COMPUTER SECURITY

1
COMPUTER SECURITY
2
(No Transcript)
3
How to achieve total computer security
The best way to do so is to apply Richards' Laws
Of Computer Security (ca. 1992) A.    Don't
buy a computer B.    If you do buy a computer,
don't turn it on
4
Golden Rule

• Dont assume anything!
• Learn the risks.

5
The Ten Commandments of Safer Computing

• Protect your personal information. It's valuable
• Make backups of important files
• Install and use anti-virus software.
• Acquire and use a reliable firewall solution.
• Acquire and use AntiSpyware
• Apply security software patches and updates
  regularly
• Use Safe browsing techniques on the internet
• Use caution when reading your email
• Avoid installing services and applications which
  are not needed
• Learn what to do when something goes wrong.

6
1. Protect your personal information.

• Never store sensitive personal information such
  as your bank account information, Social Security
  numbers or passwords on your computer.
• Do not use the "Remember Password" feature of
  applications (e.g., Eudora, OutLook, Netscape
  Messenger, Web Browser).
• Never comply with requests for personal
  information from an email or phone call unless
  you initiated the contact. These are often
  phishing scams trying to steal your personal
  information
• Use strong passwords
• If someone demands a password, refuse to give it.
• Do not write passwords down and store them
  anywhere in your office.
• Change passwords ( 6 months)

7
Passwords

• The golden rules, or policies for passwords are
• Make passwords as meaningless as possible
• Change passwords regularly
• Never divulge passwords to anyone

8
Weak Passwords

• WEAK PASSWORDS
• Poor, weak passwords have the following
  characteristics
• The password contains less than eight
  characters
• The password is a word found in a dictionary
  (English or foreign)
• The password is a common usage word such as
• o Names of family, pets, friends, co-workers,
  fantasy characters, etc.
• o Computer terms and names, commands, sites,
  companies, hardware, software.
• o Birthdays and other personal information such
  as addresses and phone numbers.
• o Word or number patterns like aaabbb, qwerty,
  zyxwvuts, 123321, etc.
• o Any of the above spelled backwards.
• o Any of the above preceded or followed by a
  digit (e.g., secret1, 1secret)

9
Strong Passwords

• Strong passwords have the following
  characteristics
• Contain both upper and lower case characters
  (e.g., a-z, A-Z)
• Have digits and punctuation characters as well
  as letters e.g., 0-9, !_at_()_-
• \"ltgt?,./)
• Are at least eight alphanumeric characters
  long.
• Are not a word in any language, slang, dialect,
  jargon, etc.
• Are not based on personal information, names of
  family, etc.
• Passwords should never be written down or
  stored on-line. Try to create passwords that can
  be easily remembered.

10
Use Strong passwords

• Use strong passwords and keep them secret.
• Dont reveal a password over the phone to ANYONE
• Dont reveal a password in an email message
• Dont reveal a password to the boss
• Dont talk about a password in front of others
• Dont hint at the format of a password (e.g., "my
  family name")
• Dont reveal a password on questionnaires or
  security forms
• Dont share a password with family members
• Dont reveal a password to others while on
  vacation
• If someone demands a password, refuse to give it.

11
(No Transcript)
12
(No Transcript)
13
2. Make backups of important files
14
Make backups of important files

• Why Backup?
• What to backup
• When to back up
• Where to backup
• How to backup

15
Why Backup?

• The Risks - Main Causes of Downtime and Data
  LossNo system is completely secure. Systems
  Crash. Its not of matter of if, its a matter of
  when.
• Human Error
• Accidental deletion of a file or folder
• Accidental overwriting of a file (forget to Save
  AS!)
• Malicious deletion or editing of files
• Hard disk or other hardware failure
• Data loss due to a virus or other attack
• Vandalism
• Theft
• Fire
• Faulty software rollouts
• Driver setting conflicts
• Lost/locked-out passwords
• Power Surges
• Weather Storms
• Hackers / Terrorism
• And So Many More!

