Upload File

cybersecurity awareness training · malicious websites and drive-by downloads, p2p file sharing....

  • Home
  • Documents
  • Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social
43
Cybersecurity Awareness Training be vigilant but unafraid! Leo F. Howell C hief Information S ecurity Officer [email protected]

Upload: others

Post on 05-Aug-2020

10 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Cybersecurity Awareness Trainingbe vigilant but unafraid

Leo F HowellC hief Information S ecurity Officerlfhowelluoregonedu

University1 COMPLIANCE increases business

opportunities required bya) DFAR FAR Data Use Agreements (research)b) HIPAA FERPAGLBA (financial aid)c) GDPR (EU persons)d) State Laws (OR CA CT hellip)

2 DATA BREACHES cause financial amp reputational losses

3 DENIAL OF SERVICE disrupts operations4 SOCIAL RESPONSIBILITY extends to Data

Protection

Why YOU should careYOU1 Research at risk2 Bank Account may be emptied3 Medical Records subject to theft

or exposure4 Embarrassment via exposure of

private social media interactions5 Computers Locked for ransom6 Indictment without guilt

Meet the adversary

Script Kiddies

Nation StatesOrganized CrimesInsiders

Hacktivists Hacktivist

Common attack methods

bull Email - Phishingbull Phone - Vishingbull Text - Smishing

Phishing

bull Password theftbull Backdoorsbull Website exploits

Hacking

bull Ransomwarebull Key loggersbull Spyware

Malware

Can you spot the phish1 Fake D0mains uoregonedu d2 Urgency

3 Impers onated Unknown S ender

4 Unexpected Unus ual R eques t Tone

5 Flattery

6 Letter S ub5titution5

7 B ad G rammra

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 2: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

University1 COMPLIANCE increases business

opportunities required bya) DFAR FAR Data Use Agreements (research)b) HIPAA FERPAGLBA (financial aid)c) GDPR (EU persons)d) State Laws (OR CA CT hellip)

2 DATA BREACHES cause financial amp reputational losses

3 DENIAL OF SERVICE disrupts operations4 SOCIAL RESPONSIBILITY extends to Data

Protection

Why YOU should careYOU1 Research at risk2 Bank Account may be emptied3 Medical Records subject to theft

or exposure4 Embarrassment via exposure of

private social media interactions5 Computers Locked for ransom6 Indictment without guilt

Meet the adversary

Script Kiddies

Nation StatesOrganized CrimesInsiders

Hacktivists Hacktivist

Common attack methods

bull Email - Phishingbull Phone - Vishingbull Text - Smishing

Phishing

bull Password theftbull Backdoorsbull Website exploits

Hacking

bull Ransomwarebull Key loggersbull Spyware

Malware

Can you spot the phish1 Fake D0mains uoregonedu d2 Urgency

3 Impers onated Unknown S ender

4 Unexpected Unus ual R eques t Tone

5 Flattery

6 Letter S ub5titution5

7 B ad G rammra

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 3: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Meet the adversary

Script Kiddies

Nation StatesOrganized CrimesInsiders

Hacktivists Hacktivist

Common attack methods

bull Email - Phishingbull Phone - Vishingbull Text - Smishing

Phishing

bull Password theftbull Backdoorsbull Website exploits

Hacking

bull Ransomwarebull Key loggersbull Spyware

Malware

Can you spot the phish1 Fake D0mains uoregonedu d2 Urgency

3 Impers onated Unknown S ender

4 Unexpected Unus ual R eques t Tone

5 Flattery

6 Letter S ub5titution5

7 B ad G rammra

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 4: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Common attack methods

bull Email - Phishingbull Phone - Vishingbull Text - Smishing

Phishing

bull Password theftbull Backdoorsbull Website exploits

Hacking

bull Ransomwarebull Key loggersbull Spyware

Malware

Can you spot the phish1 Fake D0mains uoregonedu d2 Urgency

3 Impers onated Unknown S ender

4 Unexpected Unus ual R eques t Tone

5 Flattery

6 Letter S ub5titution5

7 B ad G rammra

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 5: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Can you spot the phish1 Fake D0mains uoregonedu d2 Urgency

3 Impers onated Unknown S ender

4 Unexpected Unus ual R eques t Tone

5 Flattery

6 Letter S ub5titution5

7 B ad G rammra

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 6: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Dear Dr [X]

I recently read your article [Title] It was very useful in my field of researchI wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellip

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 7: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 8: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Phishing-4-faculty withhellipflattery grammar fake domain urgencyDear Dr [X]

I recently read your article [Title] It was very useful in my field of research I wonder if possible to send me these articles to use in my current research

httpshibbolethuoregonedudinidpAuthnloginphpurl=httpwwwsciencedirectcomsciencearticlepiiS03085961100HT00238 38

