Post on 27-Jan-2015
description
©2
00
9 C
arn
eg
ie M
ello
n U
niv
ers
ity :
1
Staying Safe OnlineiTeams 2013
Jason Hong
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
2
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
3
What do you do here?
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
4
How to Tell It’s a Fake?
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
5
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
6
URLs tell you what web site you are really on
• Let’s say we want to know if we are at Wombank.com
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
7
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
8
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
9
How to Tell It’s a Fake?
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
10
Fake or not?
• http://ellsped.org/.google-docs.com/docs/• http://facebook-info.ucoz.pl/Facedook-bde/• https://www.facebook.com/• http://www3.nationalgeographic.com• http://www.skype7.com/it• http://192.232.251.34/~cdslocal/paypal.com
Takeaway 1: Learn where URLs are in the browser and how to read them
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
11
When in Doubt, Don’t Click!Search for it online
Takeaway 2: Use search engines to look up information if not sure
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
12Scammers can’t fake this part
Takeaway 3: Scammers can put anything in the browser content areaTakeaway 4: It’s easy to create fake web sites
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
13
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
14
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
15Takeaway 5: Be suspicious of any site
that asks you for too much info, especially your password
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
16
Who is Attacking, and Why?
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
17
Who is Attacking, and Why?
• Mainly computer hackers, all around the world (some organized crime)
• Reason is mainly money– Spread spam on Facebook– Trick you into sending money• “Stuck in London scam”
– Trick your friends into installing malware
Takeaway 6: Anyone can be a target
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
18
Malware
• General term for “malicious software”– Viruses, worms, adware
• Attack other computers• Attack your friends• Steal your parents’ bank accounts• Steal your virtual goods– Ex. World of Warcraft and other MMORPGs
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
19
Looks legitimate, but it’s not! This is known as Fake Anti-Virus. Don’t click it!
Just close the window.
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
20
Other Examples of Fake AV
Takeaway 7: Never install software you weren’t expecting to install
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
21
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
22
This is fake. Don’t ever install software this way. Go to Adobe’s site and update.
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
23
Another Example of Fake Software
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
24
Fake. Never install software you weren’t expecting. Also, look
at the URL
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
25
Also fake, look at the URL. Also, all web browsers auto-update now.
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
26
Summary
• Being online can be fun, but there are also a lot of bad people out there– Want you to click on things– Want you to give them your password– Want you to install malware
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
27
You can protect yourself with basic precautions1. Learn how to read URLs2. Use search engines when in doubt3. Scammers can put anything in the
browser content area4. It’s easy to create fake web sites5. Be suspicious of any site that asks you for
too much info, especially your password6. Anyone can be a target7. Never install software you weren’t
expecting to install
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
28
More Information
• Cybersecurity for young adults
https://www.mysecurecyberspace.com/
– Good passwords– Password reuse (don’t reuse passwords!)– Cyberbullying– Safe social networking
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
29
More Information Commercially
• Products for training people about cybersecurity
http://wombatsecurity.com/ (Note: I’m a co-founder of Wombat)
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
30
Extra backup slides
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
31
Most Common Passwords(These are bad passwords)
©2
01
3 C
arn
eg
ie M
ello
n U
niv
ers
ity :
32