Scary Security Stories be aware, beware Who Are You - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Scary Security Stories be aware, beware Who Are You

Description:

... information about your account and to then use this information to commit fraud. Internet scams ... Report it to the Federal Trade Commission ... – PowerPoint PPT presentation

Number of Views:121
Avg rating:3.0/5.0
Slides: 21
Provided by: jay148
Category:

less

Transcript and Presenter's Notes

Title: Scary Security Stories be aware, beware Who Are You


1
Scary Security Stories be aware, bewareWho Are
You ?
Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT,
NSA-IAM
2
Questions
  • Use the Internet?
  • Use on-line banking, pay bills on-line?
  • Have kids using the internet?
  • Know anyone who has been a target?
  • Think you have already been a target?
  • Does your computer seem possessed?

3
Agenda
  • What Information are the bad guys after
  • What bad things can happen to you
  • How they get your information
  • How to prevent becoming a victim
  • How to recognize if your information has been
    stolen
  • What to do if you are a victim

4
What are they looking for?
  • Social Security Number
  • Mothers maiden name
  • Birth date
  • Billing Addresses
  • Email Addresses
  • Account Numbers
  • Passwords

5
How is your information abused
  • Physical (offline) theft used for
  • New Account Fraud
  • Check Forgery
  • Information stolen on-line used for
  • Unauthorized checking account transfers
  • Stolen credit card purchases
  • Illegal credit card advances
  • Acquiring other services in your name
  • Cyberstalking and Cyberharassment

6
How they get Your Information
  • Stealing your mail and dumpster diving
  • Phishing
  • Internet scams
  • Spyware
  • Public Computers and Networks
  • Inadequate computer security
  • You actually give it them

7
Stealing your mail and Dumpster Diving
  • Get a shredder
  • Use a post office box
  • Pay attention to missing mail
  • DUMPSTER.MOV

8
Oracle chief defends Microsoft snooping
  • By Wylie Wong
  • Staff Writer, CNET News.com
  • June 28, 2000, 310 PM PT
  • Oracle chief executive Larry Ellison today
    defended his company's decision to hire
    detectives to investigate two research groups
    that supported Microsoft during the antitrust
    trial.
  • Oracle hired Investigative Group International to
    probe two research organizations, the
    Independence Institute and the National Taxpayers
    Union. The company sought to verify links between
    Microsoft and the organizations during its
    antitrust trial--and even tried to buy trash from
    another research group with close ties to
    Microsoft.
  • Oracle told Bloomberg News today it discovered
    that the two organizations were misrepresenting
    themselves as independent advocacy groups when
    they were in fact funded by Microsoft. Oracle
    said the company hired the detective agency
    because the organizations were releasing studies
    supporting Microsoft during the antitrust trial.
    The financial ties between the organizations were
    reported by The Wall Street Journal and The
    Washington Post.

9
Phishing
  • Rapidly spreading
  • Victims are more prone to fraud

10
  • Phishing
  • Sample E-mail Below is a sample of a fraudulent
    e-mail that's been sent to Citibank customers. It
    purports to be from Citibank, but it is not. Its
    intent is to get you to enter sensitive
    information about your account and to then use
    this information to commit fraud.

11
Internet scams
12
Spyware and Adware
  • Gets in through kids down loading games, music
    off the Web.
  • Keyboard loggers

13
Public Computers Networks
  • Kiosks
  • Wireless Hot spots

14
Inadequate Computer Security
  • Worms and viruses
  • Does your computer seem possessed?

15
Fizzer Worm Is on the Move
  • The Fizzer worm continued to spread rapidly late
    Monday afternoon as anti-virus experts raced to
    analyze the code of what they called one of the
    more complex worms in recent memory.
  • The worm is 200kB of code spaghetti, containing
    backdoors, code droppers, attack agents, key
    loggers and even a small Web server. Fizzer
    includes an IRC bot that attempts to connect to a
    number of different IRC servers and, once it
    establishes a connection, listens passively for
    further instructions.
  • The keystroke logger records every typed letter
    and saves the log in an encrypted file on the
    infected machine. If the infected PC has the
    Kazaa file-sharing program installed, Fizzer also
    has the ability to find the default download
    location for Kazaa files and copy itself to that
    folder.

16
Social Engineering
  • EULAs
  • Dont disclose any personal information
  • Passwords
  • Your mothers maiden name

17
How to Know if youre in Trouble
  • Review your statements within the your accounts
    dispute period.
  • Periodically check your credit report through a
    Credit Bureaus such as Equifax, Experian,
    TransUnion
  • You get a call from a collection agent

18
What to do if You Are a Victim
  • Contact all of your banking, credit card,
    mortgage, etc.
  • Contact the police
  • Report it to the Federal Trade Commission
  • Prepare an ID Theft Affidavit and Fraudulent
    Account Statement

19
How to Protect Yourself
  • Two additional Brown Bag Sessions
  • Securing Your Home Computer
  • Configuring Your Home Network
  • Wipe out the hard drive when disposing of
    computers
  • Active KillDisk (Free)
  • WipeDisk
  • BCwipe

20
Questions
Write a Comment
User Comments (0)
About PowerShow.com