1 / 35

Internet Security

Internet Security Why it’s important for you! Spam Spam - Unsolicited "junk" e-mail sent to large numbers of people to promote products, services, pornography, scams, nonsense, etc.

RexAlvis
Télécharger la présentation

Internet Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Security Why it’s important for you!

  2. Spam • Spam - Unsolicited"junk" e-mail sent to large numbers of people to promote products, services, pornography, scams, nonsense, etc. • AntiSpam- Software or service to help prevent unsolicited mail and to complicate a spammer's method of collecting email addresses.

  3. Spam – Some Facts • Ferris Research estimates spam costs organizations $75 billion globally in antispam product purchases, lost productivity, and employees spending time cleaning out email. • Communications of the ACM estimate that spam makes up nearly 90% of email traffic and costs firms an estimated $1,000 per year per employee in lost productivity and bandwidth expenses.

  4. Spam – MY e-mail

  5. Spam Example

  6. Spam filtering– Your e-mail

  7. Spam filtering – Your e-mail

  8. Other e-mail fraud • Phishing – e-mail message that appears to come from a reliable source requesting confidential information to facilitate identity theft • Vishing – Similar to phishing but requests information called in to a fraudulent 800/888 number Also, smishing – instant messaging version of phising

  9. Vishing Example > From: hostmaster@cnchost.com[SMTP:HOSTMASTER@CNCHOST.COM] > Sent: Saturday, March 06, 2004 1:21:50 PM > To: cgermain@uamail.albany.edu > Subject: Your credit card has been successfully charged for $69.95 > Auto forwarded by a Rule > Administration of www.shadowcrew.com online store would like to thank you for your purchase of Viagra tablets. Couple of words about our products and services. Viagra is a prescription drug used to treat erection difficulties, such as erectile dysfunction, which also refers to as an impotence. At this condition men do not experience normal erection, necessary for the sexual act. VIAGRA works only in reply to sexual excitation and does not influence reproductive function in any way. Your tablets will be sent to the address specified by you within 24 hours. You should store VIAGRA at temperature below 30 degrees in original packing and out of reach of children. Do not take preparation after expiry date which is located on top of the package. We are the only official dealers that offer you tablets in original packaging. We guarantee to refund your money during 30 days. If you never purchased this product please contact us at: 1.888.575.6398 To cancel this purchase please contact us at: 1.408-817-2800 To change the shipping address on the order: 1.877.999.8779 If you suffer any side effects please contact: 1.866.963.9696 For bulk purchases please contact: 1.703.547.2000 Thank you for choosing www.shadowcrew.com We are the first - the best.

  10. Phishing Example - Web

  11. Phishing – Who is it from?

  12. Phishing – Who is it from?

  13. Phishing – Who is it from?

  14. Phishing Facts • Top brands fraudulently represented in phishing messages: Top 10 Identified Targets Valid Phishes • PayPal 9,575 • eBay, Inc. 720 • Internal Revenue Service 469 • Sulake Corporation 459 • Google 336 • JPMorgan Chase and Co. 321 • Wells Fargo 289 • HSBC Group 272 • Bank of America Corporation 231 • Lloyds TSB 110 Source: PhishTank report, April 2009.

  15. Phishing Facts • Phishing is considered one of the most pernicious types of online crime. • According to the periodical e-week.com, phishing is a $3. billion industry.

  16. Phishing Protection • Don't click on links in spam messages or in pop-up windows • Look for secure sites with https as the protocol in the URI (e.g., https://paypal.com)

  17. Phishing Locator

  18. Viruses • Viruses – “a program that is able to infect other programs by modifying them to include a possibly evolved copy of itself" - Dr. Frederick Cohen • A virus may do little more than replicate itself in this way, although it is more likely to contain some form of malicious act • A virus is generally used to cover many different forms of malicious software, including true viruses, worms, Trojan horse programs and even some types of spyware and adware. • Examples: • Boot Sector - A virus which infects the boot sector or partition table of a disk • File Infector - traditional type of virus which infects .com .exe or other executable files

  19. Virus Facts • Less common than other computer nuisances - found in about 0.15 percent of e-mails • Less prevalent than the phishing attacks • However, viruses can corrupt your computer's programs and files or even destroy all the information on a computer, and cost$$$$$.

