Don t Click That Link and other security tips Laura Perry Jennifer Speegle Mike Trice
About Us Laura Perry Information Security Jennifer Speegle Firewall Administrator Mike Trice Network Engineer
Mail vs. Email vs. URL Mail address: Laura Perry Alabama Supercomputer Center 686 Discovery Drive Huntsville, AL 35806 Email address: lperry@asc.edu URL (Uniform Resource Locator): http://www.asc.edu/
What does it mean? lperry who? @ - at asc which organization?.edu which domain? Common Domains.com,.edu,.org,.gov,.mil
International Domains.ca,.uk,.au (Canada, United Kingdom, Australia).ru Russia.br Brazil.kg Kyrgyzstan.cn China.ua Ukraine.fi Finland.lv Latvia.nl - Netherlands Unless you are specifically expecting email from someone you know who lives in one of these countries, be very suspicious of anything from any of these domains.
Where.ru? Why does this matter??? Do you check return addresses on regular mail? Do you check return addresses on email? What s the real URL?
Go Phish Bad guys camouflage their phishing as the sort of messages we expect to receive Look for slight irregularities in wording, spelling or the appearance of images Don t click on the links! If you think the warning is genuine, either call the service provider or type the provider URL yourself
Stinky Phish A warning that your email account will be disabled if you don t respond. An email or text from a loved one saying they need money urgently. Someone you never met wants you to deposit their money in your account. You just won a prize for something you didn t enter. Here is a receipt for something you didn t buy. The receipt may not be a document but a program that will install a virus on your computer.
Note When the you From hover address: over the timk@vazda.com hyperlink, the actual is URL probably doesn t match NOT your the text system that you administrator see.
When you hover over the Accept Who button, is Chasity the actual Jeffers URL is and volunteeryouthministry.com why is she sending and invitation NOT LinkedIn! for Gregory Rice?
Celine.Karich@duluth.k12.mn.us is NOT your system administrator! http://lojadopolicial.com.br is not your email administration system! Remember what I said about the.br domain? Beware!
Uh oh! This one actually came from a valid email address in your school system. Now what? This could be bad Most spam blockers will trust Google docs. If you click on this and enter the requested info, your account will immediately start sending spam emails.
Your Friend Got Hacked It has your friend s name, but that s not the right email address. See the.nl? Beware!
Your Bank Transfer Failed This looks legitimate at first glance, but the wording is just a little off Wait this link doesn t add up. Why is there a dropbox.com link inside a google.com link?
Please See My Resume I got the email below asking about internships, but when I tried to view the resume got errors about macros in the document. I told it to open with macros disabled, but it wouldn t display anything.
What s the Big Deal? Identity theft you just gave someone your login id and password! Hacker sends phishing email from your account to your contacts Hacker can look for other account credentials in your email Bank account compromise Malware installed on your computer: APT Advanced Persistent Threat software installed on your computer without your knowledge Key logging see everything you type Web site redirection send you to malicious site even if you type a good URL
Is My PC Infected? Common signs of malware on your computer: Undelivered email notifications in your inbox to unknown email addresses. Bots will frequently use email accounts to send out spam. Spam to unknown email addresses will result in a failure to deliver notification in your inbox. You see pop-up windows even when not using a web browser. You are unable to download or install antivirus software or updates.
More Signs of Infection Multiple toolbars on your web browser. Bots will frequently install various toolbars to help collect search information from your web browser. Malware search toolbar can direct you to malicious sites. Unusual error messages. Error messages that say applications cannot run or drives cannot be accessed can be indications of a bot infection. Your computer is busy even when not in use.
Know Your System Do you know what Antivirus (AV) product is loaded on your system? We have all seen the pop-ups saying our system is infected and to click here to load/protect our system. By knowing the AV product loaded on your system you will be able to tell if this is a false pop-up attempting to get you to install malware. Most of these products are loaded with spyware, adware, viruses, or trojans.
