1 / 20

Scary Security Stories be aware, beware Who Are You ?

Scary Security Stories be aware, beware Who Are You ?. Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM. Questions. Use the Internet? Use on-line banking, pay bills on-line? Have kids using the internet? Know anyone who has been a target? Think you have already been a target?

tahir
Télécharger la présentation

Scary Security Stories be aware, beware Who Are You ?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Scary Security Stories be aware, bewareWho Are You ? Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM

  2. Questions • Use the Internet? • Use on-line banking, pay bills on-line? • Have kids using the internet? • Know anyone who has been a target? • Think you have already been a target? • Does your computer seem possessed?

  3. Agenda • What Information are the bad guys after • What bad things can happen to you • How they get your information • How to prevent becoming a victim • How to recognize if your information has been stolen • What to do if you are a victim

  4. What are they looking for? • Social Security Number • Mother’s maiden name • Birth date • Billing Addresses • Email Addresses • Account Numbers • Passwords

  5. How is your information abused • Physical (offline) theft used for: • New Account Fraud • Check Forgery • Information stolen on-line used for: • Unauthorized checking account transfers • Stolen credit card purchases • Illegal credit card advances • Acquiring other services in your name • Cyberstalking and Cyberharassment

  6. How they get Your Information • Stealing your mail and dumpster diving • Phishing • Internet scams • Spyware • Public Computers and Networks • Inadequate computer security • You actually give it them

  7. Stealing your mail and Dumpster Diving • Get a shredder • Use a post office box • Pay attention to missing mail • DUMPSTER.MOV

  8. Oracle chief defends Microsoft snooping By Wylie Wong Staff Writer, CNET News.com June 28, 2000, 3:10 PM PT • Oracle chief executive Larry Ellison today defended his company's decision to hire detectives to investigate two research groups that supported Microsoft during the antitrust trial. • Oracle hired Investigative Group International to probe two research organizations, the Independence Institute and the National Taxpayers Union. The company sought to verify links between Microsoft and the organizations during its antitrust trial--and even tried to buy trash from another research group with close ties to Microsoft. • Oracle told Bloomberg News today it discovered that the two organizations were misrepresenting themselves as independent advocacy groups when they were in fact funded by Microsoft. Oracle said the company hired the detective agency because the organizations were releasing studies supporting Microsoft during the antitrust trial. The financial ties between the organizations were reported by The Wall Street Journal and The Washington Post.

  9. Phishing • Rapidly spreading • Victims are more prone to fraud

  10. Phishing • Sample E-mail Below is a sample of a fraudulent e-mail that's been sent to Citibank customers. It purports to be from Citibank, but it is not. Its intent is to get you to enter sensitive information about your account and to then use this information to commit fraud.

  11. Internet scams

  12. Spyware and Adware • Gets in through kids down loading games, music off the Web. • Keyboard loggers

  13. Public Computers & Networks • Kiosks • Wireless Hot spots

  14. Inadequate Computer Security • Worms and viruses • Does your computer seem possessed?

  15. Fizzer Worm Is on the Move • The Fizzer worm continued to spread rapidly late Monday afternoon as anti-virus experts raced to analyze the code of what they called one of the more complex worms in recent memory. • The worm is 200kB of code spaghetti, containing backdoors, code droppers, attack agents, key loggers and even a small Web server. Fizzer includes an IRC bot that attempts to connect to a number of different IRC servers and, once it establishes a connection, listens passively for further instructions. • The keystroke logger records every typed letter and saves the log in an encrypted file on the infected machine. If the infected PC has the Kazaa file-sharing program installed, Fizzer also has the ability to find the default download location for Kazaa files and copy itself to that folder.

  16. Social Engineering • EULAs • Don’t disclose any personal information • Passwords • Your mothers maiden name

  17. How to Know if you’re in Trouble • Review your statements within the your account’s dispute period. • Periodically check your credit report through a Credit Bureaus such as Equifax, Experian, TransUnion • You get a call from a collection agent

  18. What to do if You Are a Victim • Contact all of your banking, credit card, mortgage, etc. • Contact the police • Report it to the Federal Trade Commission • Prepare an ID Theft Affidavit and Fraudulent Account Statement

  19. How to Protect Yourself • Two additional Brown Bag Sessions: • Securing Your Home Computer • Configuring Your Home Network • Wipe out the hard drive when disposing of computers – • Active KillDisk (Free) • WipeDisk • BCwipe

  20. Questions

More Related