Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
1 of 32

Staying Safe Online (for kids)

0

Share

Download to read offline

Cybersecurity for kids, discusses phishing attacks, malware, and some basic tips for helping young adults identify attacks and what they can do to protect themselves.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Staying Safe Online (for kids)

  1. 1. ©2009CarnegieMellonUniversity:1 Staying Safe Online iTeams 2013 Jason Hong
  2. 2. ©2013CarnegieMellonUniversity:2
  3. 3. ©2013CarnegieMellonUniversity:3 What do you do here?
  4. 4. ©2013CarnegieMellonUniversity:4 How to Tell It’s a Fake?
  5. 5. ©2013CarnegieMellonUniversity:5
  6. 6. ©2013CarnegieMellonUniversity:6 URLs tell you what web site you are really on • Let’s say we want to know if we are at Wombank.com
  7. 7. ©2013CarnegieMellonUniversity:7
  8. 8. ©2013CarnegieMellonUniversity:8
  9. 9. ©2013CarnegieMellonUniversity:9 How to Tell It’s a Fake?
  10. 10. ©2013CarnegieMellonUniversity:10 Fake or not? • http://ellsped.org/.google-docs.com/docs/ • http://facebook-info.ucoz.pl/Facedook-bde/ • https://www.facebook.com/ • http://www3.nationalgeographic.com • http://www.skype7.com/it • http://192.232.251.34/~cdslocal/paypal.com Takeaway 1: Learn where URLs are in the browser and how to read them
  11. 11. ©2013CarnegieMellonUniversity:11 When in Doubt, Don’t Click! Search for it online Takeaway 2: Use search engines to look up information if not sure
  12. 12. ©2013CarnegieMellonUniversity:12 Scammers can’t fake this part Takeaway 3: Scammers can put anything in the browser content area Takeaway 4: It’s easy to create fake web sites
  13. 13. ©2013CarnegieMellonUniversity:13
  14. 14. ©2013CarnegieMellonUniversity:14
  15. 15. ©2013CarnegieMellonUniversity:15 Takeaway 5: Be suspicious of any site that asks you for too much info, especially your password
  16. 16. ©2013CarnegieMellonUniversity:16 Who is Attacking, and Why?
  17. 17. ©2013CarnegieMellonUniversity:17 Who is Attacking, and Why? • Mainly computer hackers, all around the world (some organized crime) • Reason is mainly money – Spread spam on Facebook – Trick you into sending money • “Stuck in London scam” – Trick your friends into installing malware Takeaway 6: Anyone can be a target
  18. 18. ©2013CarnegieMellonUniversity:18 Malware • General term for “malicious software” – Viruses, worms, adware • Attack other computers • Attack your friends • Steal your parents’ bank accounts • Steal your virtual goods – Ex. World of Warcraft and other MMORPGs
  19. 19. ©2013CarnegieMellonUniversity:19 Looks legitimate, but it’s not! This is known as Fake Anti-Virus. Don’t click it! Just close the window.
  20. 20. ©2013CarnegieMellonUniversity:20 Other Examples of Fake AV Takeaway 7: Never install software you weren’t expecting to install
  21. 21. ©2013CarnegieMellonUniversity:21
  22. 22. ©2013CarnegieMellonUniversity:22 This is fake. Don’t ever install software this way. Go to Adobe’s site and update.
  23. 23. ©2013CarnegieMellonUniversity:23 Another Example of Fake Software
  24. 24. ©2013CarnegieMellonUniversity:24 Fake. Never install software you weren’t expecting. Also, look at the URL
  25. 25. ©2013CarnegieMellonUniversity:25 Also fake, look at the URL. Also, all web browsers auto-update now.
  26. 26. ©2013CarnegieMellonUniversity:26 Summary • Being online can be fun, but there are also a lot of bad people out there – Want you to click on things – Want you to give them your password – Want you to install malware
  27. 27. ©2013CarnegieMellonUniversity:27 You can protect yourself with basic precautions 1. Learn how to read URLs 2. Use search engines when in doubt 3. Scammers can put anything in the browser content area 4. It’s easy to create fake web sites 5. Be suspicious of any site that asks you for too much info, especially your password 6. Anyone can be a target 7. Never install software you weren’t expecting to install
  28. 28. ©2013CarnegieMellonUniversity:28 More Information • Cybersecurity for young adults https://www.mysecurecyberspace.com/ – Good passwords – Password reuse (don’t reuse passwords!) – Cyberbullying – Safe social networking
  29. 29. ©2013CarnegieMellonUniversity:29 More Information Commercially • Products for training people about cybersecurity http://wombatsecurity.com/ (Note: I’m a co-founder of Wombat)
  30. 30. ©2013CarnegieMellonUniversity:30 Extra backup slides
  31. 31. ©2013CarnegieMellonUniversity:31 Most Common Passwords (These are bad passwords)
  32. 32. ©2013CarnegieMellonUniversity:32

Editor's Notes

  • These slides are by Jason Hong, a professor of computer science at Carnegie Mellon University.These slides were used at iTeams 2013, a camp for kids to learn about technology and entrepreneurship.Teaching kids cybersecurity was the main goal of my short 20 minute talk.Feel free to reuse and modify.
  • Picture from http://nakedsecurity.sophos.com/2012/06/12/beware-fake-facebook-notifications/
  • Picture from a real fake web site (via PhishTank).At this point, most kids will say that they will login, which is the wrong thing to do because the screens we just saw were fake.
  • How can you tell that it’s fake? Well, the only real hints you have are highlighted here, in terms of the email address and the URL (or web address). So let’s teach you how to read these email addresses and web addresses, so you can avoid these kinds of attacks.
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil.Anti-Phishing Phil is a game that teaches people how to identify phishing scams.(Note: for disclosure purposes, Jason Hong is also a co-founder of Wombat Security)
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
  • The only real tricky one here is the 4th one, National Geographic. Usually, about half of people will get it right, the other half won’t.It’s actually legitimate. This point actually leads nicely to the next slide, which is that if you aren’t sure, then use a search engine instead.Don’t click on strange links in email or Facebook, look up your destination instead.
  • It’s important to emphasize that bad guys can put any content they want in the browser content area.It’s also really easy to create a fake web page that looks legitimate.But it’s hard for them to fake the web address part.
  • I included this screenshot because Blizzard games are popular (World of Warcraft, Diablo, Starcraft, etc). Can emphasize that this is how a lot of gamers get hacked.
  • Here, I ask the kids about who is attacking, and why do they care?The basic answer is that there are a range of bad guys (small time to professional), and most of them care about making money off of you.
  • Takeaway 6 is trying to make sure that the kids understand that anyone can be a target. It’s not just rich people, it’s not just executives, it really can be anyone.Only a handful of kids seem to have heard of malware before too.
  • Good to emphasize that learning this material can help the kids protect themselves as well as their parents, siblings, and friends.
  • Here’s one example of malware, which is fake anti-virus.
  • Some more fake anti-virus. Simple lesson here is don’t install software that you weren’t expecting to install.http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/computer-viruses/fake-antivirus-warnings
  • Koobface example. These are fake messages that try to get you to install fake video software.http://news.cnet.com/koobface-virus-hits-facebook/
  • Koobface example, trying to trick you into “updating” your video software.
  • http://www.tomshardware.com/news/imperva-rockyou-most-common-passwords,9486.html
  • From Wall Street Journal about how Facebook spam works.
  • ×