16
What to backup

• Original Software Disks
• Boot/ Recovery Disks
• Backups
• Your e-mail and e-mail address book.
• Bank records other financial information
• Tax returns
• Digital photographs and video
• Software purchased and downloaded from the
  Internet
• Music purchased and downloaded from the Internet
• Personal projects
• Your Microsoft Outlook calendar
• Your Internet Explorer bookmarks

17
When to back up

• As soon as possible after you change it.
• On a regular basis
• Make a schedule weekly , monthly.

18
Where to backup

• Diskette 1.4 MB
• Zip Drives 100 to 250 MB
• CD-ROM R/RW 700MB
• USB FLASH DRIVES 32 TO 1GB
• DVD-ROM R/RW 4.7 GB
• USB EXTERNAL HD 40GB AND UP
• ONLINE BACKUP OFFSITE

19
Backup Media
20
How to backup

• Copy and Paste
• Backup UtilitiesWindows XP home Install from
  CDhttp//www.microsoft.com/athome/security/update
  /howbackup.mspx
• Make more than 1 copy. Save older copies.Store
  offsite.

21
(No Transcript)
22
3. Install and use anti-virus software.
23
3. Install and use anti-virus software.

• The Risk
• A virus or worm is a computer program that can
  spread across computers and Networks by making
  copies of itself, usually without the users
  knowledge. Viruses can have harmful effects.
  These can range from displaying irritating
  messages to stealing data or giving other users
  control over your computer.
• Even a new computer is not protected
• If your antivirus program doesnt have the latest
  virus definitions, your computer isnt protected
  against ANY of the new viruses!

24
Viruses, Trojans and Worms. Oh My!

• What to do
• Acquire and use a reliable antivirus program. New
  virus are discovered every day. Its important
  to keep your Antivirus software updated with the
  latest Virus identities.
• Select an antivirus that has a consistent track
  record. Checkmark, AV-Test.org and TuV are among
  the most respected independent testers of
  antivirus software.

25
Install and use anti-virus software.

• There is no reason not to have Antivirus
  protection
• Check with your ISP.
• Antivirus protection may be available as part of
  your internet service.
• Charter F-Secure
• DSL SBC/ATT Computer Associates
• AOL McCaffee.

26
Install and use anti-virus software.

• Free Antivirus for personal use is available
• Free Antivirus
• AVG Antivirus
• Avast
• Trend Micro Free online scan
• Panda Free online scan
• Antivirus Software
• CA Eztrust
• Norton
• McCaffee

27
Viruses, Trojans and Worms. Oh My!

• Virus
• Program that is self-replicating and attaches to
  other programs.
• Worm
• Special type of virus that can replicate itself
  and use memory, but cannot attach itself to other
  programs. Uses computer networks and security
  holes to replicate itself.
• Trojan Horse
• A computer program that claims to do one thing
  (such as a game) but instead does damage when you
  run it. Trojan Horses do not replicate
  automatically

28
What can viruses do?

• Viruses used to play pranks or stop your computer
  working, but now they compromise security in
  more insidious ways. Here are the things that
  viruses can do.
• Slow down email. Viruses that spread by email,
  such as Sobig, can generate so much email traffic
  that servers slow down or crash. Even if this
  doesn't happen, companies may react to the risk
  by shutting down servers anyway.
• Steal confidential data. The Bugbear-D worm
  records the user's keystrokes, including
  passwords, and gives the viruswriter access to
  them.
• Use your computer to attack websites.MyDoom used
  infected computers to flood the SCO software
  company's website with data,making the site
  unusable (a denial of service attack).
• Let other users hijack your computer. Some
  viruses place backdoor Trojans on the computer,
  allowing the virus writer to connect to your
  computer and use it for their own purposes.

29
What can viruses do?

• Corrupt data. The Compatable virus makes changes
  to the data in Excel spreadsheets.
• Delete data. The Sircam worm may attempt to
  delete or overwrite the hard disk on a certain
  day.
• Disable hardware. CIH, also known as Chernobyl,
  attempts to overwrite the BIOS chip on April 26,
  making the computer unusable.
• Play pranks. The Netsky-D worm made computers
  beep sporadically for several hours one morning.
• Display messages. Cone-F displays a political
  message ifthe month is May.
• Damage your credibility. If a virus forwards
  itself from your computer to your customers and
  business partners, they may refuse to do business
  with you, or demand compensation.
• Cause you embarrassment. For example, PolyPost
  places you rdocuments and your name on sexrelated
  newsgroups.

