Threaths and risks
-
Upload
hhsome -
Category
Technology
-
view
240 -
download
1
description
Transcript of Threaths and risks
![Page 1: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/1.jpg)
Threaths and Risksin Social Media
![Page 2: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/2.jpg)
Basics• Social media and social networking is all about communicating and
sharing information with people
• Once the information is registered to a page it is no longer private
• The personal information can be used to conduct attacks against both the user and the users associates
• The more one post the more vulnerable one become
• The information posted is NOT only used in the social media
• Attacks that uses the shared information but does NOT come by way of the social networking sites: baiting, click-jacking, cross-site scripting, doxing, elicitaion, pharming, phreaking, scams, spoofing and phishing
![Page 3: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/3.jpg)
Baiting• Through a USB drive (or other electronic media) preloaded with
malware, worms etc. attacking when using the device
• Prevent by ensuring the origin of the device is safe
![Page 4: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/4.jpg)
Click-jacking• Secret hyperlinks under legitimate links which causes when clicked
unknowningly performed actions eg. downloading malware or sharing ID:s
• Disable scripting and iframes, maximize the security options
![Page 5: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/5.jpg)
Cross-site scripting• Malicious codes injected to trusted websites
• Turn off ”HTTP TRACE” support
![Page 6: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/6.jpg)
Doxing• Public release of personal indentifying information (including pictures)
• Be careful with what to share
![Page 7: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/7.jpg)
Elicitation• Strategical use of conversation extracting information without giving
the victim the feeling of interrogation
• Be aware of the tactics the social engineers use
![Page 8: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/8.jpg)
Pharming• Redirecting users from safe sites to extract personal data (eg.
mimicking bank sites)
• Type websites instead of clicking on links, look out for URL:s that use variations in spelling or domain names
![Page 9: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/9.jpg)
Phreaking• Gaining unauthorized access to telecommunication systems
• Do not provide secure phone numbers providing access to a Private Branch Exchange or through the Public Branch Exchange to the public phone network
![Page 10: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/10.jpg)
Scams• Fake deals that trick people into providing eg. money in exchange for
the deal
• Sounds too good to be true? Popular events and news are often used as bait to open infected emails, visit infected websites, or donate money to bogus charities
![Page 11: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/11.jpg)
Spoofing• Hiding or faking user identitys
• Know the co-workers, clients etc. of a business or the family and friends on the other hand
![Page 12: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/12.jpg)
Phishing• Usually emails that looks like originated from a legitimate
organization/person and contains links or files with malware etc.
• Do not open or click on attachments or links if not 100% sure of its safe
![Page 13: Threaths and risks](https://reader036.fdocuments.us/reader036/viewer/2022082501/5455a373af7959d2368b7dd4/html5/thumbnails/13.jpg)
Sources• http://www.fbi.gov/about-us/investigate/counterintelligence/internet-
social-networking-risks