SlideShare a Scribd company logo

The Cyber Threat and You: Protect Yourself from Malware, Phishing, and Identity Theft

Download as PPTX, PDF
K
KevinRiley83

This document discusses various cyber threats and provides tips to protect against them. It begins by outlining groups that may want personal information, such as nation states, cyber criminals, and corporate spies. It then details common cyber threats like malware, viruses, worms, spyware, and social engineering. The document provides examples of these threats and discusses how to prevent identity theft, protect sensitive data, use social media securely, and identify phishing attempts. It concludes by offering advice on mobile, wireless, and internet security best practices.

Internet
1 of 36
The Cyber Threat and You Kevin Riley Cybersecurity Architect Orange County Dept. of Education kriley@ocde.us OCDE IT Cybersecurity Awareness 2019
Who Wants My Stuff? Nation States Cyber Thugs Corporate Espionage Activists
What Are The Threats? Malware
What Are The Threats? Viruses A program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". -Wikipedia Symantec executive believes anti-virus products stop only 45% of the cyber attacks today
What Are The Threats? Computer Worms • A computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. -Wikipedia
What Are The Threats? Spyware • Software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. -Wikipedia
What Are The Threats? Malvertising • injecting malicious or malware laden advertisements into legitimate online advertising networks and webpages. Online advertisements provide a solid platform for spreading malware because significant effort is put into them in order to attract users and sell or advertise the product. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to "push" their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. -Wikipedia
Identity Theft • Someone uses your identity to commit a crime, take out a loan or credit, or anything else in your name. • Results: • Be arrested for a crime you did not commit • Refused credit (CC’s, Auto, Mortgages) for bad credit • Lose hundreds or thousand of dollars to thieves and countless hours clearing up them mess
Social Media https://cyberaware.securingthehuman.org/use-social- media-securely/
P2P File Sharing and IM • Be extremely careful with file sharing software (BitTorrent, Kazaa, eDonkey, Limewire, etc.) and Instant Messaging (IM). • File sharing can expose your computer to the risk of malicious files and attackers: • Improperly configured file sharing software can allow others access to your entire computer • Files may not always be what they say they are • Also, if you share copyrighted files, you risk being sued by the RIAA, • Some anti-virus programs cannot detect viruses in P2P/IM/chat files, so viruses and other malicious code can be spread this way.
Social Engineering • The practice of trying to trick or manipulate people into breaking normal security procedures is called “Social Engineering”. The principle behind social engineering and scams in general is that people are the weak link in security – that it can be easier to trick people than to hack into computing systems by force. • Social engineers exploit people’s natural tendency to want to be liked and helpful. They also take advantage of our tendency to act quickly when faced with a crisis.
Phishing / Spear Phishing Phishing is a scam designed to steal information or passwords, compromise computers or trick you out of money - typically via deceptive emails, texts, posts on social networking sites, pop-ups or phone calls. A phisher may ask for your name, account information, date of birth, Social Security number, address, etc. They may also try to get you to click on a link or open a file.
Key Indicators of Social Engineering Attacks • You are being asked for personal or private information, your password, financial account information, Social Security Number, or money. • Unexpected/unsolicited email with a link or an attachment • Requests that you forward emails, attachments, links, etc. to your friends, co-workers or family • Promises of something too good to be true. This includes bargains and “great offers,” or links to claim an award/reward. Other indicators that an email isn’t legitimate: • It’s not addressed to you, specifically, by name. • The sender isn’t specified, isn’t someone you know, or doesn’t match the “from” address. • It has spelling or grammatical errors. • It has a link that doesn’t seem match where the email says the link will take you, or an attachment with an incorrect or suspicious filename – or a suspicious file extension (e.g.: *.zip, *.exe, *.vbs, *.bin, *.com, *.pif, *.zzx) • It has a link/attachment to view an unexpected “manifest”or track an unknown package • It includes links to pictures or videos from people you don’t personally know
Hacker’s Top Tools http://www.exploit-db.com/google-dorks/
Phishing Examples
Protecting Yourself
Browser Addons that Really Help
Preventing Identity Theft •Check Your Credit Report At Least Annually •You have the right to order your credit report from each of the three credit bureaus every year • Equifax – https://www.equifax.com/CreditReportAssistance/ • TransUnion – https://www.transunion.com/personal- credit/customer-support/faqs/credit-reports-and- disclosures.page#freeAnnualReport • Experian - www.experian.com • Freeze your credit • http://www.clarkhoward.com/news/clark-howard/personal-finance- credit/credit-freeze-and-thaw-guide/nFbL/
Preventing Identity Theft • Don't respond to email, instant messages (IM), texts, phone calls, etc., asking you for your password. Even if they say they work for District IT Dept. District IT will never ask for your passwords. • Don't give personal or financial information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via email, IM, text, Facebook, Twitter, etc. • Use hard-to-guess passwords for your credit card, bank, and phone accounts and keep them secret. • Use known, trusted websites when you are logging in or providing information online. Don't log in or provide sensitive information to a web page you reached by clicking on a link -- in email, IM, text message, advertisements, Social Networks, search results, etc.