30
How viruses get into computers

• The origin of the four most common virus
  infections
• File A virus type that infects existing files
  on the computer
• Macro A virus that runs as a macro in a host
  application i.e., MS Office applications such as
  Word or Excel
• VBScript A virus that uses Windows Visual Basic
  Script
• Internet Worm A virus that is primarily
  characterized by its replication across the
  Internet

31
How viruses spread

• By downloading infected files or programs from a
  network. If you download and run software from
  the Internet, or receive e-mail attachments,
  there is a chance that you can contract a
  computer virus.Once you RUN an infected
  program, the virus can spread rapidly, especially
  on networks. That is why the Internet, the
  largest network, is a fertile breeding ground for
  viruses.
• By inserting infected disks into your computer.

32
How viruses spread (continued)

• Computers do get viruses from e-mail. You must
  be aware of the fact that you CANNOT get a
  computer virus from simply the text of an e-mail.
  
• The virus will come in the form of some kind of
  attachment. Opening the attachment can give your
  computer a virus.

33
Virus Symptoms

• Unusual messages or displays on your monitor.
• Unusual sounds or music played at random times.
• A file name has been changed.
• A change in dates against the filenames in a
  directory.
• Programs or files are suddenly missing.
• Unknown programs or files have been created.

34
Virus Symptoms (continued)

• Reduced memory or disk space.
• Unexpected writes to a drive.
• Bad sectors on your floppy disk.
• Your entire system crashing.
• Some of your files become corrupted meaning
  that the data is damaged in some way or
  suddenly dont work properly.
• Programs take longer to load, they may hang the
  computer or not work at all.

35
Basic virus defense

• Dont open files that you are not expecting.
• Many viruses automatically send files without the
  e-mail account owners knowledge.
• Ask the sender to confirm unexpected files.
• If you dont know who the message is from, dont
  open it.
• Messages that appear more than once in your Inbox
  can be suspect for a virus.
• If you receive a suspicious message, delete it.
• Dont use or share floppies without scanning with
  anti-virus software first.

36
Basic virus defense (continued)

• Learn file extensions.
• Your computer will display both an icon and a
  file extension for files you receive. Open only
  file extensions you know are safe.
• If you are not sure, ask your Technical Support
  person.
• Never double-click to open an attachment that
  contains an executable that arrives as an e-mail
  attachment.

37
Basic virus defense (continued)

• Regularly back up your files.
• Do not install pirated software, especially
  computer games.
• Make sure your computer runs anti-virus software.
  If you dont have it, buy and install it
  immediately.
• If you have anti-virus software on your computer,
  it has to be updated at least weekly, as new
  viruses appear daily.
• Scan the entire hard disk twice a month.

38
Examples of potentially unsafe file types

• The following file types should not be opened
  unless you have verified the sender and the
  reason sent
• .EXE
• .PIF
• .BAT
• .VBS
• .COM

39
(No Transcript)
40
Microsoft Office

• Microsoft Office files are mostly data with some
  program code.
• Office macros are programs, which can be viruses.
• Office will prompt you to enable macros.
• Enable macros only when you know why Office is
  asking. Never run macros in a document unless
  you know what they do.

41
Anti Virus Software

• Free Antivirus
• AVG Antivirus
• Avast
• Trend Micro Free online scan
• Panda Free online scan
• CA Eztrust
• Norton
• McCaffee

42
(No Transcript)
43
4. Acquire and use a reliable firewall solution.
44
4. Acquire and use a reliable firewall solution.

• The Risk
• A firewall is a security measure that protects a
  computer or a computer network from unauthorized
  access. Unfortunately in todays computer world,
  there are a lot of devious hackers working
  diligently to access computer information. Where
  previously, the targets were large institutions,
  today hackers seek out all sorts of personal
  information including information from everyday
  home computer users.
• If you use a broadband connection to the
  Internet, like DSL or cable, you should
  definitely get a firewall. Such broadband
  connections are always on, shared connections. It
  is easier for an intruder to break into your
  computer if you are using one of these
  connections. So it is essential to have a
  firewall on a computer that uses DSL or cable to
  connect to the Internet. Firewalls don't prevent
  virus attacks but in some circumstances they can
  stop viruses from sending information from an
  infected computer.

