Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Transcript of Cyber-Safety Basics
Have you received e-mails that seem to be from your bank, asking for your information? Have you ever accidentally downloaded a computer virus? What can you do if something like this happens to you? Safe Internet Behavior 101 Password Safety E-mail Safety Your Money Online Banking Shopping Social Networking Mobile Safety Your Mobile Device
WiFi Safe Internet Behavior Part 2
Cell Phones Identity Theft -- Response According to Consumer Reports' "State of the Net Survey 2010," "a projected 1.7 million online households [have] experienced online identity theft in the past year." (Tapellini, 2010). Approximately 16 million US households have had serious problems with viruses in the past two years. 1.8 million of these households had to replace an infected computer. (Consumer Reports, 2010) Approximately 5.4 million people gave personal information to e-mail scammers. One million households lost money due to these scams. (Consumer Reports, 2010) (Tapellini, 2010) According to Wired Magazine, the top 20 myspace passwords of 2006 were: password1, abc123, myspace1, password, blink182, qwerty1, f***you (without the stars), 123abc, baseball1, football1, 123456, soccer, monkey1, liverpool1, princess1, jordan23, slipknot1, superman1, iloveyou1 and monkey. (Schneier, 2006) A 'safe' password is a random string of numbers, letters and symbols that is at least 10 characters long. Choose a sentence -- "I like bread and butter."
Take the first letter of each word -- ILBAB
Substitute numbers and symbols -- 1Lb@B
Add numbers and symbols -- 421Lb@B#22 But wait, I'll never remember that!
1. Write down passwords and keep them somewhere safe: Inside old books
A hatbox in the back of the closet
Basically, anywhere a thief is unlikely to look
2. Use password management software: KeePass
Macs -- keychain
DO NOT use a password manager unless it is encrypted
and requires its own password to open! There's more to password safety than passwords. For maximum security, create your user name and secret questions using the same process you use to generate a safe password. The human factor
Passwords are supposed to be secret, so don't share them with others.
Don't let your browser remember your passwords.
Sign off of a password account, instead of just closing the window.
Clear browser history if you are on a public computer.
Use more than one password
According to a study in 2007: "the average web user was found to maintain 25 separate password accounts, with just 6.5 passwords.”(Bonneau & Preibusch, 2010) Don't assume a site is "safe" because it asks you to create a password. It still may share your information with others. Phishing
First, a quiz (courtesy of sonicwall.com). Are these e-mails real, or phished? Protect Yourself Don't send any sensitive information via e-mail.
Be wary of unexpected e-mails or phone calls.
Check the URL-- if the website is misspelled, or uses a different domain than you're used to (.com instead of .org, for example), it may be faked.
Update your browser and enable anti-phishing software.
When in doubt, verify the e-mail independently! If you think you have been phished: Contact any financial institution that may have been compromised.
Change the passwords to your online accounts.
File a complaint at ftc.gov.
Forward an e-mail you believe to be a phishing attempt to email@example.com. How visible is your e-mail address? If you receive spam: Do not open it.
Do not reply to it.
Do not click on any links inside the message. Preventing spam Exercise caution when posting or giving out your e-mail address.
Get a "throwaway" e-mail. Don't be afraid to cut and run! An ounce of prevention: Don't open e-mail attachments from people you don't know!
Don't click on links in an e-mail from an unknown source! Security Software Safe Downloading ONLY download from trustworthy websites! Good sites to download software:
tucows.com Peer to Peer (P2P) Filesharing “On February 26, 2009, the "Today" show broadcast a segment on inadvertent P2P file sharing, reporting that Social Security numbers, more than 150,000 tax returns, 25,800 student loan applications, and nearly 626,000 credit reports were easily accessible on a P2P network.” (Sandoval, 2009) Dartmouth researchers “discovered thousands of documents containing sensitive patient information on popular peer-to-peer (P2P) networks” just this year. (Vijayan, 2010) Make sure your security software is active and up to date.
Back up any information you don't want to lose.
Install carefully -- check defaults!
Close the connection, not just the window. Some P2P networks remain connected even when the Internet window is closed.
If your computer has multiple users, limit their access by creating separate password accounts.
Talk to your kids about the risks of P2P networks. They may be using them without your knowledge.
Anti-spyware Look for software that: Can detect both known and unknown viruses and spyware in real time.
Has a low false positive rate.
Has been reviewed in established publications and/or tested by independent labs. Do not take the word of the product’s website or ads! consumerreports.org
pcmag.com and pcworld.com
macworld.com and maclife.com
There's more to security than software. Practice safe Internet behavior.
Consider changing your operating system or browser. Mac and Linux computers are less prone to virus attacks than PC's. Internet Explorer 6 is very vulnerable to threats.
Before you share: While sharing: Good sources for software reviews: Special Circumstances Do: Don't: Practice password safety. Remember that password safety section? Check your privacy settings. http://www.wiredsafety.org/fbprivacy/index.htm
Follow this link for a tutorial on Facebook privacy settings. Supervise your children. Don't accept friend requests from strangers. What do these photos have in common? Don't tag your child in photos, or allow others to do so.
Don't upload photos of others without their permission.
Don't over-expose (or allow your teen to do so).
