helpful. They also take advantage of our tendency to act quickly when faced with a crisis.
Phishing / Spear Phishing Phishing is a scam designed to steal information or passwords, compromise computers or trick you out of money - typically via deceptive emails, texts, posts on social networking sites, pop-ups or phone calls. A phisher may ask for your name, account information, date of birth, Social Security number, address, etc. They may also try to get you to click on a link or open a file.
Key Indicators of Social Engineering Attacks • You are being asked for personal or private information, your password, financial account information, Social Security Number, or money. • Unexpected/unsolicited email with a link or an attachment • Requests that you forward emails, attachments, links, etc. to your friends, co-workers or family • Promises of something too good to be true. This includes bargains and “great offers,” or links to claim an award/reward. Other indicators that an email isn’t legitimate: • It’s not addressed to you, specifically, by name. • The sender isn’t specified, isn’t someone you know, or doesn’t match the “from” address. • It has spelling or grammatical errors. • It has a link that doesn’t seem match where the email says the link will take you, or an attachment with an incorrect or suspicious filename – or a suspicious file extension (e.g.: *.zip, *.exe, *.vbs, *.bin, *.com, *.pif, *.zzx) • It has a link/attachment to view an unexpected “manifest”or track an unknown package • It includes links to pictures or videos from people you don’t personally know
Hacker’s Top Tools http://www.exploit-db.com/google-dorks/
Phishing Examples
Protecting Yourself
Browser Addons that Really Help
Preventing Identity Theft •Check Your Credit Report At Least Annually •You have the right to order your credit report from each of the three credit bureaus every year • Equifax – https://www.equifax.com/CreditReportAssistance/ • TransUnion – https://www.transunion.com/personal- credit/customer-support/faqs/credit-reports-and- disclosures.page#freeAnnualReport • Experian - www.experian.com • Freeze your credit • http://www.clarkhoward.com/news/clark-howard/personal-finance- credit/credit-freeze-and-thaw-guide/nFbL/
Preventing Identity Theft • Don't respond to email, instant messages (IM), texts, phone calls, etc., asking you for your password. Even if they say they work for District IT Dept. District IT will never ask for your passwords. • Don't give personal or financial information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via email, IM, text, Facebook, Twitter, etc. • Use hard-to-guess passwords for your credit card, bank, and phone accounts and keep them secret. • Use known, trusted websites when you are logging in or providing information online. Don't log in or provide sensitive information to a web page you reached by clicking on a link -- in email, IM, text message, advertisements, Social Networks, search results, etc.
Preventing Identity Theft • When shopping online, make sure the site is secure by looking for "https" (not http) in the web address (URL) and a padlock icon in a corner of the page that asks you to input your password or personal information. • Encrypt personal information or store it on portable media and lock it up securely. • Use BitLocker (windows) or FileVault (Macintosh) To encrypt Hard Drives and Thumb Drives - • Lock up your computer with a cable. Secure laptop computers and mobile devices at all times: keep them with you or lock them up securely. • Make sure a password is required to login or resume activity. • Use a paper shredder when throwing out personal information.
Email Security • Never assume that email, instant messages (IM) or attachments are private or confidential. • Don't send restricted data or personal information via email or instant message (IM). These are not secure methods of communication. • Use the “Bcc” (blind carbon copy) line for large numbers of recipients. • This protects the email addresses of the recipients by hiding them and makes your email easier to read. Delete email and attachments when you no longer need them. • Don’t click on links or open attachments in unexpected email or in pop-up ads/windows. These could compromise your computer or take you to malicious web sites designed to steal information. • Just opening a malicious web page or attachment can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link or opening something. • Instead of clicking on an unknown link – including “tiny URLs” – look up the website yourself (e.g. Google it) and go there on your own
