Scrambled Eggs - Creighton University

Download Report

Transcript Scrambled Eggs - Creighton University 

Breakfast Bytes:
Scrambled Eggs
Spyware, Pop-ups, and
other Annoyances
Jane’s Diary - Monday
I just got my new PC. It’s
lightening fast. The first
thing I did was get a “cool”
screen saver. I surfed the
net and found some really
awesome screen savers for
FREE! I pressed OK to this End User License
agreement (EULA) and it installed so easily.
 What really happened? The screen saver
software really installed adware. This will
create pop-ups trying to sell her or promote
new sites.
DoIT Breakfast Bytes – Creighton University
Jane’s Diary - Tuesday
I surfed the net. I had a few pop-ups. One of
them offered these really great emoticons and
cool smileys for email. Once again it was easy.
I was presented with a lengthy EULA – to long
to read so I just clicked OK. I am so excited to
send emails to my friends with these smileys.
 What really happened? That long EULA
mentioned that by installing the smiley’s she
was also installing some software that would
continue to pop-up ads and track her spending.
DoIT Breakfast Bytes – Creighton University
Jane’s Diary - Wednesday
I was checking out my favorite sites and an ad
popped up about an important security
upgrade. I thought, I better do that. You can’t
be safe enough these days.
 What really happened? Jane just installed a
keylogger. Keylogger spyware can capture
user names, passwords, and PIN information
from her machine or online forms, and then
use this information later online. Security
checks and updates should come only from
Creighton tools or safe and trusted sites.
DoIT Breakfast Bytes – Creighton University
Jane’s Diary – Thursday
I found an on-line service that will “kick-back”
some of the money I spend to my favorite
charity. This really helps to raise funds and it
is so easy. It seems that my machine is
running slower, but that’s ok. I’m raising
money for charity.
 What really happened? Jane’s PC is now
tracking her activity and spending habits. The
behavior driven software re-directs her to
sites that are similar to her past actions. Data
is also sold to other marketers.
DoIT Breakfast Bytes – Creighton University
Jane’s Diary - Friday
A friend told me how I can get all the music I want
for free through a P2P (Peer to Peer)
application. I seem to get pop-ups more
frequently and the computer seems slower but
maybe this new software doesn’t work as fast
as others.
 What really happened? Jane just downloaded a
nasty Trojan horse through this music file
share. She completes her academic research
project which the hacker grabs and posts on a
website, along with Jane’s credit card numbers
which will be brokered.
DoIT Breakfast Bytes – Creighton University
Jane’s Diary – Monday
My PC is so slow! I’ve
only had it for one
week. Pop-ups plague
my internet research. I
tried to use Google to
see if I could resolve
my PC problems. My
PC kept redirecting me
some-where else. I
can’t get anything
done. I am so
frustrated. I called the
Service Desk and they
are sending someone.
DoIT Breakfast Bytes – Creighton University
Service Visit
 The Service Technician inspects the
situation and shares the news:
Your computer is infested with
Adware and Spyware
While working on the
problems Dick explains
the situation to Jane.
DoIT Breakfast Bytes – Creighton University
Dick’s Advice - Adware
 More and more users are being lured in
with free offers.
 Nothing is truly free and these lures come
with hidden costs.
 The user subsidizes the cost by
receiving pop-up advertisements while
they surf.
 This doesn't make it "spyware" as some
might label it, but it is annoying adware.
DoIT Breakfast Bytes – Creighton University
Dick’s Advice - EULA
 Most of these companies state their
practices in their EULA, but most user's
don't take the time to read.
 When you don’t read the EULA, you may
be agreeing to really NASTY terms.
 Ultimately users must decide if a free
service, software or offer is worth being
bombarded with pop-up ads every time
they surf the Internet or having their name
sold to other marketing firms.
DoIT Breakfast Bytes – Creighton University
Dick’s Advice - Spyware
 Spyware is any program designed to collect
information about you and your web
practices.
 Many people are unaware that their
computers are infected with Spyware
agents.
 Spyware changes your machine settings
and files and does not care.
 Malware is like spyware but it has malicious
intent.
DoIT Breakfast Bytes – Creighton University
Spyware Added Via Other Programs
 Take a look at
Kazaa’s Web Site
 Review
Grokster’s
Download
 Check out the
EULA for
AST/CPR
DoIT Breakfast Bytes – Creighton University
Watch What You Click
Clicking on pop-ups is
an open invitation.
You have not won
anything, no matter
how much it flashes.
Also avoid punching
the monkey, taking
quizzes in pop-ups
and any banner that
doesn't tell you who
posted it.
DoIT Breakfast Bytes – Creighton University
Spyware Installation Methods
 Opening spam email (even by
viewing it!).
 Visiting a website.
 Clicking a pop-up window.
 Download "free" utilities, games,
toolbars, media players, etc.
 Using a file-sharing service (e.g.,
Kazaa, BearShare, Grokster).
DoIT Breakfast Bytes – Creighton University
Dick’s Advice - Symptoms of Spyware
 Home and search page eviction.
 Snail syndrome (slowdown).
 Fishy or excessive pop-ups.
 E-mail errata.
 New—and unexpected—favorites.
 Stroke-by-stroke surveillance
(behavior tracking).
DoIT Breakfast Bytes – Creighton University
Growing Problem
 Lack of regulation.
 More-complex Internet security
issues.
 Lack of user awareness.
 Greatest threat to personal identity
and University productivity.
Yet, it is easily preventable.
DoIT Breakfast Bytes – Creighton University
Dick’s Advice – Prevention Tips
 Pop Up and Banner Ad Blockers only
mask symptoms.

Additional warning -- these can cause
trouble with some web-based applications
(Banner).
 Always run antivirus software.
 Watch out for cookies.
 Do not open spam email.
 Do not run as an Administrator.
DoIT Breakfast Bytes – Creighton University
Dick’s Advice – Prevention Tips
 Read the end-user license agreement
(EULA) carefully.
 Avoid peer-to-peer file sharing
services.
 Firewalls help prevent hackers and
other intruders.
 Protect yourself against drive-by
downloads with strong Browser
settings.
DoIT Breakfast Bytes – Creighton University
Technical Solutions
 At Home
 Ad-Aware
SE Personal
 Spybot Search & Destroy
 At Creighton
 Call the DoIT Service Desk x1111
or your own IT personnel
DoIT Breakfast Bytes – Creighton University
Questions ?
For questions after this session,
contact our Service Desk at 280-1111.