• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Staying Safe Online (for kids)
 

Staying Safe Online (for kids)

on

  • 688 views

Cybersecurity for kids, discusses phishing attacks, malware, and some basic tips for helping young adults identify attacks and what they can do to protect themselves.

Cybersecurity for kids, discusses phishing attacks, malware, and some basic tips for helping young adults identify attacks and what they can do to protect themselves.

Statistics

Views

Total Views
688
Views on SlideShare
687
Embed Views
1

Actions

Likes
0
Downloads
8
Comments
0

1 Embed 1

https://twitter.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • These slides are by Jason Hong, a professor of computer science at Carnegie Mellon University.These slides were used at iTeams 2013, a camp for kids to learn about technology and entrepreneurship.Teaching kids cybersecurity was the main goal of my short 20 minute talk.Feel free to reuse and modify.
  • Picture from http://nakedsecurity.sophos.com/2012/06/12/beware-fake-facebook-notifications/
  • Picture from a real fake web site (via PhishTank).At this point, most kids will say that they will login, which is the wrong thing to do because the screens we just saw were fake.
  • How can you tell that it’s fake? Well, the only real hints you have are highlighted here, in terms of the email address and the URL (or web address). So let’s teach you how to read these email addresses and web addresses, so you can avoid these kinds of attacks.
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil.Anti-Phishing Phil is a game that teaches people how to identify phishing scams.(Note: for disclosure purposes, Jason Hong is also a co-founder of Wombat Security)
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • The only real tricky one here is the 4th one, National Geographic. Usually, about half of people will get it right, the other half won’t.It’s actually legitimate. This point actually leads nicely to the next slide, which is that if you aren’t sure, then use a search engine instead.Don’t click on strange links in email or Facebook, look up your destination instead.
  • It’s important to emphasize that bad guys can put any content they want in the browser content area.It’s also really easy to create a fake web page that looks legitimate.But it’s hard for them to fake the web address part.
  • I included this screenshot because Blizzard games are popular (World of Warcraft, Diablo, Starcraft, etc). Can emphasize that this is how a lot of gamers get hacked.
  • Here, I ask the kids about who is attacking, and why do they care?The basic answer is that there are a range of bad guys (small time to professional), and most of them care about making money off of you.
  • Takeaway 6 is trying to make sure that the kids understand that anyone can be a target. It’s not just rich people, it’s not just executives, it really can be anyone.Only a handful of kids seem to have heard of malware before too.
  • Good to emphasize that learning this material can help the kids protect themselves as well as their parents, siblings, and friends.
  • Here’s one example of malware, which is fake anti-virus.
  • Some more fake anti-virus. Simple lesson here is don’t install software that you weren’t expecting to install.http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/computer-viruses/fake-antivirus-warnings
  • Koobface example. These are fake messages that try to get you to install fake video software.http://news.cnet.com/koobface-virus-hits-facebook/
  • Koobface example, trying to trick you into “updating” your video software.
  • http://www.tomshardware.com/news/imperva-rockyou-most-common-passwords,9486.html
  • From Wall Street Journal about how Facebook spam works.

Staying Safe Online (for kids) Staying Safe Online (for kids) Presentation Transcript

  • ©2009CarnegieMellonUniversity:1 Staying Safe Online iTeams 2013 Jason Hong
  • ©2013CarnegieMellonUniversity:2
  • ©2013CarnegieMellonUniversity:3 What do you do here?
  • ©2013CarnegieMellonUniversity:4 How to Tell It’s a Fake?
  • ©2013CarnegieMellonUniversity:5
  • ©2013CarnegieMellonUniversity:6 URLs tell you what web site you are really on • Let’s say we want to know if we are at Wombank.com
  • ©2013CarnegieMellonUniversity:7
  • ©2013CarnegieMellonUniversity:8
  • ©2013CarnegieMellonUniversity:9 How to Tell It’s a Fake?
  • ©2013CarnegieMellonUniversity:10 Fake or not? • http://ellsped.org/.google-docs.com/docs/ • http://facebook-info.ucoz.pl/Facedook-bde/ • https://www.facebook.com/ • http://www3.nationalgeographic.com • http://www.skype7.com/it • http://192.232.251.34/~cdslocal/paypal.com Takeaway 1: Learn where URLs are in the browser and how to read them
  • ©2013CarnegieMellonUniversity:11 When in Doubt, Don’t Click! Search for it online Takeaway 2: Use search engines to look up information if not sure
  • ©2013CarnegieMellonUniversity:12 Scammers can’t fake this part Takeaway 3: Scammers can put anything in the browser content area Takeaway 4: It’s easy to create fake web sites
  • ©2013CarnegieMellonUniversity:13
  • ©2013CarnegieMellonUniversity:14
  • ©2013CarnegieMellonUniversity:15 Takeaway 5: Be suspicious of any site that asks you for too much info, especially your password
  • ©2013CarnegieMellonUniversity:16 Who is Attacking, and Why?
  • ©2013CarnegieMellonUniversity:17 Who is Attacking, and Why? • Mainly computer hackers, all around the world (some organized crime) • Reason is mainly money – Spread spam on Facebook – Trick you into sending money • “Stuck in London scam” – Trick your friends into installing malware Takeaway 6: Anyone can be a target
  • ©2013CarnegieMellonUniversity:18 Malware • General term for “malicious software” – Viruses, worms, adware • Attack other computers • Attack your friends • Steal your parents’ bank accounts • Steal your virtual goods – Ex. World of Warcraft and other MMORPGs
  • ©2013CarnegieMellonUniversity:19 Looks legitimate, but it’s not! This is known as Fake Anti-Virus. Don’t click it! Just close the window.
  • ©2013CarnegieMellonUniversity:20 Other Examples of Fake AV Takeaway 7: Never install software you weren’t expecting to install
  • ©2013CarnegieMellonUniversity:21
  • ©2013CarnegieMellonUniversity:22 This is fake. Don’t ever install software this way. Go to Adobe’s site and update.
  • ©2013CarnegieMellonUniversity:23 Another Example of Fake Software
  • ©2013CarnegieMellonUniversity:24 Fake. Never install software you weren’t expecting. Also, look at the URL
  • ©2013CarnegieMellonUniversity:25 Also fake, look at the URL. Also, all web browsers auto-update now.
  • ©2013CarnegieMellonUniversity:26 Summary • Being online can be fun, but there are also a lot of bad people out there – Want you to click on things – Want you to give them your password – Want you to install malware
  • ©2013CarnegieMellonUniversity:27 You can protect yourself with basic precautions 1. Learn how to read URLs 2. Use search engines when in doubt 3. Scammers can put anything in the browser content area 4. It’s easy to create fake web sites 5. Be suspicious of any site that asks you for too much info, especially your password 6. Anyone can be a target 7. Never install software you weren’t expecting to install
  • ©2013CarnegieMellonUniversity:28 More Information • Cybersecurity for young adults https://www.mysecurecyberspace.com/ – Good passwords – Password reuse (don’t reuse passwords!) – Cyberbullying – Safe social networking
  • ©2013CarnegieMellonUniversity:29 More Information Commercially • Products for training people about cybersecurity http://wombatsecurity.com/ (Note: I’m a co-founder of Wombat)
  • ©2013CarnegieMellonUniversity:30 Extra backup slides
  • ©2013CarnegieMellonUniversity:31 Most Common Passwords (These are bad passwords)
  • ©2013CarnegieMellonUniversity:32