Using Your Safely to Protect Personal/Sensitive Data & to Prevent Security Attacks

Similar documents
Quick Heal Exchange Protection 4.0

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

BE SAFE ONLINE: Lesson Plan

General Security Best Practices

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Recognizing Spam. IT Computer Technical Support Newsletter

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Malware & Botnets. Botnets

Phishing Scams Security Update Best Practices for General User

PC Security and Maintenance

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Advice about online security

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Cyber Security. Securing Your Mobile and Online Banking Transactions

European developer & provider ensuring data protection User console: Simile Fingerprint Filter Policies and content filtering rules

Don t Fall Victim to Cybercrime:

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Managing Junk Mail. About the Junk Mail Filter

Get Started Guide - PC Tools Internet Security

Protecting your business from fraud

Phoenix Information Technology Services. Julio Cardenas

OIG Fraud Alert Phishing

Countermeasures against Bots

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

Network Security. Demo: Web browser

How to stay safe online

Internet basics 2.3 Protecting your computer

Your Guide to Security

Anti-Phishing Best Practices for ISPs and Mailbox Providers

SonicWALL Security Quick Start Guide. Version 4.6

Protect Yourself. Who is asking? What information are they asking for? Why do they need it?

Best Practices Guide to Electronic Banking

PORTLANDDIOCESE.ORG - How to Connect Table of Contents

Using Voltage Secur

Barracuda Security Service User Guide

What's the difference between spyware and a virus? What is Scareware?

Learn to protect yourself from Identity Theft. First National Bank can help.

ModusMail Software Instructions.

Dealing with Spam. February 16, Marc Berger SRJC Information Technology. Tuesday, April 10, 12

Guidelines for Account Management and Effective Usage

ESET SMART SECURITY 6

More Details About Your Spam Digest & Dashboard

NATIONAL CYBER SECURITY AWARENESS MONTH

Security Awareness. ITS Security Training. Fall 2015

Protect yourself online

INSTANT MESSAGING SECURITY

& INTERNET FRAUD

OKPAY guides. Security Guide

Customer Education to Combat Scams and Fraud

Basic Security Considerations for and Web Browsing

Spam Management. Manage your FOPE Spam Quarantine

DON T BE FOOLED BY SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam FREE GUIDE. December 2014 Oliver James Enterprise

PORTLANDDIOCESE.ORG - How to Connect Table of Contents

FILTERING FAQ

Corporate Account Takeover & Information Security Awareness. Customer Training

F-Secure Internet Security 2012

Contents. McAfee Internet Security 3

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

About the Junk Filter

Software. Webroot. Spy Sweeper. User Guide. for. Webroot Software, Inc. PO Box Boulder, CO Version 6.

How to Manage Spam and Junk

Barracuda Spam Firewall

Practical tips for a. Safe Christmas

Sophos for Microsoft SharePoint startup guide

Corporate Account Takeover & Information Security Awareness

Deutsche Bank db easynet. Secure method of use of the db easynet e-banking system

FAKE ANTIVIRUS MALWARE This information has come from - a very useful resource if you are having computer issues.

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

Network Security and the Small Business

TIPS IN PREVENTING INFORMATION LEAKAGE

Overview An Evolution. Improving Trust, Confidence & Safety working together to fight the beast. Microsoft's online safety strategy

MySpam filtering service Protection against spam, viruses and phishing attacks

Why you need. McAfee. Multi Acess PARTNER SERVICES

BULLGUARD SPAMFILTER

Microsoft Outlook 2010 contains a Junk Filter designed to reduce unwanted messages in your

Payment Fraud and Risk Management

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015

Online Security Information. Tips for staying safe online

Business ebanking Fraud Prevention Best Practices

Avira Managed Security AMES FAQ.

Information leakage from PC by P2P file-sharing application, Phishing and Spy ware

Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May TrustInAds.org. Keeping people safe from bad online ads

Outlook Web App OWA Quick Guide. Getting you up to speed quickly.

Simplicity Value Documentation 3.5/5 5/5 4.5/5 Functionality Performance Overall 4/5 4.5/5 86%

How To Install & Use Metascan With Policy Patrol

Secure Recipient Guide

Countermeasures against Computer Viruses

anomaly, thus reported to our central servers.

Instructions for Secure Cisco Registered Envelope Service (CRES)

School Mail System. - Access through Office 365 Exchange Online. User Guide FOR. Education Bureau (EDB)

Printed Documentation

10 Quick Tips to Mobile Security

Using Windows Update for Windows XP

F-Secure Anti-Virus for Mac 2015

Click Home > Junk > Not Junk.

Laura Royer, Extension Faculty, University of Florida/IFAS Osceola County Extension Services

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

ESET NOD32 Antivirus 4 for Linux Desktop. Quick Start Guide

Protect your personal data while engaging in IT related activities

Transcription:

Using Your Email Safely to Protect Personal/Sensitive Data & to Prevent Security Attacks Communication and Collaboration with Office 365 Workshop Series #4

Agenda Email Attacks Protect Personal / Sensitive Data in Staff Email System

Email Attacks Spam/Junk Mail

What is SPAM?

Best Practices to Avoid Receiving Spam Don t publish your work or your primary email address on any web site or discussion forum. Have a separate email address for signing up for newsletters and posting online, etc., then if the mailbox starts receiving lots of unwanted mail, it can be deleted or more aggressively filtered.

