Top Ten Ways to Shockproof Your Use of Social Media

1,096 views

Published on

Presentation given at joint webinar hosted by the Rochester, Carolina, and Southeastern Michigan chapters of the Society for Technical Communication

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,096
On SlideShare
0
From Embeds
0
Number of Embeds
56
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • If your operating system is not running with critical security patches, you may be blocked from the RIT network until your system is updated. Turn on automatic updating for Windows and Mac OS operating systems. Security.rit.edu provides information on configuring automatic updates. Check regularly for updates on software and applications that don’t have an automatic update feature.
  • Targets hundreds or thousands of people using botnets to send e-mail and instant messages that direct people to download malicious attachments or visit spoofed websites. Often appear to come from PayPal, banks, or other financial institutions. The comments/message board sections on social networking websites has become a very popular attack vector for spam, phishing, and malware. If you receive something suspicious, report it to infosec@rit.edu or the ITS HelpDesk.
  • Per the MarkMonitor Brandjacking Index for Spring 2009: Phish attacks targeting social networks have grown 241 percent from Q1 2008 to Q1 2009 and have grown 1,500-fold since we first started tracking the category in 2007.
  • DO: Use privacy settings (visit security.rit.edu for more information) DON’T use these sites to: Post personal information (contact info, class schedule, residence, etc.). A talented hacker can see this, even if you’ve restricted your privacy settings! Post potentially embarrassing or compromising photos. It’s hard to deny you’ve done something when you post a photo of it. Be aware of what photos you’re being “tagged” in—don’t hesitate to ask others to remove photographs of you from their pages. Publicize which events you’ll be attending Your friends might not be the only ones looking!
  • RIT – No, RIT does not log your every move online; however, Public Safety and other the Center for Student Conduct do receive reports of online postings where there may be evidence of conduct violations. These postings may become part of investigative reports.
  • Despite the name, this is not your space! This is public space which you do not own. Many students think that only their friends and peers look at their profiles. Even if you delete your profile your information is likely to stay on the web: Browser caching Server backups Search results (even content from “private” profiles may be revealed through searches)
  • Top Ten Ways to Shockproof Your Use of Social Media