Thanks for you Cooperation in AdvanceAssoc Prof [Name]

o $34B IP Thefto 3800 Professors targeted acrosso 144 US universitieso 10 Indictments

o 60+ UO Faculty amp Staff Compromised

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 9: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Phishing-4-whales withhellip

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open

Kindly let me have your opinion

Michael Schill541-346-3936President

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 10: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Phishing-4-whales withhellipsender impersonation bad link tone

From Michael Schill [mailtomarkrossemailolympicorg]

Sent Friday March 02 2018 202 PM

Subject Michael Schill as Shared a file with you using One Drive

Hello

Please find attached the Look Ahead files for Friday March 2nd2018

Open = httpko-ontapcomcatindexhtml

Kindly let me have your opinion

Michael Schill541-346-3936President

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 11: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Gift card scam withhellip

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 12: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Gift card scamhellipfake domain context urgency

From bartconoveruoregoncom

Hello You

P lease purchase 6 gift cards valued at $250 each and send me the numbers right away I will tell you a funny story about this when I return to the office but send me those cards NOW

B art

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 13: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Unable to display message phish

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 14: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Logged out due to inactivity Sign in to continue

www-svhamsgload9icu

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 15: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Unable to display message phish

www-svhamsgload9icu

27K Users Received the Msg15K Users Read Msg62K Msg Deleted by Security653 Users CompromisedDisabled15K Users Password Changes$80K+ in person-hours for Response

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 16: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Direct Deposit Prelude

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 17: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

jw13925mybristolacuk

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 18: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

httpsimoladormilorghellip

httpsduckwebuoregonedu

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 19: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

httpswwwvocation100comswelm

httptrafficpillarcomperara

httpmacvalleycottoncomau

httpleojabercombr

jw13925mybristolacukbull ~ 80 users suspected of giving up DuckIDs amp passwords andor 95s amp PACs

bull 14 usersrsquo direct deposit accounts and routing numbers changed to the hackerrsquos

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 20: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Key Message on Phishing

Dont get P his hed S mis hed Vis hed hellip

B y a

Dumb Hacker

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 21: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password game

123456LetmeinFootballIloveyouAdmin

WelcomeMonkeyAbc123

helloStarwars

- Time 2017

G ood Ones B ad Ones

Wr 15 bd 1wy5 Strong (76)

My 3y3s r3 p1nk Strong (70)

This is my story Strong (69)

What is fake news Strong (87)

My secret bucket list item is to sing in public

Very Strong (217)

I hate math but I totally dig chemistry

Very Strong (197)

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 22: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password GameORG ood One B ad One

toddbay Toddbay$Username Password

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 23: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password GameORG ood One B ad One

marys IloveyouUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 24: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password GameORG ood One B ad One

samanp TheRt5atemydinnerUsername Password

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 25: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password GameORG ood One B ad One

samanp TheRt5atemydinner2Username Password

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 26: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Password GameORG ood One B ad One

mandyt IwillgobcktoVTUsername Password

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 27: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

General password tipsbull Use password-phrase instead

bull Use 2-Factor Authentication

bull Use 5ub5t1tut10n5

bull Use more than 10 chars

bull Use different passwords for different domains (Yahoo Facebook S nap C hat UOR E G ONE DU)

bull C hange them regularly ndash at least every 6 months

bull Use a password manager (like K eyP ass or LastP ass)

bull Never use login as password

bull Never s tore them under keyboards desk drawers s ticky notes on monitor

bull S tore a clue in your walletpurse

bull Never s tore them on refrigerator

bull Never ever share passwords with anyone

bull Never send them in email

bull Never enter them with a ldquoshoulder surferrdquo present

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 28: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

TrojansViruses

BotsZombies

Ransomware

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 29: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Dangers of malwarehellipto

YOUto

OTHERS

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 30: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