Preventing Identity Theft • When shopping online, make sure the site is secure by looking for "https" (not http) in the web address (URL) and a padlock icon in a corner of the page that asks you to input your password or personal information. • Encrypt personal information or store it on portable media and lock it up securely. • Use BitLocker (windows) or FileVault (Macintosh) To encrypt Hard Drives and Thumb Drives - • Lock up your computer with a cable. Secure laptop computers and mobile devices at all times: keep them with you or lock them up securely. • Make sure a password is required to login or resume activity. • Use a paper shredder when throwing out personal information.
Email Security • Never assume that email, instant messages (IM) or attachments are private or confidential. • Don't send restricted data or personal information via email or instant message (IM). These are not secure methods of communication. • Use the “Bcc” (blind carbon copy) line for large numbers of recipients. • This protects the email addresses of the recipients by hiding them and makes your email easier to read. Delete email and attachments when you no longer need them. • Don’t click on links or open attachments in unexpected email or in pop-up ads/windows. These could compromise your computer or take you to malicious web sites designed to steal information. • Just opening a malicious web page or attachment can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link or opening something. • Instead of clicking on an unknown link – including “tiny URLs” – look up the website yourself (e.g. Google it) and go there on your own
Protecting Sensitive Data and Privacy • Always understand the sensitivity of the data you are working on. If you are unsure about that talk with your supervisor. • Only use authorized systems to process sensitive data. Don’t store data in the cloud (Dropbox, Google Drive, etc) or on other removable media like thumb drive without prior authorization from management. • Don’t give private information to anyone you don’t know or who doesn’t have a legitimate need for it. • Don’t provide personal, sensitive or confidential information online unless you are using a trusted, secure web page. • At a minimum, look for “https” in the URL to indicate that there is a secure connection. • Get to web sites by typing the web address in directly. Don’t click on or cut and paste links in unsolicited emails
Protecting Sensitive Data and Privacy • Be especially careful about what you do over wireless. Information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept (most public-access wireless is unencrypted). • If you believe any sensitive data has been lost, stolen or compromised be sure to contact the help desk or security team immediately. The sooner our organization is notified, the quicker we can respond to minimize damage.
Mobile and Wireless Security Mobile devices are computers, too! • These devices can store important business and personal information, and may be used to access College systems, email, banking information, work and personal accounts and they need to be protected like any other computer. • A good rule of thumb is not to store anything you're not willing to lose or share with the world.
Mobile and Wireless Security Mobile devices can be just as susceptible to viruses as desktop and laptop computers. Use anti-virus/anti-malware software, if it is available for your device, and set it to auto-update as frequently as the settings will allow. • If your mobile device has built-in firewall or access control functionality, use it. • Avoid using auto-complete features that remember user names or passwords. • Disable or remove applications (apps) and plug-ins that you don't actively use • Disable Bluetooth, wireless & IrDA (infrared) when you're not actively using them • Turn off GPS and geotagging when you're not actively using them. These can allow your location to be tracked without your knowledge. • Set devices to “ask” before joining wireless networks (see below for more information about wireless). • If your device has a web browser, set the browser to block pop-ups. For added privacy, also set the browser to limit the cookies it accepts.
Mobile and Wireless Security Prevention in case of theft or loss: • Back up or sync your data regularly. • Set your device to erase itself after repeated failed log-on attempts. • Enable remote wipe. • Enable location tracking, keeping in mind the privacy implications. • If lost or stolen on campus, report it immediately to campus safety
Have You Been Hacked? If you suspect that you have been hacked, then do not hesitate to call the help desk immediately Help Desk Ext. 88111 or 714-438-8111
Internet Scams Don't be fooled by scams! • Criminals and hackers are constantly coming up with new schemes designed to compromise computers, trick you into revealing valuable information (personal, financial, etc.), steal passwords, or trick you out of money. • It can be difficult to know if someone is telling the truth on the Internet. • Scams can lead to identity theft, regular theft, access to your accounts and personal information, and compromised computers. • A compromised computer can put ALL of your information and passwords at risk
Other Scams • Mystery Shoppers • Checks are sent to people who sign up to “mystery shop” a wire transfer service.
Other Scams • 419 Scams • Scam baiting – Engaging & Exposing Internet 419 Scammers • 419eater.com • 419 refers to the article of the Nigerian Criminal Code dealing with fraud
Top 10 Scams This Year 1. The Nigerian scam, also known as 419 2. IRS Scare Scam 3. Lottery Scams 4. Phishing emails and phony web pages 5. Items for sale overpayment scam 6. Employment search overpayment scam 7. Disaster relief scams 8. Travel scams 9. “Make Money Fast” chain emails 10. "Turn Your Computer Into a Money-Making Machine!"
Thank You Be Aware And Be Secure! http://cyberaware.securingthehuman.org/