Protecting Sensitive Data and Privacy • Always understand the sensitivity of the data you are working on. If you are unsure about that talk with your supervisor. • Only use authorized systems to process sensitive data. Don’t store data in the cloud (Dropbox, Google Drive, etc) or on other removable media like thumb drive without prior authorization from management. • Don’t give private information to anyone you don’t know or who doesn’t have a legitimate need for it. • Don’t provide personal, sensitive or confidential information online unless you are using a trusted, secure web page. • At a minimum, look for “https” in the URL to indicate that there is a secure connection. • Get to web sites by typing the web address in directly. Don’t click on or cut and paste links in unsolicited emails
Protecting Sensitive Data and Privacy • Be especially careful about what you do over wireless. Information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept (most public-access wireless is unencrypted). • If you believe any sensitive data has been lost, stolen or compromised be sure to contact the help desk or security team immediately. The sooner our organization is notified, the quicker we can respond to minimize damage.
Mobile and Wireless Security Mobile devices are computers, too! • These devices can store important business and personal information, and may be used to access College systems, email, banking information, work and personal accounts and they need to be protected like any other computer. • A good rule of thumb is not to store anything you're not willing to lose or share with the world.
Mobile and Wireless Security Mobile devices can be just as susceptible to viruses as desktop and laptop computers. Use anti-virus/anti-malware software, if it is available for your device, and set it to auto-update as frequently as the settings will allow. • If your mobile device has built-in firewall or access control functionality, use it. • Avoid using auto-complete features that remember user names or passwords. • Disable or remove applications (apps) and plug-ins that you don't actively use • Disable Bluetooth, wireless & IrDA (infrared) when you're not actively using them • Turn off GPS and geotagging when you're not actively using them. These can allow your location to be tracked without your knowledge. • Set devices to “ask” before joining wireless networks (see below for more information about wireless). • If your device has a web browser, set the browser to block pop-ups. For added privacy, also set the browser to limit the cookies it accepts.
Mobile and Wireless Security Prevention in case of theft or loss: • Back up or sync your data regularly. • Set your device to erase itself after repeated failed log-on attempts. • Enable remote wipe. • Enable location tracking, keeping in mind the privacy implications. • If lost or stolen on campus, report it immediately to campus safety
Have You Been Hacked? If you suspect that you have been hacked, then do not hesitate to call the help desk immediately Help Desk Ext. 88111 or 714-438-8111
Internet Scams Don't be fooled by scams! • Criminals and hackers are constantly coming up with new schemes designed to compromise computers, trick you into revealing valuable information (personal, financial, etc.), steal passwords, or trick you out of money. • It can be difficult to know if someone is telling the truth on the Internet. • Scams can lead to identity theft, regular theft, access to your accounts and personal information, and compromised computers. • A compromised computer can put ALL of your information and passwords at risk
Other Scams • Mystery Shoppers • Checks are sent to people who sign up to “mystery shop” a wire transfer service.
Other Scams • 419 Scams • Scam baiting – Engaging & Exposing Internet 419 Scammers • 419eater.com • 419 refers to the article of the Nigerian Criminal Code dealing with fraud
Top 10 Scams This Year 1. The Nigerian scam, also known as 419 2. IRS Scare Scam 3. Lottery Scams 4. Phishing emails and phony web pages 5. Items for sale overpayment scam 6. Employment search overpayment scam 7. Disaster relief scams 8. Travel scams 9. “Make Money Fast” chain emails 10. "Turn Your Computer Into a Money-Making Machine!"
Thank You Be Aware And Be Secure! http://cyberaware.securingthehuman.org/