How do I get infected

social engineering via email instant messaging social media

malicious websites and drive-by downloads P2P file sharing

malvertising man-in-the-middle attacks exploit kits

Presenter
Presentation Notes
Social Engineering - Social engineering is one of the most popular malware delivery methods because it involves the manipulation of human emotions Social engineering uses spam phishing via email instant messages social media and more The goal is to try to trick the user into downloading malware or clicking a link to a compromised website that hosts the malware Usually the messages come in the form of a scare tactic stating that there is something wrong with an account and that the user should immediately click on the link to log into their account or download an attachment that conceals malware The link will lead the user to a copy of the legitimate website in the hopes that the user will enter their credentials for the site so they can be captured by the cyber criminal13Exploit Kit - Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a targetrsquos computer The kits come with prewritten code that will search for the vulnerabilities and once it is found the kit can then inject malware into the computer through that security hole13Malicious Websites and Drive-by-downloads - A drive-by-download is a download that occurs when a user visits a malicious website that is hosting an exploit kit There is no interaction needed on the userrsquos part other than visiting the infected webpage The exploit kit will look for a vulnerability in the software of the browser and inject malware via the security hole13Malvertising - Malicious advertising is a relatively new threat that is rising in popularity amongst cybercriminals The hacker will purchase legitimate advertising space on legitimate websites and within the add will be malicious code Similar to a drive-by-download there is no interaction needed on the usersrsquo part to download the malware13Man-in-the-middle (MitM) Attack - A Man-in-the-middle (MitM) attack employs the use of an unsecured or poorly secured usually public Wi-Fi router The hacker will then scan the router using special code looking for certain weaknesses such as default or poor password use Once the attacker has found the vulnerability they will then insert themselves in between the usersrsquo computer and the websites the user visits and intercept the messages being transmitted between the two13Man-in-the-browser (MitB) Attack - Similar to a MitM attack all an attacker needs to do is inject malware into the computer which will then install itself into the browser without the usersrsquo knowledge This malware will then record the data that is being sent between the victim and specifically targeted websites Once the malware has collected the data it was programmed to collect it then transmits that data back to the attacker While the two attacks have the same goal this attack is simpler in nature as the attacker does not need to be within physical proximity of a router as in the MitM attacks13httpsusnortoncominternetsecurity-malware-malware-101-how-do-i-get-malware-complex-attackshtml

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 31: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

General Malware Tips

bull Turn on automatic updates on youro P hones

o Home computers

o Tablets

o Work computers (s ee IT)

bull R un up-to-date antimalware toolo McAfee

o MalwareB ytes

o Windows Defender (free)

bull B ack up important files

bull Occas ionally try to restore something from backup

bull R eport suspicious computer activities

bull Never download from untrusted websites

bull B e careful of s ites you browse to

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 32: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Social Media tips

bull No Internet delete button

bull Dont share secretsbull Trust then connectbull Use different passwords

for different personas

bull S ecure device ndash facial password fingerprint hellip

bull Setup 2 -factor authNbull Turn on privacy settingsbull S etup private accountsbull Limit who sees postsbull Limit who can find you

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 33: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Insecure connection

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

intercepthelliphijackhellipmodify

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 34: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

VPN https

Photos by Unknown author is licensed under CC BY-SA

Evil InternetEvil Wifi

secure encrypted tunnel

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 35: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Top 5 defenses

Awareness amp Vigilance

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 36: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Key takeaways1 Dont get hished by a dumb hacker

2 Make strong passwords or phrases and never share them with anyone ever

3 Always use 2-factor login where available

Finally be vigilant but unafraid

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 37: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

UO Cybersecurity Briefing amp Awareness Training

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncom541-346-1732

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43
Page 38: Cybersecurity Awareness Training · malicious websites and drive-by downloads, P2P file sharing. malvertising, man-in-the-middle attacks, exploit kits. Social Engineering - Social

Leo F HowellC hief Information S ecurity Officerlfhowelluoreqoncomlfhowelluoregonedu541-346-1732

UO C ybersecurity B riefing amp Awareness Training

  • Slide Number 1
  • Slide Number 2
  • Meet the adversary
  • Common attack methods
  • Slide Number 5
  • Can you spot the phish
  • Phishing-4-faculty withhellip
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-faculty withhellipflattery grammar fake domain urgency
  • Phishing-4-whales withhellip
  • Phishing-4-whales withhellipsender impersonation bad link tone
  • Gift card scam withhellip
  • Gift card scamhellipfake domain context urgency
  • Unable to display message phish
  • Slide Number 15
  • Unable to display message phish
  • Slide Number 17
  • Slide Number 18
  • Slide Number 19
  • Slide Number 20
  • Key Message on Phishing
  • UseSTRONG PASSWORDS
  • Password game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • Password Game
  • General password tips
  • TrojansVirusesBotsZombiesRansomware
  • Dangers of malwarehellip
  • How do I get infected
  • Slide Number 33
  • General Malware Tips
  • Protect yourSOCIAL BRAND
  • Social Media tips
  • Protect yourCOMMUNICATION
  • Insecure connection
  • VPN https
  • Top 5 defenses
  • Key takeaways
  • UO Cybersecurity Briefing amp Awareness Training
  • Slide Number 43

Integrity of the Ad Supply Chain Anti-Malvertising Best ...•Malvertising: can generally refer to “malicious” advertising of various sorts; connotation today is malware drive-by

