From "Lightning Strikes Thrice" Jan 20, 2011 (http://www.stc-carolina.org/Lightning+Strikes+Thrice). Ben Woelk of the Rochester Chapter will talk about the top ten things to do to stay safely grounded as you use social media.
5. Digital Self Defense
• Protect yourself and everyone else
• Use the right tools
• Do the right things
5
6. Avert Labs Malware Research
6
Retrieved July 24, 2009 from:
http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
7. Tip # 1 Passwords
• Weak passwords can be guessed
– Automated programs
– Personal details
• Use different passwords
– How many accounts can be accessed with
just one of your passwords?
– Password vaults
• Passphrases
7
8. Tip # 2 Patching/Updating
Patching:
• Fixes “vulnerabilities” in software
You need to:
• Turn on auto-updating (Windows, Mac OS X)
• Check regularly for application updates
(Adobe, Microsoft Office, etc.)
• ESPECIALLY ADOBE (malicious PDFs)
8
10. Tip #4 Recognize Phishing/Scams
• Purpose
– “verify/confirm/authorize” account or
personal information
• Source
– Appear to come from PayPal, banks, ISPs,
IT departments, other official or
authoritative sources
• Tone
– Appeals to fear, greed, urgency,
sympathy
10
11. Phishing Tips
• Does it seem credible?
– Misspellings, bad grammar,
formatting errors
• File attachments
– Is it expected? If not, ignore it!
• Never respond directly to e-mail
requests for private information
– Verify with company
– Don’t click on links
11
12. Phishing on Social Network Sites
12
http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
13. Tip #5 Use Social Networks Safely
Do:
• Make friends
• Use privacy settings
• Be conscious of the
image you project
Don’t:
• Post personal information
• Post schedules or whereabouts
• Post inappropriate photos
13
14. Tip #6 Remember Who Else is There
• Who else uses social networking?
– Employers
– Identity Thieves
– Online Predators
• Facebook Stalker
(http://www.youtube.com/watch?v=wCh9bmg0zGg)
14
15. What You Post Can Be Used To…
• Make judgments about your character
• Impersonate you to financial institutions
• Monitor what you do and where you go
– Theft
– Harassment
– Assault
15
16. Not YourSpace
Would I be comfortable if this
were posted on a billboard?
The Internet is public space!
• Search results
• Photo “tagging”
16
17. Tip #7 Be wary of others
• Choose your friends carefully
• "41% of Facebook users agreed to be
friends with this plastic frog,
opening themselves up to the risk
of identity theft."
• The frog’s name was Freddi Staur
– http://podcasts.sophos.com/en/sophos-
podcasts-019.mp3
17
18. Is this really your friend?
When “friends” ask for money online
• Do they speak/write like your friend?
• Do they know any details about you or
themselves that do NOT appear on Facebook
profile pages?
• Do they refuse other forms of help, phone call
requests, etc.?
Just because it is your friend’s account does not
mean that it’s your friend!
18
19. Tip #8 Search for your name
• Do a vanity search
• Set up a Google Alert
19
20. Tip #9 Guard Your Personal
Information!
• Even less sensitive information can
be exploited by an attacker!
• Don’t post it in public places
• Know to whom you’re giving it
• Watch out for Facebook Applications!!
– A 2008 study found that 90.7% of apps had
access to private user data (only 9.3% actually
used the data)
20
21. Tip #10 Use Privacy Settings
• Default settings are set to sharing information
• Adjust Facebook privacy settings to help
protect your identity
• Think carefully about who you allow to
become your friend
• Show "limited friends" a cut-down version of
your profile
• Disable options, then open them one by one
http://www.sophos.com/security/best-practice/facebook.html
22. The First Line of Defense
Stay alert—you will be the first to know if
something goes wrong
– Are you receiving odd communications from
someone?
– Is your computer sounding strange or slower
than normal?
– Has there been some kind of incident or warning
in the news?
Do something about it!
– Run a scan
– Ask for help