    1. 1. Ben Woelk Policy and Awareness Analyst Rochester Institute of Technology 585.475.4122 [email_address] Ten Ways to Shockproof Your Use of Social Media
    2. 2. Introduction <ul><li>Everyone is a target </li></ul><ul><li>Identity theft is big business </li></ul><ul><li>You can’t rely on others to protect you </li></ul>
    3. 3. Identity Theft <ul><li>What’s the problem with this picture? </li></ul>
    4. 4. General Trends https://www.cisco.com/en/US/prod/collateral/vpndevc/security_annual_report_2010.pdf
    5. 5. Digital Self Defense <ul><li>Protect yourself and everyone else </li></ul><ul><li>Use the right tools </li></ul><ul><li>Do the right things </li></ul>
    6. 6. Avert Labs Malware Research Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good /
    7. 7. Tip # 1 Passwords <ul><li>Weak passwords can be guessed </li></ul><ul><ul><li>Automated programs </li></ul></ul><ul><ul><li>Personal details </li></ul></ul><ul><li>Use different passwords </li></ul><ul><ul><li>How many accounts can be accessed with just one of your passwords? </li></ul></ul><ul><ul><li>Password vaults </li></ul></ul><ul><li>Passphrases </li></ul>
    8. 8. Tip # 2 Patching/Updating <ul><li>Patching: </li></ul><ul><li>Fixes “vulnerabilities” in software </li></ul><ul><li>You need to: </li></ul><ul><li>Turn on auto-updating (Windows, Mac OS X) </li></ul><ul><li>Check regularly for application updates (Adobe, Microsoft Office, etc.) </li></ul><ul><li>ESPECIALLY ADOBE (malicious PDFs) </li></ul>
    9. 9. Tip #3 Security Software <ul><li>Anti-Virus Protection </li></ul><ul><li>Firewall </li></ul><ul><li>Anti-Spyware Protection </li></ul>
    10. 10. Tip #4 Recognize Phishing/Scams <ul><li>Purpose </li></ul><ul><ul><li>“ verify/confirm/authorize” account or personal information </li></ul></ul><ul><li>Source </li></ul><ul><ul><li>Appear to come from PayPal, banks, ISPs, IT departments, other official or authoritative sources </li></ul></ul><ul><li>Tone </li></ul><ul><ul><li>Appeals to fear, greed, urgency, sympathy </li></ul></ul>
    11. 11. Phishing Tips <ul><li>Does it seem credible? </li></ul><ul><ul><li>Misspellings, bad grammar, formatting errors </li></ul></ul><ul><li>File attachments </li></ul><ul><ul><li>Is it expected? If not, ignore it! </li></ul></ul><ul><li>Never respond directly to e-mail requests for private information </li></ul><ul><ul><li>Verify with company </li></ul></ul><ul><ul><li>Don’t click on links </li></ul></ul>
    12. 12. Phishing on Social Network Sites <ul><li>http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf </li></ul>
    13. 13. Tip #5 Use Social Networks Safely <ul><li>Do: </li></ul><ul><li>Make friends </li></ul><ul><li>Use privacy settings </li></ul><ul><li>Be conscious of the image you project </li></ul><ul><li>Don’t: </li></ul><ul><li>Post personal information </li></ul><ul><li>Post schedules or whereabouts </li></ul><ul><li>Post inappropriate photos </li></ul>
    14. 14. Tip #6 Remember Who Else is There <ul><li>Who else uses social networking? </li></ul><ul><ul><li>Employers </li></ul></ul><ul><ul><li>Identity Thieves </li></ul></ul><ul><ul><li>Online Predators </li></ul></ul><ul><li>Facebook Stalker </li></ul><ul><li>(http://www.youtube.com/watch?v=wCh9bmg0zGg ) </li></ul>
    15. 15. What You Post Can Be Used To… <ul><li>Make judgments about your character </li></ul><ul><li>Impersonate you to financial institutions </li></ul><ul><li>Monitor what you do and where you go </li></ul><ul><ul><li>Theft </li></ul></ul><ul><ul><li>Harassment </li></ul></ul><ul><ul><li>Assault </li></ul></ul>
    16. 16. Not YourSpace <ul><li>Would I be comfortable if this were posted on a billboard? </li></ul><ul><li>The Internet is public space ! </li></ul><ul><li>Search results </li></ul><ul><li>Photo “tagging” </li></ul>
    17. 17. Tip #7 Be wary of others <ul><li>Choose your friends carefully </li></ul><ul><li>&quot; 41% of Facebook users agreed to be friends with this plastic frog, opening themselves up to the risk of identity theft.&quot; </li></ul><ul><li>The frog’s name was Freddi Staur </li></ul><ul><ul><li>http://podcasts.sophos.com/en/sophos-podcasts-019.mp3 </li></ul></ul>
    18. 18. Is this really your friend? <ul><li>When “friends” ask for money online </li></ul><ul><li>Do they speak/write like your friend? </li></ul><ul><li>Do they know any details about you or themselves that do NOT appear on Facebook profile pages? </li></ul><ul><li>Do they refuse other forms of help, phone call requests, etc.? </li></ul><ul><li>Just because it is your friend’s account does not mean that it’s your friend! </li></ul>
    19. 19. Tip #8 Search for your name <ul><li>Do a vanity search </li></ul><ul><li>Set up a Google Alert </li></ul>
    20. 20. Tip #9 Guard Your Personal Information! <ul><li>Even less sensitive information can be exploited by an attacker! </li></ul><ul><li>Don’t post it in public places </li></ul><ul><li>Know to whom you’re giving it </li></ul><ul><li>Watch out for Facebook Applications!! </li></ul><ul><ul><li>A 2008 study found that 90.7% of apps had access to private user data (only 9.3% actually used the data) </li></ul></ul>
    21. 21. Tip #10 Use Privacy Settings <ul><li>Default settings are set to sharing information </li></ul><ul><li>Adjust Facebook privacy settings to help protect your identity </li></ul><ul><li>Think carefully about who you allow to become your friend </li></ul><ul><li>Show &quot;limited friends&quot; a cut-down version of your profile </li></ul><ul><li>Disable options, then open them one by one </li></ul>http://www.sophos.com/security/best-practice/facebook.html
    22. 22. The First Line of Defense <ul><li>Stay alert—you will be the first to know if something goes wrong </li></ul><ul><ul><li>Are you receiving odd communications from someone? </li></ul></ul><ul><ul><li>Is your computer sounding strange or slower than normal? </li></ul></ul><ul><ul><li>Has there been some kind of incident or warning in the news? </li></ul></ul><ul><li>Do something about it! </li></ul><ul><ul><li>Run a scan </li></ul></ul><ul><ul><li>Ask for help </li></ul></ul>

    ×