protecting yourself online
DESCRIPTION
Guide to protecting yourself onlineTRANSCRIPT
Protecting Yourself OnlineGary Wagnon 800biz.com
Paul Davidson – Davidson Business Technologies
Protecting Yourself Online
• Computer Basics• Printer Security• Email Do’s and Don’ts• Phishing Schemes• Social Network Security (Facebook, etc)• Viruses & Scams• Skype• Resources
Small Business Security
• 85% of small business owners believe their company is less of a target for cybercrime and 50% believe the cost of time and money is not justified by the threat.
• 65% store customer data, 43% store financial records and 33% store credit card information.
Computer Basics
• Make sure you have a working firewall & anti-virus program (AVG is a free antivirus)
• For Windows users – make sure you run automatic updates (Control Panel > Windows Updates or Automatic Updates)
• Use Firefox as your browser instead of Internet Explorer (Less security problems, blocks pop-ups)
• Install Spyware & Malware Programs -
Passwords
• Online passwords should not be:– A common word– A birthdate or address
• It should be:– A combination of letters and numbers– Include symbols if possible– Include capitalization– Changed frequently
Printer Security
• Some multi-function printer store data
• Install tools to protect data such as Image overwriting, data encryption, network authentication, Fax/Network separation and secure print jobs
• Update printer software just like you do your anti-virus and operating software.
Email Spoofing & Phishing
• The goal is to capture your login information or plant a virus, trojan or rootkit that will allow access to your computer from someone outside.
• They can achieve this in 2 ways – by getting you to click on an attachment or by having you click a link that looks legitimate.
NEVER OPEN AN ATTACHMENT OR FOLLOW A LINK IN AN EMAIL UNLESS YOU ARE 100% SURE IT’S LEGITIMATE
Email Phishing
• The next slide shows an example of an email that looks very official. It shows it comes from the IRS Payment Program and has a file that needs to be completed. But further investigation shows it’s not from the IRS at all.
Email Phishing
By clicking on View > Options you can see the actual header of the email.• Return-path: <[email protected]>• Envelope-to: [email protected]• Delivery-date: Fri, 08 Oct 2010 15:49:29 -0400• Received: from [94.233.179.37] (helo=inside-ip-115.astranet.ru)• by jasper.secsrv.net with esmtp (Exim 4.63)• (envelope-from <[email protected]>)• id 1P4IwZ-0000Uk-Rd• for [email protected]; Fri, 08 Oct 2010 15:49:29 -0400• Received: from [151.137.104.225] (account [email protected] HELO nugpvtlrxl.dzddfvfijxqn.va)• by inside-ip-115.astranet.ru (CommuniGate Pro SMTP 5.2.3)• with ESMTPA id 441289348 for <[email protected]>; Fri, 8 Oct 2010 22:49:27 +0300• From: "EFTPS Tax Payment" <[email protected]>• To: <[email protected]>• Subject: SECOND NOTICE: Your Federal Tax Payment ID: 01036376 has been rejected.• Date: Fri, 8 Oct 2010 22:49:27 +0300
Email Attachments
Viruses, trojans and other malware can infect a computer when an email attachment is opened. Some of the most common types of attachments are:
• PDF Files
• Zip Files
Stranded in London Email
I receive an email from a friend saying she was stranded in London (or any other city) and someone stole her wallet.
What actually happened was someone either stole or guessed her password and emailed everyone in her address book, hoping they would send money to the address they listed.
Email from Bank or PayPal
• While your bank may email you, you should NEVER click on any link within the email. Instead, open a browser window and go to your online banking like you normally do.
• Any request to change your password is an attempt to gain your login information.
E-Card Scam
PayPal Scam
Charles Schwab Scam
Email Phishing
Appears to come from the US Postal Service –
But the attached ZIP file is most likely a virus.
Scams
Scammers try to play on the sympathies of people and get them to send money. Some of the top scams are:
• Nigerian Scam
• Foreign Lottery
• Secret Shopper Scam
• Work at Home Scam
• Family Member in Distress
Scams
Some of the more popular:
• Post card Virus – e-card from a friend
• Jury Duty Scam – failed to report
• Delivery Failure – Parcel service delivery
• Microsoft Giveaway – Free cash for forwarding email
• Cell Phone Numbers to telemarketers
Scams
Before forwarding anything or taking any action suggested in an email, first check www.snopes.com . This site has a comprehensive list of hundreds of scams that are circulating.
Public WiFi
A public WiFi connection like a coffee shop, restaurant or bookstore is an open network, meaning hackers can potentially see what’s happening on your computer.
Make sure you don’t enter any sensitive data, like your bank account or credit card info on an public WiFi connection. Wait until you’re back home on your secured computer.
6 Steps to Safer WiFi Use
• Connect to a legitmate WiFi network
• Even Legitimate networks may be compromised
• Update your Anti-virus and anti-malware
• Control your access points
• Remember you’re in public
• Learn about their privacy policy
Facebook Security
Facebook Security Settings
• Posts that are made by friends can now be suspect. Unless you can recognize the link they are posting, don’t go to it.
• Consult Facebook’s Security page for the latest attacks
Facebook Scam
Mobile Devices
• From McAfee Threat Report - Mobile: Usage is rising in the workplace, and so will attacks
“Threats on mobile devices have so far been few and far between, as “jailbreaking” on the iPhone and the arrival of Zeus were the primary mobile threats in 2010. With the widespread adoption of mobile devices in business environments, combined with historically fragile cellular infrastructure and slow strides toward encryption, McAfee Labs predicts that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk. “
Mobile Devices
• Photos taken with a mobile device that is GPS enabled will stamp the photo with the exact longitude and latitude. When uploaded to sites like Flickr and Facebook, anyone can find the location and with very little work, build a pattern of family members and even children.
• Disable the GPS or location setting for photos.
Shortened URLs
• TinyURL, Bit.ly, dwarfURL.com are used to shorten a URL for Twitter and other social media sites.
• If you use a shortener program, consider a customized option or preview option so recipient is more comfortable the link is legitimate
• Use a shortened link decoder if you’re not sure.– UnShortenEmAll, TinyURL Decoder, Expand,
Unshorten.com
Skype
• Instant messaging on Skype can present potential problems.
• Messages can have links included but the same rule applies as to email – don’t click any link you aren’t 100% sure of
• Another option is to turn off the Skype messaging feature
Spokeo.com
While most of your “private” information is available online, Spokeo.com has aggregated it in one spot. Much of the data is based on the demographics of the neighborhood. Some of the info listed includes:
• Address• Street view of your neighborhood• Wealth Rating• Credit Rating• Phone
To remove yourself – click Privacy and follow the instructions.
Resources
• AVG – Free Anti-virus
• Malware Bytes – Spyware and Malware
• Spybot S & D – Spyware Removal
• Firefox – Browser
• Snopes.com – Scams