Recommended

Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital AgeMarian Merritt
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayanehaz
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2NetLockSmith
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 

Recommended

Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital AgeMarian Merritt
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Internet Security
Internet SecurityInternet Security
Internet Securitymjelson
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayanehaz
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2NetLockSmith
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Day 2
Day 2Day 2
Day 2sefreed
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxBHUt6
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxbinowe
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraudRadiant Minds
 
Computer / Internet Security
Computer / Internet SecurityComputer / Internet Security
Computer / Internet SecurityDavid Cirella
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxHarishParthasarathy4
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxShubhamGupta833557
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Internet safety
Internet safetyInternet safety
Internet safetyjonathancallcott-efc
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 
Computer and internet fraud
Computer and internet fraudComputer and internet fraud
Computer and internet fraudKarmaveersinghsankhl
 
Safe Computing
Safe ComputingSafe Computing
Safe ComputingDr. Dheeraj Mehrotra (National Awardee)
 
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 

More Related Content

Similar to The Cyber Threat and You: Protect Yourself from Malware, Phishing, and Identity Theft

INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxBHUt6
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxbinowe
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Securityawareness
SecurityawarenessSecurityawareness
SecurityawarenessJayfErika
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraudRadiant Minds
 
Computer / Internet Security
Computer / Internet SecurityComputer / Internet Security
Computer / Internet SecurityDavid Cirella
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxHarishParthasarathy4
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxShubhamGupta833557
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupBrian Pichman
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 

Similar to The Cyber Threat and You: Protect Yourself from Malware, Phishing, and Identity Theft (20)

Day 2
Day 2Day 2
Day 2
 
INTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptxINTERNET SAFETY-WPS Office (1).pptx
INTERNET SAFETY-WPS Office (1).pptx
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 
Securityawareness
SecurityawarenessSecurityawareness
Securityawareness
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraud
 
Computer / Internet Security
Computer / Internet SecurityComputer / Internet Security
Computer / Internet Security
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
 
Introduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptxIntroduction to Cybersecurity - Secondary School_0.pptx
Introduction to Cybersecurity - Secondary School_0.pptx
 
Securing and Safeguarding Your Library Setup
Securing and Safeguarding Your Library SetupSecuring and Safeguarding Your Library Setup
Securing and Safeguarding Your Library Setup
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Internet safety
Internet safetyInternet safety
Internet safety
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcare
 
Computer and internet fraud
Computer and internet fraudComputer and internet fraud
Computer and internet fraud
 
Safe Computing
Safe ComputingSafe Computing
Safe Computing
 

Recently uploaded

Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 

Recently uploaded (20)

Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
Dwarka Sector 26 Call Girls | Delhi | 9999965857 🫦 Vanshika Verma More Our Se...
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Sukhdev Vihar Delhi 💯Call Us 🔝8264348440🔝
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 

The Cyber Threat and You: Protect Yourself from Malware, Phishing, and Identity Theft

