Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safe Computing Practices. What is behind a cyber attack? 1.

Published byClaribel Montgomery Modified over 8 years ago

Similar presentations

Presentation on theme: "Safe Computing Practices. What is behind a cyber attack? 1."— Presentation transcript:

1 Safe Computing Practices

2 What is behind a cyber attack? 1

3 2

4 Phishing Example 1 - Red Flags 3

5 Phishing Example 2 – Spoofed Senders 4 Emails sent from a compromised @middlebury.edu email account!

6 Phishing Example 3 – Context and Links 5

7 Phishing Example 4 - Malicious Attachment 6

8 Scams – Common Attacks to Watch For Credit Card or Bank Scams: Often mimic common banks and card companies trying to entice a potential card folder to expose their user credentials or account information. PayPal Scams: Have become increasingly prevalent from fake offers of PayPal benefits to scams around account information. The goal of these is always to elicit account credentials. C-Level Scams: Attackers have increased their efforts targeting C-Level or management level individuals. These attacks often are singular in their target (spear phishing) and extremely well crafted. Managers should practice extra caution when exposing their credentials Vacation/Travel or Sales Scams: Traditionally done a spoofs of major travel or retail outlet firms but can be designed to look like any online store or company. These scams have the sole intent of taking the attacker to a fake web site for the harvesting of sensitive information such as credit card information. Tax/IRS Scams: Most common around the New Year and tax season, these scams come in many forms to entice the victim to expose sensitive data such as social security numbers. Phishing: Usually in the form of email, a scam defrauding an online user of account, financial, or other sensitive information by posing as a legitimate source. Pharming: The act of redirecting traffic from a web site to a fake site for the purpose of defrauding the site users. 7

9 Malicious Downloads 8 -- http://www.howtogeek.com/168691/how-to-avoid-installing-junk-programs- when-downloading-free-software/

10 Malicious Add-Ons and Plugins 9 -- http://www.howtogeek.com/168691/how-to-avoid-installing-junk-programs- when-downloading-free-software/

11 Please Don’t Share Passwords 10

12 There’s no such thing as a free lunch USB storage key 2011: Ponemon Institute and Kingston Digital release a report showing 70% of businesses lost data due to USB sticks and 55% of those were due to malware infections. 2012: Two US Power Plants infected with malware from USB Drives 2014: Nohl & Lell identify a critical flaw in the design behind USB technology that allows for the introduction of malware. 11

13 Data Classification – What to Collect and How 12 ●http://go.middlebury.edu/sensitivedata ●http://go.miis.edu/sensitivedata

14 Resources on Information Security Policies: Privacy Policy =Confidentiality of Data http://go.middlebury.edu/privacy Network Monitoring Policy = Protection of College Technology Resources http://go.middlebury.edu/netmon Technical Incident Response Policy = Response to Information Security Events http://go.middlebury.edu/tirp Data Classification Policy = Defines Data Types http://go.Middlebury.edu/dcp Red Flags Policy = Identity Theft Protection Not presently in hand book PCI Policy = Payment Card Data Handling http://go.middlebury.edu/pcipolicy Web Sites: Middlebury’s Information Security http://go.middlebury.edu/infosec Phishing Information http://go.middlebury.edu/phish http://www.phishing.org/ Protect Yourself On-line http://www.onguardonline.gov/ Parents Resource for Kids On-line http://getnetwise.org/ Best Practices for Home and Work http://www.nsa.gov/ia/_files/factsheets/ Best_Practices_Datasheets.pdf

15 Discussion and Links Please share your thoughts! Information Security Resources: http://go.middlebury.edu/infosec http://go.miis.edu/infosec http://go.middlebury.edu/infosecfeedback Report Information Security Events To: infosec@middlebury.edu

Download ppt "Safe Computing Practices. What is behind a cyber attack? 1."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Phishing Scams use spoofed emails and websites as lures to prompt people to voluntarily hand over sensitive information Phishing emails may contain.

Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
A Software Keylogger Attack By Daniel Shapiro. Social Engineering Users follow “spoofed” emails to counterfeit sites Users “give up” personal financial.

A Software Keylogger Attack By Daniel Shapiro. Social Engineering Users follow “spoofed” s to counterfeit sites Users “give up” personal financial.
Victoria ISD Common Sense Media Grade 6: Scams and schemes

Victoria ISD Common Sense Media Grade 6: Scams and schemes
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.

Facebook Security and Privacy Issues Brian Allen Network Security Analyst Washington University December 2, 2010 Alumni House.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Threats To A Computer Network

Threats To A Computer Network
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
The ins and outs of By: Megan Tucker. What is identity theft? The stealing of a person’s information, especially credit cards and Social Security Number,

The ins and outs of By: Megan Tucker. What is identity theft? The stealing of a person’s information, especially credit cards and Social Security Number,
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Company LOGO Internet Safety A Community Approach.

Company LOGO Internet Safety A Community Approach.

Similar presentations

Ads by Google