A Real & Present Danger            Jane Ginn, MRP, AIT              Managing Director         SedonaCyberLink
Why are we here today?   Characterize magnitude of problem   Overview of threats/vulnerabilities       Identify potenti...
Data Security   Customer Privacy
Exponential growth ofcriminal activityon the web ---
Centers of Criminal Activity ---Source: HostExploit – Global Security Report, April 2012
Dark Nets of Cyber Crime ---
What is their motivation?
2011 Poneman Benchmark StudySource: Symantec
2011 Patterns ---Source: Panda Labs
Types ---Source: McAfee 2011 Q4 Report
Over 50% from US, China & Brazil-http://www.securelist.com/en/analysis/204792234/Spam_report_May_2012
2011 Infections ---Source: McAfee 2011 Report
Apple Exploits (2009 data)---http://www.sans.org/top-cyber-security-risks/trends.php
Human errors lead to most exploits ---
What you do duringthe daythat could lead toa cyber exploit ---
Marketing Prospecting         Across                      All   Developing Deal    Closing Deal
Local and Web-based Clients --- Sending and receiving eMail    Criminals intercept and steal confidential     informatio...
All Browsers--- Browsing Websites    Criminals use Cross-site Scripting (XSS)        Spoofed websites for capturing per...
Getting your message out --- Website design    Criminals seek access control        Password cracking          Brute-f...
Increase in exploits ---   Facebook scam     Bogus Facebook warnings – June 6, 2012     Infected Apps- Software install...
Special Risks --- Cellular calls & data services    Criminals download malware to mobile devices        Android – iPhon...
Exploits Targeting Humans --- Point of Sale (POS) scams    Criminals steal credit card data        For sale on darknet ...
What you can doto preventcyber exploits ---
Keeping security tight --- Manage network   Establish Network Administrator   Stress Test System     Perimeter testing...
Reducing vulnerabilities ---   Home-based Office Solutions       Use Antivirus + Personal Firewall Solution           N...
Simple Controls   Editable Security Policy
Maintaining constant vigilance --- Practice Safe eMailing   Spam Filters     Black listing     White listing Practice...
Performance & Security ---
Top Producer CRM ---
Check security policy ---
The websites thatyou can visit to learnhow to protectyourself & your clients ---
Course Addressing Data Security   Course Addressing Privacy
Links to help you --- Identity Theft  Privacy Rights Clearinghouse  Electronic Privacy Information Center Banking Frau...
Apps for tracking latest scams ---
Databases – ISO 27001 & 27002                                        Gramm Leach Bliley ActCredit Card Payments – PCI comp...
And now?
What did we cover?   Characterize magnitude of problem   Overview of threats/vulnerabilities       Identify potential c...
Just the beginning….
Upcoming SlideShare
Loading in …5
×

Cyber Security for Real Estate Agents

740 views
593 views

Published on

A short slide show that I use for presentations to real estate agents on how to avoid being victimized by cyber criminals.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
740
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • According to FBI data, the number of suspicious activity reports related to real estate fraud filed by financial institutions jumped to 67,190 in 2009 from 6,936 in 2003. http://www.businessweek.com/magazine/the-king-of-all-vegas-real-estate-scams-12082011_page_2.html
  • Cyber Security for Real Estate Agents