45
Firewalls

• Hardware Appliance (Router)
• Software

46
Personal Firewalls Your options

• If you have XP, install XP SP2 and enable the
  firewall that comes with it. Biggest plus, its
  now part of the OS. Biggest negative, it doesnt
  guard against outbound attacks.
• ZoneLabs www.zonelabs.com offers a variety of
  options from free and up. Biggest plus, theyre a
  respected name in the business Biggest negative,
  you have to do some reading if you want to learn
  how to effectively manage your settings.
• Security Suites
• Most antivirus vendors are getting into this
  area as well, and are offering bundled products .
• For more information and guidance see
  http//www.firewallguide.com/software.htm

47
(No Transcript)
48
5. Acquire and use AntiSpyware
49
Spyware

• Spyware is software that enables advertisers to
  gather information about a computer users habits
  
• Spyware programs are not viruses (They dont
  spread)

50
How you get Spyware

• Spyware is typically placed on your system by
  visiting websites and installing software.

51
Symptoms of Spyware

• Typical signs that you have spyware
• You have a lot of popup windows when visiting the
  web or just logging on to your system.
• Your homepage has changed to a different site.
• You notice a major drop in system performance.
• Your antispyware or antivirus utility stops
  working.
• You go to search for things and your search page
  has changed.
• New Items appear in your favorites.
• In many cases there are no signs and it is
  running silently recording your actions.

52
Antispyware

• Scanners
• Real TimeProtection

53
Protect Yourself from Spyware

• Use a popup blocker like Google Toolbar, or the
  one that comes with FireFox and Internet
  Explorer.
• Install AntiSpyware utilities.
• Recommended - Ad-aware, Spybot - Search and
  Destroy, Microsoft Defender (beta). and Spy
  Sweeper.
• These can be found for free AdAware SE personal
  http//www.lavasoftusa.comSpybot Search and
  Destroy http//www.spybot.info
• Windows Defender
• http//www.microsoft.com/athome/security/spyware/
  software/default.mspx
• Spy Sweeper is available by annual subscription
  at www.webroot.com

54
Spybot Search and Destroy
55
Spybot - Updating

• Always Update the software before scanning or
  immunizing the system.

56
Spybot - Immunize

• Immunizing the system protects it from getting
  certain types of Spyware.

57
Spybot - Scanning

• Click the Search and Destroy Button to scan the
  system.
• This will clean off existing Spyware.

58
LavaSofts Ad-Aware
59
Ad-Aware - Update

• Use the Check for Updates Link on the Main screen
  or the Web update Button.

60
Ad-Aware - Scanning

• Click the Scan Now Button
• Choose to do a Full System Scan

61
Ad-Aware Scan Results

• You will get Critical Objects (Clean)
• You will get Negligible Objects (Can Leave Alone)
• Mostly MRU (Most Recently Used)

62
Ad-Aware Clean Objects

• When you clean objects they go to the Quarantine.
  
• You can leave them or delete them.

63

64
6. Apply security software patches and updates
regularly
65
Closing the Holes

• With relatively few exceptions, when software
  manufacturers find a security hole in one of
  their products, they release a patch that closes
  that hole.
• If your computer doesnt have ALL these patches,
  it isnt protected and your computer is
  completely vulnerable to all the nasty stuff we
  talked about three slides ago.
• WMF vulnerablityhttp//www.microsoft.com/technet/
  security/bulletin/ms06-001.mspx

66
Windows Update

• Built into every PC since Windows 98 and into
  every version of Microsoft's Internet Explorer
  since version 4.0 is something called Windows
  Update.
• Windows Update is an easy-to-use tool that helps
  you ensure that your PC is running the absolute
  latest Microsoft software patches and drivers.
• If you use Windows XP you should be on Service
  Pack 2

67
Patching and Updating

• One of the best things that you can do to protect
  your system is to Patch it.
• Most people believe that their system got
  infected because of a failed AntiVirus product,
  but they are wrong.
• Most infected systems become infected because of
  poorly patched systems.
• Patching is a simple, easy, and free way to
  protect your system.