  20. Viruses - Protection • Use antivirus software and set up a firewall • Stay away from risky Web pages - gambling, porn and other questionable sites • Like phishing - don't click on links in spam messages or in pop-up windows

  21. Viruses - Protection • Block images or graphics in e-mail messages • Use care with email attachments • Don’t open attachments from strangers • Don’t open unexpected attachments from “friends”

  22. Viruses - Protection Use alternative Web browsers (e.g., Firefox), Microsoft's Internet Explorer (IE) browser poses additional risks because it is so tightly integrated into the Windows operating system. As a result, it is capable of running code that installs malware on your computer without your approval or knowledge

  23. Try the Firefox browser with No Scripts • Will limit certain content • Will break a lot of web pages • But will also stop 99% of web attacks!!

  24. Protection - Patches Keep your browser software patched and up-to-date Use Secunia to check for missing patches and vulnerable software http://secunia.com/vulnerability_scanning/online/

  25. NOTE – Fake Antivirus Fake antivirus products earn promoters $34 million…a month http://www.techweb.com/article/showArticle?articleID=218800178&section=News

  26. Bots • Bot - An automated software program that can execute certain commands when it receives a specific input • The Web searching bots, also known as spiders and crawlers, search the Web by retrieving a certain document and recording the information and links found on it. They then generate indexes of the sites they have searched which can later be accessed by a search engine. • Bots also function in chat rooms (IRC). They will do things like greet people when they enter a chat room, advertise web sites or special deals, or kick people out of chat rooms with an accompanying nasty message. • However, bot is also a term used to describe a small, malicious program that can be planted on a computer which is then used to attack another victim computer or Website.

  27. Botnets • Botnet – A collection of computers that have been infected with maliciously programmed bots which are then used to launch a coordinated attack against a victim's computer of website, most often resulting in a denial of service.  A botnet is also referred to as a zombie network. • Currently, researchers denote that the botnet, Conficker, has grown 10 times larger than any other e-mail malware. It was noted that an average of 1 million virus-laden e-mails are crossing the Internet daily.

  28. Spyware • Spyware - A general term for a program that monitors your navigating actions. Some may be sinister, like a remote control program used by a hacker, or employed by software companies to gather data about customers. • Some Spyware invades your computer, installs programs without your knowledge, steals your information, and compromises your security and privacy.

  29. Spyware - Protection • Use Spybot Search & Destroy (www.safer-networking.org), a program that removes spyware and other malware • Check out the Anti-Spyware Software Review at http://anti-spyware-review.toptenreviews.com

  30. More Protection - Firewalls • Firewalls – Gateway that limits access between networks in accordance with local security policy. The typical firewall is an inexpensive micro-based Unix box kept clean of critical data, with many modems and public network ports on it, but just one carefully watched connection back to the rest of the cluster. • Firewall Test

  31. Other smart ideas Complex Passwords passwords are required for many of the university systems (eg. MyUAlbany, Webmail, UNIX). Please note that a 'good password' is both complex AND secure.

  32. Complex passwords • At least eight characters. • At least one letter: (a-z). • At least one number: (0-9). • At least one special character: @ , $ , * , ?, etc. • Does NOT use the characters: !, &, {, ~ , ", `, ' , < .

  33. Passphrases • Use long passphrases (> 14 characters) • J@im3leBibli0th3que • “I do not think much of a man who is not wiser today than he was yesterday.” Abraham Lincoln Idntmoamwinwtthwy • Don’t use same passphrase for different confidential services

  34. UAlbany ITSProtection For more UAlbany information: http://www.albany.edu/its/besecure.htm MAKE SURE TO REVIEW THE GLOSSARY!!!

More Related