Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click your mouse to advance slides Social Engineering • Also known.
Download ReportTranscript Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click your mouse to advance slides Social Engineering • Also known.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click your mouse to advance slides Social Engineering • Also known as pretexting • Feeds on human behavior – How people interact – Tells you that you are trustworthy – Are you to willing to please • Uses false pretense to get personal information Protect Yourself and Your Job Never feel obligated to pass along sensitive information Ask pertinent questions about the person making requests: Correct name and spelling Who is the person/company representing Employee number Ask for account number request is being made Ask if you can verify any information Phishing It is using email to get you to click on links and making personal information available to scammers/hackers. • Sends email to make you think you have a problem with your personal accounts • Wants you to open email and click on links that take you to fake websites where your personal information is captured for them to access your accounts Protect Your Personal Information • Hover over email sender in the Inbox and view true address in the status bar • Many of them will have country codes other than US (United States of America) • Their only purpose is to get into your accounts • Never respond/verify by email • Always call o/website or go to the financial institution • Report the phishing scam Identity Theft acquires access to: • Name • Address • Social Security number • Account numbers • Driver’s license • Birthday steals portable storage: •Laptop •Flash drive •Cell phone •PDA •Ipad Protect Your Identity Learn how to set passwords Use Passwords that will not be easy for theft Use biometric security, fingerprint scan, if possible (newer devices) What is… • Spam • Spyware • Virus • Trojan horse • Worms • Rootkits • Buffer overflow • Spoofing • Botnets and zombies Spam • Unsolicited commercial email and schemes – Prescriptions, insurance, adult sites, etc. • Steal/acquire addresses from – Websites, Internet mailing lists, newsgroups, etc. Spyware • Unsuspectingly collects computer user information without consent • Software that runs along with a legitimate program • Surveillance software that tracks keystrokes, screen capture, chat loggers, etc – Used for spying: spouses, worried parents, government, private detectives • Adware that tracks your surfing habits-this is not illegal – Legitimate Adware will disclose nature of data collected – Involves privacy issues; User has no control Spyware on my computer? • Windows desktop is very slow booting • Computer is slower when browsing Internet • Clicking on links gets unexpected results – Nothing, different website, etc • Home page changes, unable to reset it • Web sites automatically added to bookmarks/favorites list Virus (like human flu) • Program or code loaded onto computer without permission and knowledge • Attaches itself to code on your computer and replicates itself when a file is launched or executed • Then attaches itself to other files and spreads throughout computer Various Viruses… • Boot sector-puts virus into the first section of hard disk so the virus is loaded into the memory when computer is booted up • Program-infects executable program files: .exe, .com, .sys, etc • Multipartite-uses multiple techniques such as boot sector and program at the same time • Polymorphic-changes each time it is used, avoiding detection • Macro-is inserted to a Microsoft Office document and emailed to the unsuspecting user • Triggered by clicking, opening, booting Trojan Horse • Like the historic Trojan Horse, it appears to be legitimate software - enemy hiding inside – Games, videos, screen saver, file sharing etc. • When opened the destructive code is loosed onto the computer Worms • Takes advantage of holes in security in applications and operating systems • Automatically replicates itself-needs no triggers by computer user • Looks for network or Internet connection so it can move to another system Rootkits • It hides the tracks of intruders so antivirus software cannot detect them • Can incorporate itself with other malicious code to take complete control of a system • Usually do not replicate themselves Buffer Overflow • Too much data that is sent to the memory buffer that is causes it to go beyond its fixed boundary • Results is overwriting data in adjacent memory locations • Can result from vulnerabilities or flaws in software • Causes service disruption and lost data • Currently no way to check and stop the requests Spoofing • Program or person pretending to be something or someone they are not to send false information • Data appears to be coming from somewhere other than its original place • Makes modifications in addresses, IP headers or other source of information • Often works with phishing Botnets and their Zombies • Bot - like a robot - remotely controlled by IM (Instant Messaging) or IRC (Internet Relay Chat) • Performs automated tasks • Botnet is a group of bots that run automatically • Goal is to take over as many systems as possible • Zombies - assembled botnets of individual compromised computer that are remotely controlled • Look on the Internet for more hosts to infect • Launch DDoS (distributed denial of service) attacks • Can shut down a server