290 likes | 376 Views
Internet Fraud. Can you be safe on the Internet? Bob Samson. The Disclaimer.
E N D
Internet Fraud Can you be safe on the Internet? Bob Samson
The Disclaimer Marriott Vacation Club International (MVCI) disclaims liability for any personal injury, property, or other damages of any nature whatsoever, whether special, indirect, consequential, or compensatory, directly or indirectly resulting from the publication, use of, or reliance on this course material. In issuing and making this course available, MVCI is not undertaking to render professional or other services for or on behalf of any person or entity. Nor is MVCI undertaking to perform any duty owed by any person or entity to someone else. Anyone using this course material should rely on his or her own independent judgment or, as appropriate, seek the advice of a competent professional in determining the exercise of reasonable care in any given circumstance.
What will be covered today • What is really happening on the Internet today? • Five areas causing most of the problems • Some good habits • Some necessary habits • Wrap up Internet
The state of affairs today We are at war!
Your Greatest Threats! <<< From the Inside From the Outside >>>
The Internet War Machines • From the Inside: • Accidental downloading of malware • Falling for email con artists • Purchasing dangerous products • Giving away your data • From the Outside: • Viruses, worms, Trojan software • Key Stroke Logging • Bogus email extensions • Web bugs, cookies, pixel tags
Meet the enemy – It’s You • Do you: • Sign up for free software? • Browse unscrupulous websites? • Open email attachments with dangerous extensions? • Join YouTube, mySpace, Zanga, Bebo, or Facebook? • Use Free Email services like Gmail, Hotmail or Yahoo? • Fall for a phish? • Want to get rich quick? • Respond to surveys? • Enter contests? • Every day, people just give away their personal information.
What exactly is going wrong? • Trickery and slight of hand • Misrepresentation • Greed • Outright theft • Aggregation of data
5 problem areas you need to watch • Know your Computer is Safe • Know how to spot a Phish • Know your URLs • Know your EmailExtensions • Know that you are followed wherever you Browse the Internet
Is your computer safe? • Building fences and walls • Firewalls and routers • Looking for the breaches • Virus scanning • Spyware and Rootkits • Key Stroke loggers • Locking your doors and windows • Wireless Networks • Keeping up with the criminals • Updating of Application Software
What’s a deadly Phish? It is not the Lion Fish
BAD! What do you think? Good or bad? Example “three” of a phish Spaces are not permitted
So how do you catch a phish? • No legitimate business ever asks for Personal Information via email (no exceptions) • A clue: a threatening or urgent message with concern for your security • Never call a phone number in the email to verify its authenticity • Never click on a link within an email and enter personal information • Never think you are smart enough to figure out if the email is real • Never trust a website linked via an email
Too good to be true? Let’s look at a few examples: • Check fraud and Nigerian Scams • Lotteries (that you did not play in) • Watch what you buy You Win!
Watch what you buy • Cheap drugs • Internet Auction sites • Know your https: • Sell your soul for a bottle cap
Time to learn something This is the “address” bar It displays a URL Universal Resource Locator
Can you find the URL scams? • https://web-ao-da-us.citibank.com/cgi-bin/ • http://online.da.us.citibank.com.businesssupport.ru/ • http://www.kolemsveta.oz/www.citibank.com/index.php • https://onlineservices.wachovia.com/ • http://ww3.nationalgeographic.com/ • http://secure-signin.ebay.com.ttps.us/ • http://www.latam.citibank.com/uruguay/ • http://24.130.75.227/mymbna/mbna/login/ First, find the real web site URL (Universal Resource Locator)
Know your forward slashes • https://web-ao-da-us.citibank.com/cgi-bin/ • http://online.da.us.citibank.com.businesssupport.ru/ • http://www.kolemsveta.oz/www.citibank.com/index.php • https://onlineservices.wachovia.com/ • http://ww3.nationalgeographic.com/ • http://secure-signin.ebay.com.ttps.us/ • http://www.latam.citibank.com/uruguay/ • http://24.130.75.227/mymbna/mbna/login/ Tip: Look for the first “/” after the http:// or https:// OK Scam Scam OK OK Scam OK Scam
What about email attachments? • Can you spot a safe attachment? • .ade, .adp, .bas, .bat, .chm, .cmd, .com, .cpl, .crt, .exe, .hlp, .hta, .inf, .ins, .isp, .js, .jse, .lnk, .mdb, .mde, .msc, .msi, .msp, .mst, .pcd, .pif, .reg, .scr, .sct, .shb, .shs, .url, .vb, .vbe, .vbs, .wsc, .wsf, .wsh, .app, .fxp, .prg, .mdw, .mdt, .ops, .ksh, .csh, .ceo, .cnf, .htm, .html, .mad, .maf, .mag, .mam, .maq, .mar, .mas, .mat, .mav, .maw, .mht, .mhtml, .scf, .uls, .xnk • What about .doc, .pdf, .zip • Or .bmp, .jpg, .tif • One of the latest cyber crime techniques is the use of videos to install malware (malicious software) and/or Trojans just by watching the video Deadly Could Be Deadly Usually Safe
How data thefts occur • Malicious software (malware) is placed on your computer via an email attachment, deceptive website, freeware • Your logins or passwords are captured, your Outlook Address Book is stolen • Your on-line bank accounts are raided • Messages are sent under your name to those in your address book • Besides email, beware of eCards • Your friends/contacts are compromised and the cycle continues • Computers, yours as well as your friends, are under the control of criminals (zombies sending more phishing attacks to others)
Your browser is a tattletale • Cookies • Search Engines • Aggregators • Free email • How web sites track you
Some good habits for kids • Children • Keep the computer in a public space • Disable administrator rights • Monitor Social Networks • Disable the feature in email that allows attachments
Some good habits for adults • Adults • Be very, very, very, very careful with email • Use a virus scan program • Update your software programs per manufacture's recommended schedules • Never respond to any email solicitation with the entry of passwords, credit cards or other sensitive personal information (never) • Think twice about online services such as banking, bill paying or investment management services • Stay off of untrustworthy websites • Don’t use free software, shareware or browser add-ons
Some necessary habits for everyone • Use strong passwords • Change passwords (every 3 months) • Think about encryption • Back up regularly
So are you worried? • You should be! • Cyber crime is very real today, a multi-billion dollar industry • Cyber crime can destroy a person’s reputation, it can destroy a nation’s infrastructure • The new currency of crime is DATA! • So what should you do? • Knowledge should be your first weapon of choice