Don't post photos of yourself doing something embarrassing! Be polite! Don't post something that you would not say in front of a prospective employer. A survey in 2008 found that over 1 in 5 employers use social networking sites to screen applicants. One third of those employers said the information they found caused them to reject a potential employee. (Havenstein, 2008) The Robin Sage Experiment:
Provide Security created a fake profile, using the name "Robin Sage."
With this profile, they friended more than 300 professionals in sensitive fields such as the DoD and NSA.
Robin's new friends revealed classified information -- including troop movements -- to a total stranger. Fabrizio, 2010 If someone else posts a photo of you that you don't like, untag the photo. You can also report the poster to your social media provider. Tynan, 2008 Before you buy: Vet the site. Check for seals of approval.
Check the site's rating on bbb.org.
http: vs https: -- an "https:" at the beginning of a URL means your data is encrypted. Any page that involves entering passwords or personal information should use "https:" Use a credit card, not a debit card. Make sure the site protects your information. http://www2.fdic.gov/idasp/main_bankfind.asp Check the domain: .org, .com, .net
Is the URL misspelled? Exercise caution when you give out your mobile phone number.
Don't reply to texts from strangers.
If you receive spam texts, block the sender. Don't take pictures of others without permission.
Be very careful when sending others photos of yourself -- talk to your teen about this! You may want to learn text lingo if you have a child who texts. Try these resources.
http://www.lingo2word.com/search_dictionary.php Treat your device like a big pile of cash. Lock your device when not in use. If possible, do not store sensitive info on a mobile device. If you must store sensitive data on a laptop, use Whole Disk Encryption like PGP or TrueCrypt.
If a mobile device containing sensitive information is stolen: http://www.ftc.gov/bcp/edu/microsites/idtheft/ Peter Kaminsky d70focus Dan Strange
Before you go online: Activate your firewall.
Deactivate "ad hoc" or "peer to peer" mode on your wireless card. (Control Panel --> Network Connections)
Make sure your laptop isn't configured to attempt to connect with any wireless network in range.
Does the network require a password to access? Password-protected networks are somewhat more secure. Don't connect to a wireless network you don't know! Try not to perform sensitive operations over a public wireless network. If you go offline, remove your wireless card. If you must, use a Virtual Private Network:
http://www.ftc.gov/bcp/edu/microsites/idtheft/ 1. Review your credit reports, and place a fraud alert. You can do this at www.annualcreditreport.com
2. Close any accounts you believe have been tampered with or opened fraudulently. 3. File a complaint with the Federal Trade Commission. (ftc.gov) 4. File a police report. http://www.justice.gov/criminal/fraud/websites/idtheft.html
www.idtheftcenter.org -- 1 -888-400-5530
Michigan ID Theft Hotline -- (877) 644-3843
Document everything! twenty_questions
laffy4k (Consumer Reports, 2010) Bibliography Bonneau, J. and Preibusch, S. “The Password Thicket: Technical and market failures in human authentication on the web.” Ninth Workshop on the Economics of Information Security, June 7-8, 2010.
Consumer Reports. “7 Things to Stop Doing Now on Facebook.” ConsumerReports.org, June 2010.
- - . “State of the Net 2010.” ConsumerReports.org, June 2010.
Fabrizio, E. “The Dangers of Friending Strangers: The Robin Sage Experiment.” science.dodlive.mil, July 21, 2010.
GHavenstein, H. “One in Five Employers Use Social Networks in Hiring Process.” Computerworld.com, Sept. 12, 2008.
Sandoval, G. “Congress to Probe P2P Sites Over 'Inadvertent Sharing'.” CNet News, April 21, 2009.
Schneier, B. “Real World Passwords.” Schneier on Security, Dec. 14, 2006.
Tapellini, D. “Consumer Reports Survey: Social network users post risky information.” ConsumerReports.org, May 4, 2010.
Tynan, D. “Say Cheese: 12 Photos That Never Should Have Been Posted Online.” PCWorld, Sept. 15, 2008.
Vijayan, J. “P2P Networks a Treasure Trove of Leaked Healthcare Data, Study Finds.” Computerworld.com, May 17, 2010.
Here's one method to make a safe password: Not taped to the side of your computer! A phisher tries to trick you into giving them your personal information yourself. This is a
phishing e-mail. Phishing e-mail. Real e-mail. Google your e-mail address. If it appears in a Google search, your address is too visible. And now, another common e-mail problem: Use one e-mail address for high-risk activites like signing up for newsletters and posting on forums, and another for personal communication.
Your throwaway address will attract any spam, leaving your personal address free. A P2P network shares data stored on personal computers over the Internet. P2P networks are popular because of the abundant information -- including movies and music -- that users can access for free. It's safer to avoid P2P networks, but if you must, take these precautions. Seen this before?
Don't believe pop up virus warnings. They are attempts to get you to download a real virus onto your computer.
If one appears, close the Internet window -- clicking anywhere inside the box could activate the virus. Every piece of software on your computer is an avenue that can be used to hack your system. Don't install software that you don't use.
Update your security software, your operating system, and your browser.
Follow this link for a slideshow on social media safety for teens. Don't say that you going on vacation.
This is a good way to check if an online bank is a real bank, not a scam. If you have a camera phone: Don't leave it unattended.
Don't draw too much attention to it in public. Lock it physically - consider a laptop lock.
Lock the screen so it can't be used without a password. Further Resources: