Web Security Tips Li-Chiou Chen & Mary Long Pace University September 1 st, 2010.
13
Web Security Tips Li-Chiou Chen & Mary Long Pace University September 1 st , 2010
-
Upload
kelly-pearson -
Category
Documents
-
view
218 -
download
2
Transcript of Web Security Tips Li-Chiou Chen & Mary Long Pace University September 1 st, 2010.
Web Security Tips
Li-Chiou Chen & Mary Long
Pace University
September 1st, 2010
Acknowledgement
The authors acknowledge the support of the Verizon Foundation in partnership with Pace University through its Thinkfinity Initiative.
2© Li-Chiou Chen & Mary Long, Pace University
What do you do online?
Browsing sites Blogging Social networking Email Online shopping Online banking Managing photos Managing calendars …….
3© Li-Chiou Chen & Mary Long, Pace University
Common Threats Intrusion
Accessing a computer without permission Malware
Programs that are designed to harm your computer Spyware
Software that sends information from your computer to a third party without your consent
4© Li-Chiou Chen & Mary Long, Pace University
Common Threats (2)
Site Hijacking Misrepresenting a web site by stealing and
manipulating its content
Phishing Using fake Web sites to trick you into giving away
personal information
© Li-Chiou Chen & Mary Long, Pace University 5
DoD video on Phishing
http://iase.disa.mil/eta/phishing/Phishing/launchPage.htm
© Li-Chiou Chen & Mary Long, Pace University 6
How to determine if a web site is legitimate
Make sure that the web address is correct Google it or type it yourself Do not click on links in emails
Use HTTPS encryption for sensitive information Verify the site using the security padlock Use browser security features
Firefox has more default security settings than IE Pay attention to browser warnings
© Li-Chiou Chen & Mary Long, Pace University 7
Look at web address to determine if it is a legitimate site
8
“https” refers to the content is encrypted www.citicards.com is the domain name (or site name)
© Li-Chiou Chen & Mary Long, Pace University
Examples of fake web addresses
http://www.citicards.com.chilli.net
http://129.20.1.2/www.citicards.com/
http://paybill.center.net/citicards/
© Li-Chiou Chen & Mary Long, Pace University 9
Examine the security padlock to verify the site
10
Alternative ways of showing the security Padlock
© Li-Chiou Chen & Mary Long, Pace University
You need to double click the padlock to verify it
11
This verifies that www.citicards.com is owned by Citigroup Inc.
VeriSign, Inc. verifies this information
This indicates that the content is encrypted
© Li-Chiou Chen & Mary Long, Pace University
User login only authenticate usersIt cannot tell users if the site is legitimate or not
© Li-Chiou Chen & Mary Long, Pace University 12
References
My Secure Cyber Space https://www.mysecurecyberspace.com/
13© Li-Chiou Chen & Mary Long, Pace University