    1. 1. A Real & Present Danger Jane Ginn, MRP, AIT Managing Director SedonaCyberLink
    2. 2. Why are we here today? Characterize magnitude of problem Overview of threats/vulnerabilities  Identify potential cyber exploits Outline countermeasures Online resources  Hotlinks on PowerPoint Local resources  Tech support
    3. 3. Data Security Customer Privacy
    4. 4. Exponential growth ofcriminal activityon the web ---
    5. 5. Centers of Criminal Activity ---Source: HostExploit – Global Security Report, April 2012
    6. 6. Dark Nets of Cyber Crime ---
    7. 7. What is their motivation?
    8. 8. 2011 Poneman Benchmark StudySource: Symantec
    9. 9. 2011 Patterns ---Source: Panda Labs
    10. 10. Types ---Source: McAfee 2011 Q4 Report
    11. 11. Over 50% from US, China & Brazil-http://www.securelist.com/en/analysis/204792234/Spam_report_May_2012
    12. 12. 2011 Infections ---Source: McAfee 2011 Report
    13. 13. Apple Exploits (2009 data)---http://www.sans.org/top-cyber-security-risks/trends.php
    14. 14. Human errors lead to most exploits ---
    15. 15. What you do duringthe daythat could lead toa cyber exploit ---
    16. 16. Marketing Prospecting Across All Developing Deal Closing Deal
    17. 17. Local and Web-based Clients --- Sending and receiving eMail  Criminals intercept and steal confidential information  Man-in-the-Middle Attacks (DSN example)  Criminals conduct phishing attacks (spam)  Fraud, Extortion  Recruiting for Botnet Herds  Criminals plant malware  Viruses  Spyware  Trojans  Worms
    18. 18. All Browsers--- Browsing Websites  Criminals use Cross-site Scripting (XSS)  Spoofed websites for capturing personally identifiable information (PII)  Downloading Key-Loggers  Downloading Screen-Capture Programs  Downloading rootkits  Criminals Recruit for BotNets  Distributed Denial of Service Attacks (DDoS)  Computer used as proxy for:  Peer-to-Peer hosting  Darknet usage
    19. 19. Getting your message out --- Website design  Criminals seek access control  Password cracking  Brute-force attacks  War-dialing  War-driving  Criminals want your client lists  SQL injection  Criminals can steal your client information  Graham – Leach – Bliley Act  California data breach notification law, SB1386  Criminals want your mailing lists (prospects)
    20. 20. Increase in exploits --- Facebook scam  Bogus Facebook warnings – June 6, 2012  Infected Apps- Software installer w/ Trojan Twitter hack  LulzSec posts 10,000 passwords in mid June, 2012  TweetGIF hack LinkedIn hack  6 million passwords stolen in early June, 2012  Weak password encryption (SHA1) Real estate scams – 67,190 in 2009 (FBI)
    21. 21. Special Risks --- Cellular calls & data services  Criminals download malware to mobile devices  Android – iPhone - Blackberry Mobile banking vulnerabilities  Criminals intercept mobile transmissions  Gap in the WAP vulnerability Bluetooth  Criminals can hijack bluetooth devices Wireless local area networks (LAN)  Criminals can infiltrate your network
    22. 22. Exploits Targeting Humans --- Point of Sale (POS) scams  Criminals steal credit card data  For sale on darknet sites Botnets  Criminals set up proxies on legitimate sites  Political activism  Protect activists against tyranny  Hacktivism  Conduct DDoS Attacks  Mask IP addresses for sale of illicit items (drugs, porn, PII, money mules, money laundering schemes, etc…
    23. 23. What you can doto preventcyber exploits ---
    24. 24. Keeping security tight --- Manage network  Establish Network Administrator  Stress Test System  Perimeter testing  Avoid social engineering Maintain computer updates  Patch your operating system (OS)  Patch your applications Freeze credit reports
    25. 25. Reducing vulnerabilities --- Home-based Office Solutions  Use Antivirus + Personal Firewall Solution  Norton 360, McAfee Total, Webroot Secure Anywhere  Use Specialty Software for Banking Outsourced Solutions  Hosting Service  Offsite data storage Use Secure Wireless Access  802.11i (WPA2)
    26. 26. Simple Controls Editable Security Policy
    27. 27. Maintaining constant vigilance --- Practice Safe eMailing  Spam Filters  Black listing  White listing Practice Safe web surfing  Browser security  HTTPS  Google Chrome  Cocoon (Firefox & IE) Carefully manage client lists  Salt list (proof of theft) Monitor scams on social networks
    28. 28. Performance & Security ---
    29. 29. Top Producer CRM ---
    30. 30. Check security policy ---
    31. 31. The websites thatyou can visit to learnhow to protectyourself & your clients ---
    32. 32. Course Addressing Data Security Course Addressing Privacy
    33. 33. Links to help you --- Identity Theft  Privacy Rights Clearinghouse  Electronic Privacy Information Center Banking Fraud  Federal Trade Commission Phishing Intelligence  FraudWatch International Notifications  US-CERT
    34. 34. Apps for tracking latest scams ---
    35. 35. Databases – ISO 27001 & 27002 Gramm Leach Bliley ActCredit Card Payments – PCI compliance NIST 800-122 Data Security Customer Privacy
    36. 36. And now?
    37. 37. What did we cover? Characterize magnitude of problem Overview of threats/vulnerabilities  Identify potential cyber exploits Outline countermeasures Online resources  Hotlinks on PowerPoint Local resources  Tech support
    38. 38. Just the beginning….

    ×