  • 1. The Cyber Threat and You Kevin Riley Cybersecurity Architect Orange County Dept. of Education kriley@ocde.us OCDE IT Cybersecurity Awareness 2019
  • 2.
  • 3.
  • 4.
  • 5. Who Wants My Stuff? Nation States Cyber Thugs Corporate Espionage Activists
  • 6.
  • 7. What Are The Threats? Malware
  • 8. What Are The Threats? Viruses A program that, when executed, replicates by inserting copies of itself (possibly modified) into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be "infected". -Wikipedia Symantec executive believes anti-virus products stop only 45% of the cyber attacks today
  • 9. What Are The Threats? Computer Worms • A computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. -Wikipedia
  • 10. What Are The Threats? Spyware • Software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. -Wikipedia
  • 11. What Are The Threats? Malvertising • injecting malicious or malware laden advertisements into legitimate online advertising networks and webpages. Online advertisements provide a solid platform for spreading malware because significant effort is put into them in order to attract users and sell or advertise the product. Because advertising content can be inserted into high-profile and reputable websites, malvertising provides malefactors an opportunity to "push" their attacks to web users who might not otherwise see the ads, due to firewalls, more safety precautions, or the like. -Wikipedia
  • 12. Identity Theft • Someone uses your identity to commit a crime, take out a loan or credit, or anything else in your name. • Results: • Be arrested for a crime you did not commit • Refused credit (CC’s, Auto, Mortgages) for bad credit • Lose hundreds or thousand of dollars to thieves and countless hours clearing up them mess
  • 14. P2P File Sharing and IM • Be extremely careful with file sharing software (BitTorrent, Kazaa, eDonkey, Limewire, etc.) and Instant Messaging (IM). • File sharing can expose your computer to the risk of malicious files and attackers: • Improperly configured file sharing software can allow others access to your entire computer • Files may not always be what they say they are • Also, if you share copyrighted files, you risk being sued by the RIAA, • Some anti-virus programs cannot detect viruses in P2P/IM/chat files, so viruses and other malicious code can be spread this way.
  • 15. Social Engineering • The practice of trying to trick or manipulate people into breaking normal security procedures is called “Social Engineering”. The principle behind social engineering and scams in general is that people are the weak link in security – that it can be easier to trick people than to hack into computing systems by force. • Social engineers exploit people’s natural tendency to want to be liked and helpful. They also take advantage of our tendency to act quickly when faced with a crisis.
  • 16. Phishing / Spear Phishing Phishing is a scam designed to steal information or passwords, compromise computers or trick you out of money - typically via deceptive emails, texts, posts on social networking sites, pop-ups or phone calls. A phisher may ask for your name, account information, date of birth, Social Security number, address, etc. They may also try to get you to click on a link or open a file.
  • 17. Key Indicators of Social Engineering Attacks • You are being asked for personal or private information, your password, financial account information, Social Security Number, or money. • Unexpected/unsolicited email with a link or an attachment • Requests that you forward emails, attachments, links, etc. to your friends, co-workers or family • Promises of something too good to be true. This includes bargains and “great offers,” or links to claim an award/reward. Other indicators that an email isn’t legitimate: • It’s not addressed to you, specifically, by name. • The sender isn’t specified, isn’t someone you know, or doesn’t match the “from” address. • It has spelling or grammatical errors. • It has a link that doesn’t seem match where the email says the link will take you, or an attachment with an incorrect or suspicious filename – or a suspicious file extension (e.g.: *.zip, *.exe, *.vbs, *.bin, *.com, *.pif, *.zzx) • It has a link/attachment to view an unexpected “manifest”or track an unknown package • It includes links to pictures or videos from people you don’t personally know
  • 21. Browser Addons that Really Help
  • 22. Preventing Identity Theft •Check Your Credit Report At Least Annually •You have the right to order your credit report from each of the three credit bureaus every year • Equifax – https://www.equifax.com/CreditReportAssistance/ • TransUnion – https://www.transunion.com/personal- credit/customer-support/faqs/credit-reports-and- disclosures.page#freeAnnualReport • Experian - www.experian.com • Freeze your credit • http://www.clarkhoward.com/news/clark-howard/personal-finance- credit/credit-freeze-and-thaw-guide/nFbL/
  • 23. Preventing Identity Theft • Don't respond to email, instant messages (IM), texts, phone calls, etc., asking you for your password. Even if they say they work for District IT Dept. District IT will never ask for your passwords. • Don't give personal or financial information to anyone you don't know or who doesn't have a legitimate need for it -- in person, over the phone, via email, IM, text, Facebook, Twitter, etc. • Use hard-to-guess passwords for your credit card, bank, and phone accounts and keep them secret. • Use known, trusted websites when you are logging in or providing information online. Don't log in or provide sensitive information to a web page you reached by clicking on a link -- in email, IM, text message, advertisements, Social Networks, search results, etc.