More Related Content

PPTX
Cyber security-1.pptx
CharithraaAR
 
PPT
Building Trust in the Digital Age
Marian Merritt
 
PPT
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
 
PPT
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
 
PPTX
Internet Security
mjelson
 
PPT
Rayane hazimeh building trust in the digital age teenagers and students
Rayanehaz
 
PDF
Cybersecurity Awareness Posters - Set #2
NetLockSmith
 
PPTX
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Cyber security-1.pptx
CharithraaAR
 
Building Trust in the Digital Age
Marian Merritt
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane Hazimeh
 
Internet Security
mjelson
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayanehaz
 
Cybersecurity Awareness Posters - Set #2
NetLockSmith
 
Information Security Awareness Training Open
Fred Beck MBA, CPA
 

Similar to TheCyberThreatAndYou2_deck.pptx (20)

PPT
cyber security unit-1, r20-JNTUK-USED FOR STUDENTS
SAIPAVANKUMARNANDIGA
 
PPTX
Day 2
sefreed
 
PPTX
securitya wareness dont miss it .pptx
dtsdcom
 
PPTX
INTERNET SAFETY-WPS Office (1).pptx
BHUt6
 
PPTX
Unveiling the dark web. The importance of your cybersecurity posture
Lourdes Paloma Gimenez
 
PPTX
Phishing Whaling and Hacking Case Studies.pptx
Stephen Jesukanth Martin
 
PPTX
Securityawareness
JayfErika
 
PPTX
securityawareness.pptx
binowe
 
PPTX
securityawareness.pptx
reagan sapul
 
PPTX
E business internet fraud
Radiant Minds
 
PPTX
Computer / Internet Security
David Cirella
 
PPTX
Chp-15 Cyber Safety ppt-std 11.pptx
HarishParthasarathy4
 
PPTX
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
PPTX
PRESENTATION SOCIAL NETWORK PRESENTATION SOCIAL NETWORK PRESENTATION SOCIAL N...
MaryJansi5
 
PPTX
Protect Your Computer From Viruses, Hackers,.pptx
anovalexter
 
PPTX
Introduction to Cybersecurity - Secondary School_0.pptx
ShubhamGupta833557
 
PDF
Securing and Safeguarding Your Library Setup
Brian Pichman
 
PPT
Cyber crime and cyber security
Kaushal Solanki
 
PDF
Information Security Awareness Training
Randy Bowman
 
PPTX
Lecture 3 security threats in data analysis.pptx
chesenybrian2022
 
cyber security unit-1, r20-JNTUK-USED FOR STUDENTS
SAIPAVANKUMARNANDIGA
 
Day 2
sefreed
 
securitya wareness dont miss it .pptx
dtsdcom
 
INTERNET SAFETY-WPS Office (1).pptx
BHUt6
 
Unveiling the dark web. The importance of your cybersecurity posture
Lourdes Paloma Gimenez
 
Phishing Whaling and Hacking Case Studies.pptx
Stephen Jesukanth Martin
 
Securityawareness
JayfErika
 
securityawareness.pptx
binowe
 
securityawareness.pptx
reagan sapul
 
E business internet fraud
Radiant Minds
 
Computer / Internet Security
David Cirella
 
Chp-15 Cyber Safety ppt-std 11.pptx
HarishParthasarathy4
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
PRESENTATION SOCIAL NETWORK PRESENTATION SOCIAL NETWORK PRESENTATION SOCIAL N...
MaryJansi5
 
Protect Your Computer From Viruses, Hackers,.pptx
anovalexter
 
Introduction to Cybersecurity - Secondary School_0.pptx
ShubhamGupta833557
 
Securing and Safeguarding Your Library Setup
Brian Pichman
 
Cyber crime and cyber security
Kaushal Solanki
 
Information Security Awareness Training
Randy Bowman
 
Lecture 3 security threats in data analysis.pptx
chesenybrian2022
 
Ad

Recently uploaded (20)

PDF
LB# 820-1889_051-7370_C000.schematic.pdf
matheusalbuquerqueco3
 
PPTX
EthicalHack{aksdladlsfsamnookfmnakoasjd}.pptx
dagarabull
 
PPTX
Artificial-Intelligence-in-Daily-Life (2).pptx
nidhigoswami335
 
PPTX
Unlocking Hope : How Crypto Recovery Services Can Reclaim Your Lost Funds
lionsgate network
 
PDF
Slides: PDF Eco Economic Epochs for World Game (s) pdf
Steven McGee
 
PPTX
dns domain name system history work.pptx
MUHAMMADKAVISHSHABAN
 
PDF
Data Protection & Resilience in Focus.pdf
AmyPoblete3
 
PDF
BGP Security Best Practices that Matter, presented at PHNOG 2025
APNIC
 
PPTX
Black Yellow Modern Minimalist Elegant Presentation.pptx
nothisispatrickduhh
 
PPTX
Perkembangan Perangkat jaringan komputer dan telekomunikasi 3.pptx
Prayudha3
 