68
How you patch a system

• To do it manually, use the windows update Icon on
  your start menu.
• To do it automatically got to Start Settings
  Control panel and choose Automatic Updates.

69
(No Transcript)
70
7. Use Safe browsing techniques on the internet

• Set your browser security to High
• Add safe Web sites to trusted sites
• Read e-mail messages in plain text
• Block pop-up windows in your browser
• Check Ecommerce Sites
• Secure Server - https
• Lock is closed on IE
• http//hacker-eliminator.com/safebrowsing.htmlset
  tings

71
Trusted Sites
72
Browser Security Settings

• Active X and Java
• Trusted Zones
• Browser Security Check
• http//security.symantec.com/sscv6/home.asp?langid
  ie
• http//www.verisign.com/advisor/check.html

73

• Using public computers and wireless security
• Be careful about typing your password into a
  strange computer.
• Is the owner trustworthy or are they perhaps
  running a keyboard logger recording your
  keystrokes? (It has happened).
• Who was the last person to use it and what did
  they run on it?

74
8. Use caution when reading your email

• Viruses
• Email attachments
• Spam
• Junk email
• Virus Hoaxes
• Phishing

75
Email Security - Viruses

• DO NOT
• open email attachments that you arent expecting.
  Especially avoid attachments ending in .exe,
• .vbs, .pif, .scr, .com, or .bat, and dont unzip
  files you are not expecting. Dont open the
  attachment
• even if it looks like it is sent from someone you
  knowmany viruses can forge, or spoof, the
  senders
• name from names found in address books.

76
Spam

• The chances are that you have had emails offering
  you drugs without a prescription, or loans, or
  get-rich-quick schemes sometimes cleverly
  disguised to look like personal email. This
  spam mail accounts for more than half of all
  the email sent worldwide, cluttering up inboxes
  and distracting users from more important
  messages.

77
SPAM

• Legitimate Business Offers
• Viruses and Virus Hoaxes
• Phishing

78
SPAM Prevention

• Dont give out email address
• Filters
• Internet Service Provider
• Email Client ( Outlook, Eudora)
• Spam Filters
• Rules
• Third Party Software (SpamKiller, Mailwasher)
• You can report violators
• Beware of email attachments

79
Spam

• Tips for preventing spam
• Do not reply to spam!
• Some junkmail messages urge you to send an
  unsubscribe reply to get off their list. This
  is a common ploy for harvesting email addresses.
  Instead of getting off their lists, youll be
  added to others (your email address may even be
  sold to other direct marketers), and youll find
  yourself getting more spam than before.
• Dont use complete email addresses on web pages
  or newsgroup postings.
• Setup additional email accounts as aliases when
  giving out a valid email address.

80
Hoaxes and Scams
81
Hoaxes and scams

• If you have had an email that warns you about an
  unlikely-sounding new virus, offers you a free
  mobile phone, or asks you to update your bank
  account details, you have been the victim of a
  hoax. Hoax mail can interrupt work, overload mail
  systems, or even trick you into giving personal
  credentials and passwords to criminals.

82
Virus hoaxes

• Virus hoaxes are reports of non-existent viruses.
  Usually they are emails which do some or all of
  the following
• Warn you that there is an undetectable, highly
  destructive new virus.
• Ask you to avoid reading emails with a
  particular subject line, e.g.Join the Crew or
  Budweiser Frogs.
• Claim that the warning was issued by a major
  software company, internet provider or government
  agency,e.g. IBM, Microsoft, AOL or the FCC.
• Claim that a new virus can do something
  improbable, e.g. The A moment of silence hoax
  says that no program needs to be exchanged for a
  new computer to beinfected.
• Use techno-babble to describe virus effects, e.g.
  Good Times says that the virus can put the PCs
  processor into an nthcomplexity infinite binary
  loop.
• Urge you to forward the warning.