  • 24. Preventing Identity Theft • When shopping online, make sure the site is secure by looking for "https" (not http) in the web address (URL) and a padlock icon in a corner of the page that asks you to input your password or personal information. • Encrypt personal information or store it on portable media and lock it up securely. • Use BitLocker (windows) or FileVault (Macintosh) To encrypt Hard Drives and Thumb Drives - • Lock up your computer with a cable. Secure laptop computers and mobile devices at all times: keep them with you or lock them up securely. • Make sure a password is required to login or resume activity. • Use a paper shredder when throwing out personal information.
  • 25. Email Security • Never assume that email, instant messages (IM) or attachments are private or confidential. • Don't send restricted data or personal information via email or instant message (IM). These are not secure methods of communication. • Use the “Bcc” (blind carbon copy) line for large numbers of recipients. • This protects the email addresses of the recipients by hiding them and makes your email easier to read. Delete email and attachments when you no longer need them. • Don’t click on links or open attachments in unexpected email or in pop-up ads/windows. These could compromise your computer or take you to malicious web sites designed to steal information. • Just opening a malicious web page or attachment can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link or opening something. • Instead of clicking on an unknown link – including “tiny URLs” – look up the website yourself (e.g. Google it) and go there on your own
  • 26. Protecting Sensitive Data and Privacy • Always understand the sensitivity of the data you are working on. If you are unsure about that talk with your supervisor. • Only use authorized systems to process sensitive data. Don’t store data in the cloud (Dropbox, Google Drive, etc) or on other removable media like thumb drive without prior authorization from management. • Don’t give private information to anyone you don’t know or who doesn’t have a legitimate need for it. • Don’t provide personal, sensitive or confidential information online unless you are using a trusted, secure web page. • At a minimum, look for “https” in the URL to indicate that there is a secure connection. • Get to web sites by typing the web address in directly. Don’t click on or cut and paste links in unsolicited emails
  • 27. Protecting Sensitive Data and Privacy • Be especially careful about what you do over wireless. Information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept (most public-access wireless is unencrypted). • If you believe any sensitive data has been lost, stolen or compromised be sure to contact the help desk or security team immediately. The sooner our organization is notified, the quicker we can respond to minimize damage.
  • 28. Mobile and Wireless Security Mobile devices are computers, too! • These devices can store important business and personal information, and may be used to access College systems, email, banking information, work and personal accounts and they need to be protected like any other computer. • A good rule of thumb is not to store anything you're not willing to lose or share with the world.
  • 29. Mobile and Wireless Security Mobile devices can be just as susceptible to viruses as desktop and laptop computers. Use anti-virus/anti-malware software, if it is available for your device, and set it to auto-update as frequently as the settings will allow. • If your mobile device has built-in firewall or access control functionality, use it. • Avoid using auto-complete features that remember user names or passwords. • Disable or remove applications (apps) and plug-ins that you don't actively use • Disable Bluetooth, wireless & IrDA (infrared) when you're not actively using them • Turn off GPS and geotagging when you're not actively using them. These can allow your location to be tracked without your knowledge. • Set devices to “ask” before joining wireless networks (see below for more information about wireless). • If your device has a web browser, set the browser to block pop-ups. For added privacy, also set the browser to limit the cookies it accepts.
  • 30. Mobile and Wireless Security Prevention in case of theft or loss: • Back up or sync your data regularly. • Set your device to erase itself after repeated failed log-on attempts. • Enable remote wipe. • Enable location tracking, keeping in mind the privacy implications. • If lost or stolen on campus, report it immediately to campus safety
  • 31. Have You Been Hacked? If you suspect that you have been hacked, then do not hesitate to call the help desk immediately Help Desk Ext. 88111 or 714-438-8111
  • 32. Internet Scams Don't be fooled by scams! • Criminals and hackers are constantly coming up with new schemes designed to compromise computers, trick you into revealing valuable information (personal, financial, etc.), steal passwords, or trick you out of money. • It can be difficult to know if someone is telling the truth on the Internet. • Scams can lead to identity theft, regular theft, access to your accounts and personal information, and compromised computers. • A compromised computer can put ALL of your information and passwords at risk
  • 33. Other Scams • Mystery Shoppers • Checks are sent to people who sign up to “mystery shop” a wire transfer service.
  • 34. Other Scams • 419 Scams • Scam baiting – Engaging & Exposing Internet 419 Scammers • 419eater.com • 419 refers to the article of the Nigerian Criminal Code dealing with fraud
  • 35. Top 10 Scams This Year 1. The Nigerian scam, also known as 419 2. IRS Scare Scam 3. Lottery Scams 4. Phishing emails and phony web pages 5. Items for sale overpayment scam 6. Employment search overpayment scam 7. Disaster relief scams 8. Travel scams 9. “Make Money Fast” chain emails 10. "Turn Your Computer Into a Money-Making Machine!"
  • 36. Thank You Be Aware And Be Secure! http://cyberaware.securingthehuman.org/