PDF
Project English Paja Jara Alejandro.jpdf
AlejandroAlonsoPajaJ
 
PPTX
The Internet of Things (IoT) refers to a vast network of interconnected devic...
chethana8182
 
PDF
PDF document: World Game (s) Great Redesign.pdf
Steven McGee
 
PPTX
Different Generation Of Computers .pptx
divcoder9507
 
PDF
Latest Scam Shocking the USA in 2025.pdf
onlinescamreport4
 
PPTX
Generics jehfkhkshfhskjghkshhhhlshluhueheuhuhhlhkhk.pptx
yashpavasiya892
 
PPTX
AI ad its imp i military life read it ag
ShwetaBharti31
 
PPTX
Microsoft PowerPoint Student PPT slides.pptx
Garleys Putin
 
PPT
1965 INDO PAK WAR which Pak will never forget.ppt
sanjaychief112
 
PPT
Introduction to dns domain name syst.ppt
MUHAMMADKAVISHSHABAN
 
LB# 820-1889_051-7370_C000.schematic.pdf
matheusalbuquerqueco3
 
EthicalHack{aksdladlsfsamnookfmnakoasjd}.pptx
dagarabull
 
Artificial-Intelligence-in-Daily-Life (2).pptx
nidhigoswami335
 
Unlocking Hope : How Crypto Recovery Services Can Reclaim Your Lost Funds
lionsgate network
 
Slides: PDF Eco Economic Epochs for World Game (s) pdf
Steven McGee
 
dns domain name system history work.pptx
MUHAMMADKAVISHSHABAN
 
Data Protection & Resilience in Focus.pdf
AmyPoblete3
 
BGP Security Best Practices that Matter, presented at PHNOG 2025
APNIC
 
Black Yellow Modern Minimalist Elegant Presentation.pptx
nothisispatrickduhh
 
Perkembangan Perangkat jaringan komputer dan telekomunikasi 3.pptx
Prayudha3
 
Project English Paja Jara Alejandro.jpdf
AlejandroAlonsoPajaJ
 
The Internet of Things (IoT) refers to a vast network of interconnected devic...
chethana8182
 