83
(No Transcript)
84

• Phishing
• Phishing is the use of bogus emails and websites
  to trick you into supplying confidential or
  personal information.Typically, you receive an
  email that appears to come from a reputable
  organisation, such as a bank. The email includes
  what appears to be a link to the organisations
  website. However, if you follow the link, you are
  connected to a replica of the website. Any
  details you enter, such as account
• numbers, PINs or passwords, can be stolen and
  used by the hackers who created the bogus site.
• You should always be wary about following links
  sent to you in emails. Instead, enter the website
  address in the Address field, or use a bookmark
  or a favourite link, to make sure that you are
  connecting to the genuine site. Anti-spam
  software will also help to block phishing email.

85
Phishing and Pharming

• What is Phishing and Pharming?
• Uses both social engineering and technical
  subterfuge to steal consumers' personal identity
  data and financial account credentials.
• Social-engineering schemes use 'spoofed' e-mails
  to lead consumers to counterfeit websites
  designed to trick recipients into divulging
  financial data such as credit card numbers,
  account usernames, passwords and social security
  numbers. Hijacking brand names of banks,
  e-retailers and credit card companies, phishers
  often convince recipients to respond.
• Technical subterfuge schemes plant crimeware onto
  PCs to steal credentials directly, often using
  Trojan keylogger spyware.
• Pharming crimeware misdirects users to fraudulent
  sites

86
Phishing and Pharming
87
Phishing and Pharming
88
How to Avoid Phishing Scams

• Be suspicious of any email with urgent requests
  for personal financial information
• Don't use the links in an email to get to any web
  page, if you suspect the message might not be
  authentic
• Avoid filling out forms in email messages that
  ask for personal financial information
• Always ensure that you're using a secure website
  when submitting credit card or other sensitive
  information via your Web browser
• Consider installing a Web browser tool bar to
  help protect you from known phishing fraud
  websites
• Regularly log into your online accounts
• Regularly check your bank, credit and debit card
  statements to ensure that all transactions are
  legitimate
• Ensure that your browser is up to date and
  security patches applied
• This taken from http//www.antiphishing.org/consum
  er_recs.html

89
Keylogging and Pharming

• The financial services industry continues to be
  the main focus of scammers, with 78 percent of
  attacks targeting the customers of banks and
  other types of financial institutions, according
  to the group.
• There was also a rise in the number of reports of
  keylogging and pharming,
• Keylogging involves using software to record
  keystrokes made on a computer and is commonly
  used to steal passwords. Pharming involves
  interfering with DNS (Domain Name System) servers
  to direct people to counterfeit banking or
  e-commerce sites when they think they are
  visiting a legitimate site.
• The country hosting the most phishing Web sites
  in February was the U.S., followed by China.

90
(No Transcript)
91
9. Avoid installing services and applications
which are not needed

• Uneeded programs take up computer resources and
  can open up security holes
• Free programs can contain viruses or spyware

92
(No Transcript)
93
10. Learn what to do when something goes wrong.
94
10. Learn what to do when something goes wrong.

• Unfortunately, there is no particular way to
  identify that your computer has been infected
  with malicious code. Some infections may
  completely destroy files and shut down your
  computer, while others may only subtly affect
  your computer's normal operations. Be aware of
  any unusual or unexpected behaviors.

95
10. Learn what to do when something goes wrong.

• What you should do if you notice symptoms of
  infection
• If you notice that your computer is functioning
  erratically Don't panic! This golden rule may
  prevent the loss of important data stored in your
  computer and help you avoid unnecessary stress.
• Disconnect your computer from the Internet.

