top ten tips to shockproof your use of social media, lavacon 2011
TRANSCRIPT
Ten Tips to Shockproof Your Use of Social Media
Ben Woelk Policy and Awareness Analyst
Rochester Institute of Technology [email protected]
@benwoelk
Introduction
• Everyone is a target • Organized crime funds the attacks
2
Avert Labs Malware Research
3 Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good/
Phishing on Social Network Sites
http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf 4
Tip # 1 Strong Passwords/ Passphrases
• Length more important than complexity
It was a dark and stormy night
becomes
ItwasaDark215andStormyNight
5
Password Safes
6
7
Tip # 2 Keep up to date!
• Operating Systems • Applications
Tip #3 Use Security Software
Layers of Security • Anti-Virus Protection • Firewall • Anti-Spyware Protection Don’t overlook mobile devices!
8
9
Tip #4 Recognize Phishing/Scams
Phishing Tips
10
11
Tip #5 Use Social Networks Safely
Don’t: • Post personal information • Post schedules or whereabouts • Post inappropriate photos
http://www.sileo.com/facebook-status-update-leads-to-robbery/
Tip #6 Remember Who Else is There
• Who else uses social networking? – Employers – Identity Thieves – Online Predators
• Facebook Stalker (http://www.youtube.com/watch?v=wCh9bmg0zGg)
12
What You Post Can Be Used To…
• Make judgments about your character
• Impersonate you to financial institutions
• Monitor what you do and where you go
13
Tip #7 Be wary of others
• Choose your friends carefully • "41% of Facebook users agreed to be
friends with this plastic frog, opening themselves up to the risk of identity theft."
• The frog’s name was Freddi Staur – http://podcasts.sophos.com/en/sophos-
podcasts-019.mp3
14
Is this really your friend?
Just because it’s your friend’s account does not mean that it’s your friend!
15
Tip #8 Search for your name
• Do a vanity search • Set up a Google Alert
16
Tip #9 Guard Your Personal Information!
• Watch out for Facebook Applications!! – A 2008 study found
that 90.7% of apps had access to private user data (only 9.3% actually used the data)
17
Tip #10 Use Privacy Settings
• Default settings are set to sharing information
• Adjust Facebook privacy settings to help protect your identity
• Show "limited friends" a cut-down version of
your profile
• Disable options, then open them one by one
http://www.sophos.com/security/best-practice/facebook.html
The First Line of Defense
Stay alert—you will be the first to know if something goes wrong – Are you receiving odd communications from
someone? – Is your computer sounding strange or slower
than normal? – Has there been some kind of incident or warning
in the news?
Practice Digital Self Defense
• Infosec Communicator blog • @benwoelk • @RIT_Infosec
20