1. By: Travis Holm

2.  Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical, and especially information assets of that organization

3.  Personal/Identity Security  Information Security

4. IDENTITY THEFT

5.  Identity theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes  It can destroy your credit and your good name

6.  The FTC estimates that as many as 9 million Americans have their identities stolen each year. (2009) In fact, you or someone you know may have experienced some form of identity theft

7.  This crime takes many forms:  Credit Card Fraud  Phone or Utilities Fraud  Bank/Finance Fraud  Obtain Government Documents  Other Fraud

9.  For identity thieves, your personal information is as good as gold!!  Thieves use a variety of methods to get hold of your personal information, including:

10.  Dumpster Diving - They rummage through trash looking for bills  Skimming - They steal credit/debit card numbers by using a special storage device  Phishing - They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information

11.  Changing Your Address - They divert your billing statements to another location by completing a change of address form  Old-Fashioned Stealing - They physically steal wallets/purses & postal mail; steal personnel records, or bribe employees who have access

12. Credit Card Fraud: - They may open new credit card accounts in your name - They may change the billing address on your credit card

13. Phone or Utilities Fraud: - They may open a new phone or wireless account in your name - They may use your name to get utility services like electricity, heating, or cable TV

14. Bank/Finance Fraud: - They may create counterfeit checks - May open a bank account in your name - Clone your ATM card - Take out a loan

15. Government Documents Fraud: - They may get a drivers license - Use your name and SS # to get government benefits - File a fraudulent tax return

16. Other Fraud: - Apply for and get a job - Rent a house/apartment - Receive medical services - Give out your personal information during an arrest

17.  Monitor your accounts and bank statements each month  Check your credit report on a regular basis

20.  Check your credit reports  Notify creditors immediately  Dispute any unauthorized transactions  Last, but not least, file a police report

21.  Be aware how information is stolen  Educate your family, friends, and others  Basic awareness and common sense  Treat your trash and mail carefully

23.  Describes the tasks of guarding information that is in a digital format Integrity Confidentiality Availability

24.  Asset  Something that has value  Threat  An event or object that may defeat the security measures in place  Threat Agent  Person or thing that has the power to carry out a threat

25.  Vulnerability  Weakness that allows a threat agent to bypass security  Exploiting  To take advantage of a vulnerability  Risk  Likelihood that a threat agent will exploit a vulnerability

26. Hackers  Identifies anyone who illegally breaks into or attempts to break into a computer system  A Person who uses his or her advanced computer skills to attack computers only to expose security flaws

27. Crackers  Refers to a person who violates system security with malicious intent

28. Script Kiddies  Unskilled Users  They download automated hacking software

29. Spies  A person who has been hired to break into a computer and steal information

30. Thieves  Search for any unprotected computer *From July through December of 2004, 54 percent of the top 50 malicious Internet programs were designed to steal confidential financial information*

31. Employees  Yes, your own employees!!

32. Cyberterrorists  Terrorists who turn their attacks to the network and computer infrastructure to cause panic among citizens and wreak havoc with vital information systems  Such people may attack because of their ideology/beliefs

33. Malware (Malicious Software)  Used to describe computer programs designed to break into and create havoc  Most common types of malware are:

34. Viruses  A program that secretly attaches itself to a document or another program and executes when that document or program is opened

35. Worms  Similar to viruses, but does not attach to a document to spread, but can travel by itself  A worm does not always require action by the computer user to begin its execution

36. Logic Bombs  A computer program that lies dormant until it is triggered by a specific logical event

37. Spyware  General term used for describing software that violates a users personal security  Approximately 116,386 Web pages distributed spyware during April 2005

38. Adware  Software that delivers advertising content in a manner this is unexpected and unwanted by the end user

39. Phishing  Involves sending an e-mail or displaying web announcements that falsely claims to be from a legitimate enterprise

41. Keyloggers (Keystroke Logger)  Either a hardware device or a small software program that monitors keystrokes  May observe the program running in: MS Windows, Windows Task Manager

42. Social Engineering  Social interaction that preys on human gullibility, sympathy, or fear to take advantage of the target; to steal money, information, or other valuables – basically a con man/woman

43. Password Guessing  Brute Force – systematically changing one character at a time  Dictionary Attack – takes each word from a dictionary and encodes it the same way the computer encodes a user’s password for protection

44. Physical Theft  February 2005 – The Bank of America said that it lost computer backup tapes containing personal information on about 1.2 million charge card users  May 2005 – Time Warner, Inc. reported that information on 600,000 current and former employees was missing

45. Improperly Recycled Computers  Many people give them to schools, charities, or sell them online  To erase the data completely use a DOD Wipe program

46. Patch Software  Describes software security updates that vendors provide for their programs and operating systems Windows/Microsoft Update

47. Firewalls  Designed to prevent malicious packets from entering the network or computers  Software or Hardware based  Some routers have built in NAT

48. Strong Passwords (Basic Rules)  Have at least 8 characters  Combination of letters, numbers, and special characters  Replace every 30 days  Do not reuse for 12 months Example: U@ndI4evr

49. Antivirus Software  Software scans a computer for infections and isolates any file that contains a virus

50. Antispyware Software  Helps prevent computers from becoming infected by different type of spyware  Basically like antivirus software

51. How to Prepare  ALWAYS back-up your files that cannot be easily or quickly recreated!!!  Portable USB hard drives  Network attached storage device  Internet/Online back-up  Tape back-up  CD/DVD ROM  USB Flash Drive