SLAC Computer Security Annual Safety and Security Briefing 2006.

Slides:



Advertisements
Similar presentations
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Advertisements

How to protect yourself, your computer, and others on the internet
Joe Klemencic Spyware is a type of program that watches what users do with their computer and then sends that information over the internetprograminternet.
Working with the Internet
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
1 Identity Theft and Phishing: What You Need to Know.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
What is identity theft, and how can you protect yourself from it?
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Cyber X-Force-SMS alert system for threats.
Chapter 7: The Web and 1 The Web and Chapter 7.
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
SLAC Computer Security Annual Safety and Security Briefing 10/11/2007 Teresa Downey.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Annual Safety & Security Briefing - 9/22/04 Teresa Downey – SLAC Computer Security Group & SCS Applications Group.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
How It Applies In A Virtual World
Computer Concepts 2014 Chapter 7 The Web and .
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.
The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.
Scams & Schemes Common Sense Media.
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
NETWORK HARDWARE AND SOFTWARE MR ROSS UNIT 3 IT APPLICATIONS.
Malware and Phishing By: Sydney Langley. MALWARE- includes viruses and spyware to steal your personal information PHISHING- is an internet scam sending.
SCAMS & SCHEMES PROTECTING YOUR IDENTITY. SCAMS WHAT IS A SCAM? ATTEMPT TO TRICK SOMEONE, USUALLY WITH THE INTENTION OF STEALING MONEY OR PRIVATE INFORMATION.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Inappropriate Content Hackers Phishers Scammers Child Abusers Bullies.
THE INTERNET. TABLE OF CONTENT CONNECTING TO THE INTERNET ELECTRONIC MAIL WORLD WIDE WEB INTERNET SERVICES.
Internet Safety. Sexual Predators Sexual Predators Harmful images – disturbing, overly graphic, explicit Harmful images – disturbing, overly graphic,
Activity 4 Catching Phish. Fishing If I went fishing what would I be doing? On the Internet fishing (phishing) is similar!
Internet safety By Suman Nazir
Unit 2 Assignment 1. Spyware Spyware is a software that gathers information about a person or site and uses it without you knowing. It can send your information.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Presented By: Jennifer Thayer, SPHR, SHRM-SCP.  Identify CyberCrime and Types  Identify Steps to Take to Prevent Identity Theft  Learn Tips and Tricks.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Identity Theft SS.8.FL.6.7 Evaluate social networking sites and other online activity from the perspective of making individuals vulnerable to harm caused.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
Scams & Schemes Common Sense Media.
Personal spaces.
Digital Citizenship Middle School
ISYM 540 Current Topics in Information System Management
Introduction Web Environments
Internet Safety Vocabulary
CS320 Web and Internet Programming Cookies and Session Tracking
CS3220 Web and Internet Programming Cookies and Session Tracking
Computer Security.
Internet Safety – Social Media
CS3220 Web and Internet Programming Cookies and Session Tracking
The Dark Side of the Internet
Presentation transcript:

SLAC Computer Security Annual Safety and Security Briefing 2006

Presenters  Teresa Downey  Spear Phishing & Web Security Markers  Heather Larrieu  Everything Else…

Spear Phishing No dangerous pointy objects involved… No dangerous pointy objects involved… but they ARE hunting YOU! but they ARE hunting YOU!

Spear Phishing – Step by Step 1. A targeted company is researched by scammer 2. s and websites forged – easy to do!! 3. HTML s sent 4. They need you to click on the fake URL 5. There goes your $$$ You cannot see true URL in HTML

Plain Text Can Prevent Scam  Scammers don’t want us to use plain text True URL is normally displayed in plain text

Spear Phishing – Last Step Security markers are missing… where is https ? where is lock in border? Just a useless picture of a lock to trick you Faking web sites is very easy! Not a SLAC website!

Secure Website Markers Internet ExplorerFirefox

What’s Behind That Lock?  Scammer can just create or buy a certificate  Look at URL closely, these are invalid:    Might get error:

Avoiding Phishing Scams 1.Read ALL in plain text  Convert to HTML with one click if you trust the e- mail 2.Look for valid URL in and browser  Does it match where you intended to be? 3.Look for security markers in browser window 4.Stop if you get any Security Alerts 5.Do they REALLY need this information??

Regarding SLAC Websites…  SLAC HR wouldn’t ask for bank info via a web page  If you are suspicious of web site then call the SLAC Department directly

Everything else… Well, okay at least… scammer’s motivations PIIwireless perils of ordering pizza

Making Money - Method 1 Adware and Spyware Tracking cookies Spam usually touting counterfeit goods Sell Something

Adblock  Firefox: Tools -> Adblock -> Preferences  IE: Nothing built-in. “Adblock” for IE is actually adware so don’t go get it.

Browser Configuration  IE: Tools -> Internet Options  Firefox: Tools -> Options

Javascript for Profiling

Making Money - Method 2 Scams, Fraud, Identity Theft Nigerian 419 scams Click-through fraud Steal some Personally Identifiable Information

Personally Identifiable Information What people are doing with stolen PII ?  Credit card, Bank, Loan fraud  Phone or Utilities fraud  Applying for Government documents or benefits  Magazine subscription (~0.2 % each year!) Scope of the problem – FTC data ( )  10 million victims of identity theft in U.S.  Victims spend an average of $1,500 and 175 hours to recover  Not including losses by vendors, merchants, or financial institutions PII is essentially data that can be used to facilitate identity theft

Making Money - Method 3 Be the “Middleman”

Botnets 1.Herder deploys malware 2. Infected PCs log into an IRC server or other communications medium, forming a network with a central C&C structure 3. Spammer purchases access to botnet 4. Spammer sends instructions to the botnet 5. The infected PCs send the spam messages from Wikipedia on Botnets

POST XXXXXXX%20XXXXXX%20XX%20XXX%20XXXX&VisitorID=1 HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: ) Gecko/ Firefox/ Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q =0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO ,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Proxy-Connection: keep-alive Referer: XXXX%20XXXXXX%20XX%20XXX%20XXXX&VisitorID=1 Cookie: ASPSESSIONIDSCQDDCRC=IIBBDKKBCAOBKBIGABPBHNAI; ASPSESSIONIDCSDTABCC=KCGNNPKBABOIEJKIPBHEJHAH; ASPSESSIONIDSCTDADRC=OAOJABLBFFJKLGIDHPLLMDGM Content-Type: application/x-www-form-urlencoded Content-length: 268 LName=AAAAAAA&FName=AAAAAAA&TelePhone= &ModeOfPayment=2&R em=IS+THIS+SECURE%3F+&CreditCardType=3&CreditCardNo= & ExpiryMonth=6&ExpiryYear=2009&VisitorID=1&CatID=01&CatName=XXXXXXX+XXX XX+XX+XXX+XXXX&hLName=&hFName=&hTelephone=&hCreditCardNo=&hRem=

Wireless

Final Thoughts  Report all suspicious activity  Send to:  Urgent: call HelpDesk at x4357  See Teresa, Heather, Bob Cowles, Gary Buhrmaster, John Halperin and Steffen Luitz at Computer Security table in breezeway for your questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.