Don’t click on that! Kevin Hill.  Spam: Unwanted commercial email ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged.

Slides:



Advertisements
Similar presentations
How to Write an . What makes different? People do not read s, they scan s. You need to convince them this is important. You need.
Advertisements

Surrey Public Library Electronic Classrooms Essentials.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
© 2005 Convio, Inc. NTEN Webinar: Protecting your organization and donors from online scams February 23, 2006.
Dealing With Spam The kind, not the Food product.
A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.
Lesson 11 Using Online Banking. Key Terms Account Transfer – online transfer of money; ex. Savings to checking acct. Fraud – using trickery to convince.
Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
Spam and . Spam Spam is unwanted usually meant to sell something to the recipient. If a business or organization with which you are affiliated.
Phishing – Read Behind The Lines Veljko Pejović
August 15 click! 1 Basics Kitsap Regional Library.
Basics: Getting Started Uploading and Sharing Videos on YouTube. Basics: Getting Started Uploading and Sharing Videos on YouTube. 1.
Adding your school account to your iPad. OS v. 5.0 This tutorial is based on the 5.0 version of the iPad Operating System. If your iPad menu does.
By Laura Trawin.
Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
Radoncssi.org Google based IT infrastructure Alf Siochi.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Managing and Avoiding Junkmail. Junk  Where does Junk Mail come from? People with whom you do business  Pepsi Friends of people with whom you.
LEARN THE QUICK AND EASY WAY! VISUAL QUICKSTART GUIDE HTML and CSS 8th Edition Chapter 21: Publishing Your Pages on the Web.
ICT Essential Skills. (electronic mail) Snail Mail.
How to Create (and use) Strong & Unique Passwords Larry Magid Co-director ConnectSafely.org.
Review of Last Session Search Engine Optimisation (SEO) Search Engine Optimisation (SEO) You can fine-tune your site so that the search engines notice.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
Evernote How to remember everything without having to keep it in your head.
ISquad - del.icio.us Session 1 of 2 Getting going with del.icio.us.
Reliability & Desirability of Data
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS). SELECT AND USE APPROPRIATE METHODS TO MINIMISE SECURITY RISK TO IT SYSTEMS AND DATA 1.1 I can describe.
Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.
By: Star Duncan & Hannah Cole Computer Apps 4 th Period.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Textual Password How to use the Textual Authentication Model (AC)
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Meet the Tweet An Introduction to Twitter Presenter: Ellen Phillips Instructional Technology Specialist OET Queens An Introduction to Twitter Presenter:
Issues to Consider with HTML Newsletters and Goldmine  Incompatibility Some services do not allow or will not view HTML (old Juno) Some.
Marketing Amanda Freeman. Design Guidelines Set your width to pixels Avoid too many tables Flash, JavaScript, ActiveX and movies will not.
Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.
The spoofed . The spoofing The link appears as (i.e NOODLEBANK.com) But actually it links to
A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.
Internet Security and Your Computer Welcome to Boot Camp.
Phishing Dennis Schmidt, CISSP Director, Office of Information Systems HIPAA Security Officer UNC School of Medicine UNC School of Medicine.
Internet 1) John R. Levine, Margaret Levine Young, The Internet for Dummies. Wiley Publishing, 12 th Edition, 2010.
BY JESSICA SCHOLEY p1. Id Fraud Is When Someone Pretends To Be Someone Else Using There Address, Birthday And Other Information. People Also Use Id Fraud.
A Matter of Your Personal Security Phishing Revised 11/30/15.
Basics What is ? is short for electronic mail. is a method for sending messages electronically from one computer.
Phishing and online fraud What parents need to know.
By: Nikki Tucker MARSHALL MIDDLE SCHOOL 7 TH GRADE MR. DRYER.
The Internet, Fourth Edition-- Illustrated 1 The Internet – Illustrated Introductory, Fourth Edition Unit B Understanding Browser Basics.
PEMBINA TRAILS Portal System User Guide Prepared by: Jo-Anne Gibson Acadia Junior High Teacher-Librarian.
Any criminal action perpetrated primarily through the use of a computer.
Advanced Guide to ing. Introduction In this guide you and explain will learn how to use ing in an advanced way. I will go through on.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Fraud, scams and commercial exploitation. The dangers Children are still generally quite trusting and uncritical about what they read online They are.
Managing Money Workshop The National Autistic Society AGM
How to manage your s Tips and tricks. Use Folders Folders are used to manage files in your hard disk drive. Similarly you can create folders in your.
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Cyber Info Gathering Techniques
Unit 4 IT Security.
ISYM 540 Current Topics in Information System Management
Password Management Limit login attempts Encrypt your passwords
Phishing is a form of social engineering that attempts to steal sensitive information.
Part 2 Setting up a web server the easy way
Part 2 Setting up a web server the easy way
Hyperlinks and Protocols
Phishing Don’t fall for fake
What is HTML used for? STRUCTURE Text Video Lists Audio Links Forms Images Tables Click: Fades in text, lists, links, images, tables, forms, audio,
What is Phishing? Pronounced “Fishing”
The Internet and Electronic mail
Go to the page Set here the address for receiving the s sent to the mailing lists to which you are subscribing.
Presentation transcript:

Don’t click on that! Kevin Hill

 Spam: Unwanted commercial ◦ Advertising ◦ Comes from people wanting to sell you stuff. ◦ Headers may be forged to hide actual accounts sending the .  Phishing: pretending to be from someone else you trust ◦ Deceptive ◦ Designed to look like legitimate from a trusted source. ◦ Banks, ISPs, corporate IT departments.

 We use block lists to block s from known spam sending servers.  Many sites now using Sender Reputation systems.  Spam reports from Fermilab = bad reputation scores.

 Look at the “Full Headers”  Why “Full Headers”? ◦ has envelope From and To addresses, just like old timey postal mail. ◦ The headers your mail client shows are equivalent to addresses at the top of a physical letter. ◦ All servers add a “Received:” header. Only headers added by local or trusted upstream servers are trustworthy. ◦ Don’t trust those either.

 Never, ever send usernames and passwords via .  Don’t enter your username and passwords into a web form/application you don’t recognize/expect to use.  Don’t forward your fnal.gov to another site and then report messages from it as spam.

 HTML links have two parts: a display part and a URL  “click here” =>  Don’t assume a link that looks like a URL actually links to that URL  “ => me.php “ me.php

 URLs can be prefixed with a username/password.  example.com/hackme.html is a valid URL, but doesn’t go where you might think at first glance. example.com/hackme.html  Read s in plain text instead of html when you can.

 Holding the pointer over a URL should show where its actually linking in the status line.  Latest versions of browser more clearly show if an SSL link is really registered to that domain.  Beware of fake SSL certs! Hard to be 100% sure. Use good judgment.

 Look at mouse-over’s in your mail client to see where a link is really pointing.  Better to type in URLs then to click on untrustworthy links, but don’t mistype!  Save bookmarks to important pages.  Use bookmarks when you get an requesting you do something at a particular site.

 s about Fermilab systems will not come from non-fnal.gov addresses.  Real Fermilab web forms/apps will not be hosted on non-fnal.gov websites.  Outsourcing/Cloud based hosting makes things complicated.

 Messages available at

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.