Malvertising: The Hidden Threat

Malicious software

Understanding Malvertising Through Ad-Injecting Browser ...expector.pdf · Understanding Malvertising Through Ad-Injecting Browser ... space on their web pages where online ads

Hot Topics in Cybersecurity & Employee Privacy · 2017-11-13 · ‣Keylogger - logs sequential strokes to figure out login credentials ‣Malvertising - malicious online advertising

Detecting Malicious Accounts in Social -Network -Based ... · Detecting Malicious Accounts in Social -Network -Based Online Promotions 1Dr M Praveen Kumar, Professor, Department of

Advertsing Integrity: Malvertising, etc.espcoalition.org/sites/default/files/news-items/Malvertising for...Cyphort: +325% during 2014; ... As much as half of non-mobile display now

Trend Micro COMBATING MALICIOUS EMAIL AND SOCIAL ... · Page 3 of 6 • TECHNOLOGY BRIEF • COMBATING MALICIOUS EMAIL AND SOCIAL ENGINEERING ATTACK METHODS NEWLY-BORN SPAM DOMAINS

Malicious Dersertion

Group Session: Malvertising : How To Detect and Deal With Malicious Ads

INDUSTRY RESPONSES TO THE MALICIOUS USE OF SOCIAL MEDIA · MALICIOUS USE OF SOCIAL MEDIA. INDUSTRY RESPONSES. TO THE MALICIOUS USE OF SOCIAL MEDIA. ... and cybersecurity. Stacie is

Malicious Yahooligans

Malicious Software - Sirindhorn International Institute of Technologyict.siit.tu.ac.th/.../CSS322Y10S2L16-Malicious-Software.pdf · 2011-10-07 · CSS322 Malicious Software Malicious

Detecting Malicious Social Bots Based on Clickstream Sequenceszzhang/papers/Detecting Malicious Social Bots ba… · INDEX TERMS Online social network, social bots, user behavior,

Malicious Logic

PAD: Programming Third-Party Web Advertisement Censorship · Malvertising campaigns are becoming a prominent threat. According to Cyphort Labs, “by 2013 malvertising increased to

Taxonomy of Malicious Programs Malicious Softwareabc/teaching/bbs677/slides/Malware_4.pdf · Taxonomy of Malicious Programs Needs Host Program Independent Programs Malicious Trapdoors

Uncovering The Secrets of Malvertising · Uncovering The Secrets of Malvertising Jérôme Segura, @jeromesegura, Lead Malware Intelligence Analyst Chris Boyd, @paperghost, Lead Malware

Ransomware is Big Business - Tech Community · 2016-09-23 · Infection Vector User clicks malicious link to a compromised site or malvertising OR user clicks links in phishing emails

Undetectable Backdoor: The Art of Malicious Software and Social Engineering - Faizal Achmad

Knowing Your Enemy: Understanding and Detecting ......frauds, etc. To understand the gravity of these malicious adver-tising activities, which we call malvertising, we perform a large-scale

Malicious Code

Knowing Your Enemy: Understanding and Detecting Malicious ......• Malvertising is a significant threat to the internet revenue model • much of the internet funded by advertising

Malicious Software Malicious Software Han Zhang & Ruochen Sun

Exposing Hidden Threats - comlinx.com.au€¦ · 10 | Exposing Hidden Threats 6 The Rise of Encrypted Threats: Malvertising In June and July 2015, malvertising schemes set new records

Webinar: Operation DeathClick: Uncovering Micro-Targeted Malvertising Against US Defense Industrial Base

UNCOVERING THE SECRETS OF MALVERTISING · AD TECH 101 In order to grasp why malvertising is such a profi table and ... better monetization downstream, which ironically is also true

Advertsing Integrity: Malvertising, etc

Malvertising: una minaccia in espansione

Australian Government - cyber.gov.au. ISM...  · Web viewAn adversary can email malicious code, or host malicious code on a compromised website, and use social engineering techniques

MALICIOUS PROSECUTION AND NEGLIGENT INVESTIGATION: … · MALICIOUS PROSECUTION (i) Brief History of Malicious Prosecution in Canada The tort of malicious prosecution has its genesis

The Hidden Enemy: Malvertising and Ransomware€¦ · Ransomware. Overview This session will provide a better understanding of the impact of malvertising and ransomware. ... Malwarebytes

Panel 4 -- How to Avoid Malvertising Leading to Phishing ... 4... · 2007 – first recorded sighting of malvertising - based on a vulnerability in Adobe Flash (a product that continues

Malicious Code as Weapon Malicious Code as Weapon

DETECTING MALICIOUS USAGE OF ONLINE SOCIAL NETWORK