PDF document: World Game (s) Great Redesign.pdf
Steven McGee
 
Different Generation Of Computers .pptx
divcoder9507
 
Latest Scam Shocking the USA in 2025.pdf
onlinescamreport4
 
Generics jehfkhkshfhskjghkshhhhlshluhueheuhuhhlhkhk.pptx
yashpavasiya892
 
AI ad its imp i military life read it ag
ShwetaBharti31
 
Microsoft PowerPoint Student PPT slides.pptx
Garleys Putin
 
1965 INDO PAK WAR which Pak will never forget.ppt
sanjaychief112
 
Introduction to dns domain name syst.ppt
MUHAMMADKAVISHSHABAN
 
Ad

TheCyberThreatAndYou2_deck.pptx

  • 1. The Cyber Threat and You Kevin Riley Cybersecurity Architect Orange County Dept. of Education [email protected] OCDE IT Cybersecurity Awareness 2019
  • 5. Who Wants My Stuff? Nation States Cyber Thugs Corporate Espionage Activists
  • 7. What Are The Threats? Malware
  • 8. What Are The Threats? Viruses A program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". -Wikipedia Symantec executive believes anti-virus products stop only 45% of the cyber attacks today
  • 9. What Are The Threats? Computer Worms • A computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. -Wikipedia
  • 10. What Are The Threats? Spyware • Software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. -Wikipedia
  • 11. What Are The Threats? Malvertising • injecting malicious or malware laden advertisements into legitimate online advertising networks and webpages. Online advertisements provide a solid platform for spreading malware because significant effort is put into them in order to attract users and sell or advertise the product. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to "push" their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. -Wikipedia
  • 12. Identity Theft • Someone uses your identity to commit a crime, take out a loan or credit, or anything else in your name. • Results: • Be arrested for a crime you did not commit • Refused credit (CC’s, Auto, Mortgages) for bad credit • Lose hundreds or thousand of dollars to thieves and countless hours clearing up them mess
  • 14. P2P File Sharing and IM • Be extremely careful with file sharing software (BitTorrent, Kazaa, eDonkey, Limewire, etc.) and Instant Messaging (IM). • File sharing can expose your computer to the risk of malicious files and attackers: • Improperly configured file sharing software can allow others access to your entire computer • Files may not always be what they say they are • Also, if you share copyrighted files, you risk being sued by the RIAA, • Some anti-virus programs cannot detect viruses in P2P/IM/chat files, so viruses and other malicious code can be spread this way.
  • 15. Social Engineering • The practice of trying to trick or manipulate people into breaking normal security procedures is called “Social Engineering”. The principle behind social engineering and scams in general is that people are the weak link in security – that it can be easier to trick people than to hack into computing systems by force. • Social engineers exploit people’s natural tendency to want to be liked and helpful. They also take advantage of our tendency to act quickly when faced with a crisis.
  • 16. Phishing / Spear Phishing Phishing is a scam designed to steal information or passwords, compromise computers or trick you out of money - typically via deceptive emails, texts, posts on social networking sites, pop-ups or phone calls. A phisher may ask for your name, account information, date of birth, Social Security number, address, etc. They may also try to get you to click on a link or open a file.
  • 17. Key Indicators of Social Engineering Attacks • You are being asked for personal or private information, your password, financial account information, Social Security Number, or money. • Unexpected/unsolicited email with a link or an attachment • Requests that you forward emails, attachments, links, etc. to your friends, co-workers or family • Promises of something too good to be true. This includes bargains and “great offers,” or links to claim an award/reward. Other indicators that an email isn’t legitimate: • It’s not addressed to you, specifically, by name. • The sender isn’t specified, isn’t someone you know, or doesn’t match the “from” address. • It has spelling or grammatical errors. • It has a link that doesn’t seem match where the email says the link will take you, or an attachment with an incorrect or suspicious filename – or a suspicious file extension (e.g.: *.zip, *.exe, *.vbs, *.bin, *.com, *.pif, *.zzx) • It has a link/attachment to view an unexpected “manifest”or track an unknown package • It includes links to pictures or videos from people you don’t personally know
  • 21. Browser Addons that Really Help
  • 22. Preventing Identity Theft •Check Your Credit Report At Least Annually •You have the right to order your credit report from each of the three credit bureaus every year • Equifax – https://www.equifax.com/CreditReportAssistance/ • TransUnion – https://www.transunion.com/personal- credit/customer-support/faqs/credit-reports-and- disclosures.page#freeAnnualReport • Experian - www.experian.com • Freeze your credit • http://www.clarkhoward.com/news/clark-howard/personal-finance- credit/credit-freeze-and-thaw-guide/nFbL/
  • 23. Preventing Identity Theft • Don't respond to email, instant messages (IM), texts, phone calls, etc., asking you for your password. Even if they say they work for District IT Dept. District IT will never ask for your passwords. • Don't give personal or financial information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via email, IM, text, Facebook, Twitter, etc. • Use hard-to-guess passwords for your credit card, bank, and phone accounts and keep them secret. • Use known, trusted websites when you are logging in or providing information online. Don't log in or provide sensitive information to a web page you reached by clicking on a link -- in email, IM, text message, advertisements, Social Networks, search results, etc.
