Topics• Social Engineering• Social Media• Physical computer security• Password security• Smartphones• Encryption• Anti Virus• Public computers• WiFi security
Social Engineering1. Dont leave password notes on your desk, under your keyboard /phone / table. You could use an password manager instead.2. Dont provide people information that they should not have.3. Always check the credentials if someone is asking for non-disclosed information. (This could be your credentials, or thepassword of your username).4. Hackers often impersonate (Spoof) users to gain information. Beaware of this threat.5. With social engineering comes the threat; Theft of financialinformation.Hackers use phishing or spear phishing techniques torequest confidential information, such as account details.
Social Engineering6. Never provide sensitive information via email. If someone tries to get you to giveout personal data, passwords, and other sensitive information via your email, dont doso. Always call back to the real source and confirm if such a request is needed.7. Be skeptical of anyone that tries to get personal data, passwords, and othersensitive information from you. Always be skeptical if anyone tries to get informationfrom you. Normally, it is very rare for a company to make you give out anyinformation, so you should never do so if you havent checked the source first and areabsolutely confident about it. It is your right not to give out any information unless it isunder extreme circumstances.8. Beware of people that call you on the phone and try to make you provide yourpersonal information, passwords, and other sensitive information. Always beskeptical if someone calls you on the phone and tries to get your personalinformation, your passwords, and other sensitive data. Always be skeptical and nevergive out any information to strangers.9. You will never get 100M USD via an e-mail contact. Spammers use varioustechniques to gain information from you. They will act like they have money waitingfor you and all they need is your credentials. Be aware of this threat.
Social Engineering10. The Govtdoes not send mass e-mails to private citizensabout cyber scams. if you received an e-mail that claims to befrom the Govt or other top official, it is most likely a scam.11. Social engineering can strike you anytime.12. Social engineering is an method that is used to obtaininformation and let people do what you want them to do.13. Attackers might use various methods to obtain theirinformation.14. When you get an security warning take it seriously!
Social Media1. Consider if you want to use your real name. (You can connect yournetwork directly to add an specific username)2. Social media is fun. Yes social media is fun as it is dangerous. Dontleave your social media page open in an public environment likeschools, cafes and other hotspots.3. Applications are fun. Yes, applications are fun as they aredangerous. Applications need information for their databases. Thesedatabases could belong to anyone. So before you download or installan application check the source of the application. You dont want yourinformation in the hands of cyber criminals right?4. @Cyberwarzonecom OMG, someone just posted an picture followthis link bla bla bla. Hackers often use messages that people will clickon. Social media is an great resource for hackers as everyone isconnected. When you click on an Malicious link you will get infected bymalware that will extract your credentials to an criminal database.
Social Media5. I got 21513 friends. DONT!!! only accept people that you know toyour social media network. This will protect you from harm.6. Dont share your password with others!7. Beware of shoulder-surfers when typing in your password, orsensitive information.8. SSL keeps you safe. Pay attention to the SSL errors when browsing.9. Recognize current phishing, phishing and other scams.10. Malicious content is crawling social media. Be aware of surveysthat like collecting your information.
Physicial computer security1. Before you turn on a computer check if it has weird objects connect to it.People could use physical keyloggers to gain your information.2. Dont leave your smartphone, computer, laptop, notebook or whateverwith personal information unattended or unsecured.3. Lock your plugin hardware. People could gain acces to your workingenvironment. It would be an easy way for an criminal to take the pluginhardware with him. Lock op your external harddrive, USB sticks.4. Dont toss around with your USB sticks. Keep them safe and encrypt them!5. When your harddisk or memory is declared dead be sure to dispose themin an secured way. Put them in an bag and hammer them to pieces. Greatworkout.
Physicial computer security6. Dont mix your laptop that you use for you work as an multimedialaptop. Keep work and fun separated when dealing with information.7. Turn off your WiFi, either in the OS or using a physical switch (if youhave one), when not in use.8. Almost any device can be used to record audio and/orvideo, including smartphones, watches and buttons.9. Disconnect the internet cable when you are done with thecomputer. This will prevent a Wake on Lan attack.10. Use secure wiping functionality (Disk Utility) or tools to erasedrives/devices before giving or selling them.
Password security1. Use password generators to create passwords for you and then addan extra character that you prefer to the generated password.2. Use password managers to manage your passwords for you.3. Keep your password secret.4. Do change your password on a regular basis.5. Prevent the use of easy to guess passwords like; 12345, welcome.Hackers use password lists to brute force accounts. These listsexpand millions of passwords
Password security6. Dont use the same password.7. Dont leave password notes on your desk, under yourkeyboard / phone / table. You could use an password managerinstead.8. Make sure that your credentials travel via HTTPS protocol.9. Set strong (hard to guess) secret questions and answers.10. Disable auto-login.
Smartphones1. Be carefull with your contact list. Your list could contain potentialinformation for hackers. If you lose your phone be sure to inform your contactabout it.2. Smartphones are used on a daily basis. We cant imagine a world withoutthem. These smartphones contain a lot of information. Be sure to keep thatinformation close.3. Dont just install all types of applications. When you delete anapplication, remember to delete the account you created with it.4. Your smartphone has an harddisk and an memory drive. Remember towipe them before you decide to sell or trade them.5. Set your phone to lock, or time out, after a certain period ofinactivity, requiring a password to get back in. All of the major smartphoneoperating systems support this function.
Smartphones6. Third-Party Apps That Share Too Much. When you install a third-party app, you grant it certain privileges. Those privileges may includeaccess to your physical location, contact information (yours and that ofothers), or other personal data7. GEO-location. Do you really want people to know where you are?8. WiFi for free. Be aware that when you are connected to a accesspoint someone could right out all your information.9. Disable WiFi, Bluetooth when you are not using it.
Encryption1. Use encryption software to encrypt your information.2. Make sure that only you know the encryptionpassword.3. Dont write the encryption password down.
Anti virus1. Use an anti-virus on your computer. If youcant pay one get one for free. You can use themicrosoft security essentials to protect yourcomputer.2. Update your anti virus. Your anti virus uses andatabase with signatures. This database needsto get updated so it can recognize new threats.3. Run your anti virus on a regular basis.
Public computers1. Prevent logging in on public computers.2. Disable auto-login.3. Check for weird objects like keyloggers.4. Use secured protocols like HTTPS.5. Dont store files on public computers.6. Be aware of your environment.7. Delete your browsing history.8. Delete your cookies.9. Delete auto-forms.10. Prevent using public computers.
WiFi Security1. Use a strong password.2. Don’t broadcast your SSID.3. Use good wireless encryption.4. Use another layer of encryption when possible5. Restrict access by MAC address.6. Shut down the network when it’s not being used.7. Shut down your wireless network interface, too.8. Monitor your network for intruders.9. Cover the bases.10. Don’t waste your time on ineffective securitymeasures.