Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino

Slides:



Advertisements
Similar presentations
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Advertisements

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
8 Mistakes That Expose You to Online Fraud to Online Fraud.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Threats to I.T Internet security By Cameron Mundy.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
SAFETY What to be aware of and how to avoid problems. **This is not meant to make you fearful of . The goal of this discussion is to make sure.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Inappropriate Content Hackers Phishers Scammers Child Abusers Bullies.
Scams and Schemes Essential Question: What is identity theft, and how can you protect yourself from it?
INTRODUCTION & QUESTIONS.
Unit 2 Assignment 1. Spyware Spyware is a software that gathers information about a person or site and uses it without you knowing. It can send your information.
Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
JANELL LAYSER Training Manual. AWARENESS! Social Engineers are out there, and everyone should be prepared to deal with them! They can contact you by phone,
Unit 4 Protecting Your Information Section C. Chapter 1, Slide 2Starting Out with Visual Basic 3 rd EditionIntroduction to ComputersUnit 4C – Protecting.
Gmail Tech Support Number
Important Information Provided by Information Technology Center
Presented by: SBS CyberSecurity © SBS CyberSecurity, LLC
Media education: from passive consumers to active creators
Cyber Info Gathering Techniques
Creating your online identity
Edexcel GCSE Cyber security threats Computer Science 1CP1
Social Media Security: Understanding how to keep yourself safe.
An Introduction to Phishing and Viruses
Scams & Schemes Common Sense Media.
PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.
To Know what Cyber crime is
Introduction to Web Safety
Learn how to protect yourself against common attacks
links and attachments: Help stop malware from spreading
How to use the internet safely and How to protect my personal data?
Information Security.
How to use the internet safely and How to protect my personal data?
Lesson 3 Safe Computing.
What to be aware of and how to avoid problems.
Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.
Protect Your Computer Against Harmful Attacks!
Looking for Gmail Help? JUST CALL (800)
Cybersecurity Awareness
Practice Safe Computing
IT Security awareness Training.
Mary Kummer Jim McNall PRIMA Spring Training 2018
Risk of the Internet At Home
Identity Theft This presentation will focus on identity theft. What do you already know about identity theft? Do you know anyone who has had their identity.
BuzzFeed’s Comprehensive Guide To Internet Safety (excerpts)
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.
DON’T GET HOOKED! YOU MAY BE UNAWARE BUT YOU ARE A PHISHING TARGET FOR CYBER CRIMINALS. A. Unknown sender address B. Offer too good to be true &
Network Security Best Practices
Introduction to Computers
9 ways to avoid viruses and spyware
Bethesda Cybersecurity Club
Gmail Password Recovery
Social Engineering Humans are often the weakest point in security
What is Phishing? Pronounced “Fishing”
Cybersecurity Simplified: Phishing
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino Google Mail Hack Qiyu chen, Xiaomin Dong, Chenhui Lai, Xinteng Chen, Vittorio DiPentino

What Happened? Phishing Scam Sharing a Google Doc by trusted accounts to gain permission to access. 1 million users were affected Google stop the scam in one hour http://www.independent.co.uk/life-style/gadgets-and- tech/google-phishing-emails-attack-gmail-scam-link- doc-invitation-hack-a7716581.html https://www.identityforce.com/blog/2017-data- breaches https://www.cnbc.com/2017/05/04/gmail-google- hack-phishing-attack.html

Impact on Google (Risk) Hackers attack Gmail accounts Disclosure of personal information It also affects businesses that use Google’s email service The worm through email arrived user’s inbox The worm also sent itself out to all of the affected users' contacts Cause million users suffered serious damage Potential disaster Hackers can collect data from users’ contacts and change their password on other accounts Manipulate Google's real login system Hackers attack Gmail accounts Disclosure of personal information It also affects businesses that use Google’s email service The worm through email arrived user’s inbox The worm also sent itself out to all of the affected users' contacts Cause million users suffered serious damage Potential disaster Hackers can take over the user's Amazon, Facebook, or online bank account by collecting any personal data that the user has ever sent or received by e-mailing them and having them reset their password on other service accounts. Some malicious mail from users’ known email, manipulate Google's real login system

Root Cause Tricked the user into granting permissions to a third-party application No security alert from Google Weak security awareness of users

Missing Controls Awareness Cyber-intelligence Services Understand what is at risk Recognize suspicious activity Cyber-intelligence Services Used to identify on-line threats and misrepresentations See an influx in email traffic

Recommendation 1. Be cautious of any app asking for access to your information 2. The importance of immediate response 3. Be vigilant, and when in doubt, don’t click 1. There are a TON of websites and apps out there that ask for your information. What was notable about the Google attack was that it gained access to your information indirectly through a legitimate, trusted service. This is possible because companies like Google, Facebook, Twitter and Microsoft all work with 3rd party websites and app providers. Have you ever downloaded an app that says: “Sign in with Facebook” or “Sign in with Google”? By using those options, you’re allowing Facebook or Google to share certain information about you with another service, without giving away your password. Most of the time, this is a really convenient service, allowing you to access many websites without separate login credentials. The problem is that it has become so commonplace that we don’t always think before clicking “Allow.” The Google attack is a good reminder to be cautious of these types of 3rd party requests, because copycats will certainly try the same trick. 2. Despite how fast the attack spread, Google minimized the damage by responding immediately. If you look at this report from a Reddit user, you can see how quickly a Google employee jumped on the thread and elevated the issue to the appropriate team. The threat was resolved in less than an hour, and only .1% of Google’s users were affected. Other businesses should learn from this example. Not only did Google’s team have the technical expertise to stop the threat, but they were accessible and even actively listening to their users. Businesses need to have a plan in place so they know how to respond in the event of a cyber attack. Additionally, they need to have a reliable IT resource who they can reach immediately and who they can rely on to solve the issue quickly and effectively. 3. Hackers and cyber criminals are always coming up with new ways to try to compromise your information. We share a lot of information with companies like Google, and while their teams are doing their best to protect that information, they can’t catch everything. Ultimately, it’s still up to you to pay attention and avoid putting your personal or business information in danger. If there’s ever any doubt about a link or you’re not SURE you can trust a sender, don’t click. Better yet, report anything that looks suspicious. Even an email from someone you know may not be safe – it’s better to pick up the phone and verify it than take the risk. Phishing attacks often rely on people clicking without thinking, so be careful what you click!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.