Email Attacks Spam/Junk Mail Virus

What is Virus? A computer virus is a program which can replicate itself and then spread from one computer to another. Sometimes, malware, adware and spyware are called viruses, although they cannot replicate themselves. Instead, they can exploit the security of the computer as well as computers within their network. Viruses can harm a computer s data or performance.

Best Practices in Preventing Virus Infection Install anti-virus software and make sure that it is up-to-date. Enable your firewall as this will prevent unwanted PC access from the internet. Regularly update software installed in your computer. Otherwise, malicious users may exploit these software bugs to attack your computers. Do not open emails from unknown senders as they may have attachments that are infected with viruses.

Email Attacks Spam/Junk Mail Virus Phishing/Spoofing Mail

What is Phishing Mail? Phishing refers to the malicious attack method which imitates legitimate companies in sending emails to entice people to share their passwords, credit card number or other sensitive personal information. Phishing emails will almost always tell you to click on a link that will take you to a website where your personal information will be requested.

Example of Phishing Mail

Example of Phishing Mail

Best Practices Protect yourself from Phishing Emails We will NEVER ask for your password over email. Registered financial institutions such as banks normally WILL NOT request users to confirm or update their password or any personal information by clicking on a link and visiting their web sites. Be suspicious of emails with urgent request for personal information. Never give out personal information upon email request.

Best Practices Protect yourself from Phishing Emails (Con t) Don t open unexpected email attachments or instant messaging download links. Enable anti-phishing features of web browser. Inspect the web address carefully. Don t trust links in an email. An email that appears to be from PayPal could direct you to a fraudulent website such as http://www.2paypal.com or http://www.gotyouscammed.com/paypal/login.htm Look for https:// and a lock icon in the address bar before entering any private information on the website.

Responded to Phishing Emails?

Responded to Phishing Emails? If you have ever responded to a phishing e-mail or submitted your NetID/NetPassword to a phishing web site, change your NetPassword IMMEDIATELY. Call IT Help Centre at 2766 5900 to clean your computer.

Email Attacks Spam/Junk Mail Virus Phishing/Spoofing Mail Zero day attack (e.g. Ransomware)

What is Ransomware? Spreading via spam or phishing emails carrying malicious file attachments. Once infected, victims' files become encrypted, which is currently unbreakable, and they receive a message saying they need to pay a ransom (e.g., bitcoin) to get their files back.

Example of Ransomware (e.g. Cerber)

Best Practices Protect yourself from Ransomware Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Do not enable it if in doubt. Please DO NOT open suspicious email attachment or URL link. Delete any suspicious-looking emails you receive, especially if they contain links or attachments. Regularly backup the files stored on your computer, and keep an offline copy of the backup. Always keep your security software up to date. Keep your operating system and other software updated.

Responded to Ransomware?

Unfortunately Infected Ransomware? You shall isolate the infected computer from the network and external storage immediately and do not open any file before clearing the malware. Call ITS Help Centre at 2766 5900 to clean your computer. Restore the backup

Email Security Enhancements Pilot Stage Two server side rules will be implemented. Then spoofing emails claiming to be from "@polyu.edu.hk" will be classified as spoofing and moved into Outlook Junk Mail folder.

Email Security Enhancements (Con t) Pilot Stage

Staff Email OWA

Staff Email OWA

Other Authentication Methods

Email Security Enhancements (Con t) Evaluation Stage Advanced Threat Protection (ATP) With Advanced Threat Protection, you can protect your mailboxes against new, sophisticated attacks in real time. By protecting against unsafe attachments and expanding protection against malicious links, it can provide better zero-day protection.

Protect Personal / Sensitive Data

Solution

Rights Management sharing application (RMS Sharing App) - Objectives Can protect single/multiple attachment. Can protect any type of attachment (office/non-office file types). Sender can track how people are using a protected document in the document tracking site. In case the message is accidentally attached an incorrect attachment, sender can revoke the assigned permission so that the recipient(s) cannot make access to it. Remarks: RMS Sharing Apps only protect email attachment. Sender is recommended to put sensitive data into attachment instead of email body.

How to Send Email with Protected Attachments

How to Send Email with Protected Attachments (Con t)

How to Send Email with Protected Attachments (Con t)

RMS Sharing Apps (Con t) Track and Revoke Documents Users can track how people are using a protected document in the document tracking site. If necessary, they can also revoke access to these documents when sharing is no longer needed by clicking Revoke access against a document.

RMS Sharing Apps (Con t) Track and Revoke Documents

Data Loss Prevention (DLP) Objectives Reduce the possibility of data leakage (sensitive data) through email communication by Data Loss Protection (DLP).

Data Loss Prevention (DLP) (Con t) Features and Benefits To detect whether the message content and/or the attachment (not encrypted by other method) containing some sensitive data. The detection is based on our defined pattern such as Hong Kong ID card number China Resident Identity Card (PRC) Number Credit Card number PolyU Student Number If PolyU Student Number is found, the sender will receive MailTips alerts. If other sensitive data is found, and the mail will be blocked and sender will receive a non-delivery report (NDR). Sender is recommended to put sensitive data into RMS protected attachment instead of email body.

Data Loss Prevention (DLP) (Con t)

What s Next?

Regular IT Training Workshop https://www.polyu.edu.hk/its

Q & As For particular issue, please contact IT HelpCentre at x5900.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information