  • 24. Preventing Identity Theft • When shopping online, make sure the site is secure by looking for "https" (not http) in the web address (URL) and a padlock icon in a corner of the page that asks you to input your password or personal information. • Encrypt personal information or store it on portable media and lock it up securely. • Use BitLocker (windows) or FileVault (Macintosh) To encrypt Hard Drives and Thumb Drives - • Lock up your computer with a cable. Secure laptop computers and mobile devices at all times: keep them with you or lock them up securely. • Make sure a password is required to login or resume activity. • Use a paper shredder when throwing out personal information.
  • 25. Email Security • Never assume that email, instant messages (IM) or attachments are private or confidential. • Don't send restricted data or personal information via email or instant message (IM). These are not secure methods of communication. • Use the “Bcc” (blind carbon copy) line for large numbers of recipients. • This protects the email addresses of the recipients by hiding them and makes your email easier to read. Delete email and attachments when you no longer need them. • Don’t click on links or open attachments in unexpected email or in pop-up ads/windows. These could compromise your computer or take you to malicious web sites designed to steal information. • Just opening a malicious web page or attachment can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link or opening something. • Instead of clicking on an unknown link – including “tiny URLs” – look up the website yourself (e.g. Google it) and go there on your own
  • 26. Protecting Sensitive Data and Privacy • Always understand the sensitivity of the data you are working on. If you are unsure about that talk with your supervisor. • Only use authorized systems to process sensitive data. Don’t store data in the cloud (Dropbox, Google Drive, etc) or on other removable media like thumb drive without prior authorization from management. • Don’t give private information to anyone you don’t know or who doesn’t have a legitimate need for it. • Don’t provide personal, sensitive or confidential information online unless you are using a trusted, secure web page. • At a minimum, look for “https” in the URL to indicate that there is a secure connection. • Get to web sites by typing the web address in directly. Don’t click on or cut and paste links in unsolicited emails
  • 27. Protecting Sensitive Data and Privacy • Be especially careful about what you do over wireless. Information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept (most public-access wireless is unencrypted). • If you believe any sensitive data has been lost, stolen or compromised be sure to contact the help desk or security team immediately. The sooner our organization is notified, the quicker we can respond to minimize damage.
  • 28. Mobile and Wireless Security Mobile devices are computers, too! • These devices can store important business and personal information, and may be used to access College systems, email, banking information, work and personal accounts and they need to be protected like any other computer. • A good rule of thumb is not to store anything you're not willing to lose or share with the world.
  • 29. Mobile and Wireless Security Mobile devices can be just as susceptible to viruses as desktop and laptop computers. Use anti-virus/anti-malware software, if it is available for your device, and set it to auto-update as frequently as the settings will allow. • If your mobile device has built-in firewall or access control functionality, use it. • Avoid using auto-complete features that remember user names or passwords. • Disable or remove applications (apps) and plug-ins that you don't actively use • Disable Bluetooth, wireless & IrDA (infrared) when you're not actively using them • Turn off GPS and geotagging when you're not actively using them. These can allow your location to be tracked without your knowledge. • Set devices to “ask” before joining wireless networks (see below for more information about wireless). • If your device has a web browser, set the browser to block pop-ups. For added privacy, also set the browser to limit the cookies it accepts.
  • 30. Mobile and Wireless Security Prevention in case of theft or loss: • Back up or sync your data regularly. • Set your device to erase itself after repeated failed log-on attempts. • Enable remote wipe. • Enable location tracking, keeping in mind the privacy implications. • If lost or stolen on campus, report it immediately to campus safety
  • 31. Have You Been Hacked? If you suspect that you have been hacked, then do not hesitate to call the help desk immediately Help Desk Ext. 88111 or 714-438-8111
  • 32. Internet Scams Don't be fooled by scams! • Criminals and hackers are constantly coming up with new schemes designed to compromise computers, trick you into revealing valuable information (personal, financial, etc.), steal passwords, or trick you out of money. • It can be difficult to know if someone is telling the truth on the Internet. • Scams can lead to identity theft, regular theft, access to your accounts and personal information, and compromised computers. • A compromised computer can put ALL of your information and passwords at risk
  • 33. Other Scams • Mystery Shoppers • Checks are sent to people who sign up to “mystery shop” a wire transfer service.
  • 34. Other Scams • 419 Scams • Scam baiting – Engaging & Exposing Internet 419 Scammers • 419eater.com • 419 refers to the article of the Nigerian Criminal Code dealing with fraud
  • 35. Top 10 Scams This Year 1. The Nigerian scam, also known as 419 2. IRS Scare Scam 3. Lottery Scams 4. Phishing emails and phony web pages 5. Items for sale overpayment scam 6. Employment search overpayment scam 7. Disaster relief scams 8. Travel scams 9. “Make Money Fast” chain emails 10. "Turn Your Computer Into a Money-Making Machine!"
  • 36. Thank You Be Aware And Be Secure! http://cyberaware.securingthehuman.org/