identity theft and safe computing keeping yourself you by good habits and good technology
Post on 22-Dec-2015
219 views
TRANSCRIPT
Identity TheftIdentity Theftandand
Safe ComputingSafe Computing
Keeping yourself Keeping yourself YouYou by good by good habits and good technologyhabits and good technology
The ThreatsThe Threats
MalwareMalwareAdwareAdwareSpywareSpywareWormsWormsVirusesVirusesTrojan HorsesTrojan HorsesBots/ZombiesBots/Zombies
The ThreatsThe Threats
Phishing and PharmingPhishing and Pharming
Safe ComputingSafe Computing
Safe Surfing (safe web, email, IM)Safe Surfing (safe web, email, IM)
Safe PasswordsSafe Passwords
Safe Systems (making your computer help Safe Systems (making your computer help you) you)
Safe SurfingSafe Surfing
Windows popup or web popup?Windows popup or web popup?
Careful where you clickCareful where you click
URL SpoofingURL SpoofingVulnerabilities (IE/Firefox spoofs)Vulnerabilities (IE/Firefox spoofs)OthersOthers
Safe SurfingSafe Surfing
URL Spoofing examples:URL Spoofing examples: http://[email protected]://[email protected]
MouseoversMouseoversHEX EncodingHEX EncodingDecimal IP addressDecimal IP addressEmail and webEmail and web
Safe SurfingSafe Surfing
Under Lock and KeyUnder Lock and KeySSLSSLTerminologyTerminology
CertificateCertificateCertificate AuthorityCertificate Authority
How to Check itHow to Check it
(Shows live phishing sites)
Safe SurfingSafe Surfing
Safe EmailSafe EmailUnexpected attachmentsUnexpected attachmentsGuilty until proven innocentGuilty until proven innocent
No real securityNo real securityFrom/Reply-to arbitraryFrom/Reply-to arbitrary
Encryption / AuthenticationEncryption / Authentication
Safe SurfingSafe Surfing
Email SpoofingEmail SpoofingEmbedded formsEmbedded formsURL spoofing in emailURL spoofing in email ‘‘Account Updates’Account Updates’ ‘‘Security Notices’Security Notices’
Safe SurfingSafe Surfing
Safe IMSafe IMSimilar to emailSimilar to email
Same defensesSame defenses
Safe SurfingSafe Surfing
SummarySummaryEmail is untrustworthyEmail is untrustworthy
Watch the URLsWatch the URLs
Common senseCommon sense
Safe PasswordsSafe Passwords
New Campus PoliciesNew Campus Policieshttp://www.it.ufl.edu/policies/passwords.htmlhttp://www.it.ufl.edu/policies/passwords.html
Why do we have this policy?Why do we have this policy?Single point of failureSingle point of failureTradeoffsTradeoffs
Safe PasswordsSafe Passwords
Making good passwordsMaking good passwordsPhrasesPhrasesLyrics, poems, quotesLyrics, poems, quotesObfuscateObfuscate
Storing your passwordStoring your passwordProtect like a credit cardProtect like a credit cardPassword vaultPassword vaultMulti-factor protectionMulti-factor protection
Safe SystemsSafe Systems
Check with your local support staffCheck with your local support staff
Anti-virusAnti-virusMcAfee is FREE!McAfee is FREE!
http://www.software.ufl.edu/mcafeehttp://www.software.ufl.edu/mcafee
Necessary, but not enough to be safeNecessary, but not enough to be safe
Safe SystemsSafe Systems
Anti-spywareAnti-spywareAd-awareAd-aware
http://www.lavasoftusa.com/software/adaware/http://www.lavasoftusa.com/software/adaware/
Spybot Search and DestroySpybot Search and Destroyhttp://www.safer-networking.org/en/index.htmlhttp://www.safer-networking.org/en/index.html
Still not enough!Still not enough!
Safe SystemsSafe Systems
Automatic UpdatesAutomatic Updateshttp://windowsupdate.microsoft.com/http://windowsupdate.microsoft.com/ http://net-services.ufl.edu/security/public/patches.shtmlhttp://net-services.ufl.edu/security/public/patches.shtml
Most important, and very nearly enoughMost important, and very nearly enough
Safe SystemsSafe Systems
Alternate BrowsersAlternate Browsers IE vulnerabilitiesIE vulnerabilities
OperaOperahttp://www.opera.com/http://www.opera.com/
Firefox (mozilla)Firefox (mozilla)http://www.mozilla.org/products/firefox/http://www.mozilla.org/products/firefox/
SummarySummary
Secure your machineSecure your machine
Choose good passwords and protect themChoose good passwords and protect them
Be careful how you surfBe careful how you surf
At Home / At WorkAt Home / At Work
Questions?Questions?Jordan WiensJordan WiensSecurity TeamSecurity Team
http://infosec.ufl.edu/http://infosec.ufl.edu/
[email protected]@ufl.edu