96
Computer Virus

• If your computer gets hacked or infected by a
  virus
• immediately unplug the phone or network line from
  your machine. Then scan your entire computer with
  fully updated anti-virus software, and update
  your firewall.
• take steps to minimize the chances of another
  incident

97
Spyware/Adware

• If your computer gets infected by spyware
• immediately unplug the phone or network line from
  your machine. Then scan your entire computer with
  fully updated anti-spyware software, and update
  your firewall.
• take steps to minimize the chances of another
  incident

98
Hacking

• alert the appropriate authorities by contacting
• Your ISP and the hacker's ISP (if you can tell
  what it is). Often the ISP's email address is
  buse_at_yourispname.com or postmaster_at_yourispname.com
  . You can probably confirm it by looking at the
  ISP's website. Include information on the
  incident from your firewall's log file. By
  alerting the ISP to the problem on its system,
  you can help it prevent similar problems in the
  future.
• The FBI at www.ifccfbi.gov. To fight computer
  criminals, they need to hear from you.

99
Internet Fraud

• If a scammer takes advantage of you through an
  Internet auction, when you're shopping online, or
  in any other way, report it to the Federal Trade
  Commission, at ftc.gov. The FTC enters Internet,
  identity theft, and other fraud-related
  complaints into Consumer Sentinel, a secure,
  online database available to hundreds of civil
  and criminal law enforcement agencies in the U.S.
  and abroad.

100
Deceptive Spam

• If you get deceptive spam, including email
  phishing for your information, forward it to
  spam_at_uce.gov. Be sure to include the full
  Internet header of the email. In many email
  programs, the full "Internet header" is not
  automatically included in forwarded email
  messages, so you may need to take additional
  measures to include the full information needed
  to detect deceptive spam. For further
  information, go to http//getnetwise.org/action/he
  ader.

101
Divulged Personal Information

• If you believe you have mistakenly given your
  information to a fraudster, file a complaint at
  ftc.gov, and then visit the Federal Trade
  Commission's Identity Theft website at
  www.consumer.gov/idtheft to learn how to minimize
  your risk of damage from a potential theft of
  your identity.

102
Identity Theft

• BBB survey 2005
• The most frequently reported source of
  information used to commit fraud was a lost or
  stolen wallet or checkbook. Computer crimes
  accounted for just 11.6 percent of all
  known-cause identity fraud in 2004
• Among cases where the perpetrator's identity is
  known, half of all identity fraud is committed by
  a friend, family member, relative, neighbor or
  in-home employee - someone known by the victim.
• A wide variety of metrics confirm that identity
  fraud problems are NOT worsening, with the total
  number of victims in decline.
• The majority of identity fraud crimes are
  self-detected

103
(No Transcript)
104
(No Transcript)
105
(No Transcript)
106

• Resources
• Home Computer Security
• http//www.us-cert.gov/
• http//www.us-cert.gov/cas/tips/
• http//www.microsoft.com/athome/security/default.m
  spx
• http//www.staysafeonline.org/
• http//computer.howstuffworks.com/virus.htm
• http//www.cert.org/homeusers/HomeComputerSecurity
  
• http//www.microsoft.com/athome/security/default.m
  spx
• http//www.bbb.org/alerts/article.asp?ID565
• Product Reviews
• http//www.pcmagazine.com
• Virus Information ( also see Antivirus software
  )
• http//www.virusbtn.com
• https//www.icsalabs.com/icsa/icsahome.php
• http//www.viruslist.com/
• Antivirus Software
• eTrust www.ca.com
• Norton Symantec Corp.http//www.symantec.com

107
Resources

• Antispyware Software
• AdAware SE personal http//www.lavasoftusa.com
• Spybot Search and Destroy http//www.spybot.info
• Windows Defender
• http//www.microsoft.com/athome/security/spyware/s
  oftware/default.mspx
• Spy Sweeper www.webroot.com
• Software Firewall
• Zone Labs, Inc.http//www.zonelabs.com
• Phishing
• http//www.ftc.gov/bcp/conline/pubs/alerts/phishin
  galrt.htm
• http//www.phishinginfo.org/
• http//www.antiphishing.org/phishing_archive.html
• Report Phishing http//www.us-cert.gov/nav/report
  _phishing.html
• Anti-Phishing Working Group (APWG)
  http//www.antiphishing.org/
• Federal Trade Commission, Identity Theft
  http//www.consumer.gov/idtheft
• Password checker
• http//www.microsoft.com/athome/security/privacy/p
  assword_checker.mspx
• Strong Passwords
• http//www.cert.org/homeusers/HomeComputerSecurity
  /6