Know the Policy Check with your Tech Coordinator to find out your school system s policy on cleaning compromised systems. Depending on the policy or level of infection you may or may not be able to recover items from an infected system. Based on this and your system s backup strategies you may need to implement a personal backup strategy to safeguard your files.
More Policy Issues Should you use your personal laptop on the school network? What are the implications if you introduce malware onto the school network? Should you use your work laptop at home? Do you copy files between home and work computers using a USB drive? What if the USB drive contains malware?
Beware of Imposters Avoid tech support phone scams: Microsoft will NEVER call you! NEVER give your user name or password to anyone who calls you. If you suspect something is wrong with your computer, call your System Administrator or Help Desk. Avoid credit card warning scams Your credit card provider MAY call you to report suspicious activity. NEVER give your credit card number, expiration, CVV or pin number to anyone who calls you! To be safe, hang up and call your bank or call the customer support number printed on your card.
Is Your Password Safe Do you use a strong P@$$w0rd? Many places recommend a password that is 8 characters long containing 2 uppers, 2 lowers, 2 numbers, and 2 special characters. Think of your password like the lock on your front door. You want to make it difficult for the bad guys to get through that door.
Worst Passwords 123456 password 12345678 qwerty abc123 123456789 111111 1234567 iloveyou adobe123 123123 admin 1234567890 Bama#1 Saban Roll Tide! Aubie War Eagle! letmein photoshop 1234 monkey shadow sunshine 12345 password1 princess azerty trustno1 000000 Information from: http://splashdata.com/press/worstpasswords2013.htm
Password Tips Depending on your school system s password policy you can use one of these examples to easily come up with a complex password you can remember: Turn a sentence into a password: This little piggy went to market might become "tlpwent2m" Use a password you can change regularly (but still remember easily) such as #Jun$Cmh2015 Use a random password generator
More Password Tips If you do write down your password, place it in a secure locked location. A post-it note under your keyboard is not secure! Use an online password management tool. Use different passwords for different sites. If one password is compromised your other accounts won t be affected. A longer password is a stronger password. Each additional character may add an exponential amount of time for cracking especially if you avoid common words or patterns.
Password Manager
Wi-Fi Concerns Where are you? At the local coffee shop on their wireless network On travel on the hotel wireless At home on your wireless network On the school public wireless network Are you sure the network you are connecting to is trusted? Ask a worker for the name of the provided Wi-Fi network What sites are you going to, and what data is available if your account gets hacked?
When to Use Encryption Virtual Private Networks (VPNs) Upside: Secure access to remote resources Downside: You are now on the remote network Sometimes not all traffic is encrypted when using a VPN. Ask your technology coordinator or network administrator
Is Your VPN Client Connected? When using a VPN client look for the VPN icon and hover over it to get a status.
Is Your Connection Secure? When surfing the web, look for the address bar. in the
Why Can t I Get to xyz.com?!? Did you get a block page? This is a content filter message, not a firewall issue. Talk to your network administrator and tell them that you got a block page Getting the block page is not the same as not getting a response from the server.
How Did Little Johnny Get to that Site? Little Johnny is using: Web proxy to access sites that are normally blocked Remote access to his home computer Cell phone hotspot Images from: http://www.wikihow.com/bypass-a-firewall-or-internet-filter#
Web Proxies Very difficult to block web proxies because they are constantly changing Alert your network administrator Very easy for kids to setup at home or find on the internet Just search for "free online proxies"
Why Can t I Access My Home Computer From School? This is most likely a firewall issue. Check your IT policy Ask your local system/network administrator Firewalls either block or deny traffic. Connections that work sporadically are not likely a firewall issue, but more likely a server issue.
Home Wi-Fi Change your administrator password and login name if possible Enable encryption WEP is old and easily hacked WPA2 is newer and better Change/disable broadcast of your SSID (Wi-Fi network name) Use MAC address filtering to allow only known devices to connect to your network
What have we learned? Know your system Know your school s policies Know your school s IT staff Use good passwords Never use default passwords Don t send secret information over Wi-Fi networks without using VPN and the most important lesson