Viruses Phishing Spyware and other threats

1
Viruses Phishing Spywareand other threats

• Your identityYour money
• What you need to know to protect yourself online

Phishing Animation http//www.ftc.gov/phishing
2
Has this happened to you?

• Email undeliverable notices ? for email you
  never sent?
• Requests to confirm account numbers, PINs,
  Passwords?
• Microsoft emails containing updates or
  fixes
• Messages signed administrator_at_ccsf.edu or The
  ccsf.edu support team

3
Email undeliverable

• Mail from your email address sent to people all
  over the world
• Causes
• Mining Gathers email addresses on computers with
  you on their address lists
• Spoofing Spammers use your email address to
  disguise their messages

4
What well cover

• SPAM General term for bad stuff that happens
  through email
• Harvesting your address
• Viruses
• Phishing Email scams and fake requests for your
  real confidential info
• Spyware Spam places programs that steal your
  logins and passwords Keyloggers Rootkits
• Protecting children

5
What we wont cover
but should think about

• Other dangers
• Thieves capturing data as it travels over the
  wires (or wireless)
• External threats
• Compromised data repositories (Companies stolen
  laptops hacked servers)
• Your stolen laptopAn example a California
  schoolhttp//www.msnbc.msn.com/id/5905423/

6
SPAM
Trading Aert Premium Petroleum, Inc. symbol 
xxx currently trading at around 0.02, we expect a 
big jump in the price in the next week up around .
10 Act fast on this one!  With projections that oi
lsands production will grow from 1 mil to more th
an 5mil barrels per day over the next 25 years, th
e air, land, and water of Alberta's northeastern b
oreal forest is at risk of severe environmental de
gradation," said the Pembina Institute
Now is the time to pick up some of Premium Petrol
eum, Inc.

• Unsolicited email
• Ads
• Fake offers / appeals
• Chain letters
• Jokes to circulate
• News
• Entertainment
• Attachments to open

7
Spam as of total email

• January 2006 ? 67

8
Spam as of CCSF email
(Estimated)
80 (average) of all email entering CCSF
9
Spam protection at CCSF

• Barracuda
• Filters out 80 of mail before it reaches your
  GroupWise mail box
• Spam email summary arrives each day
• Check to make sure that no real messages are
  being stopped as Spam
• Click link at bottom of message to manage
• Whitelist available Always allow these addresses
• Blacklist Always block
• Barracuda info to print http//www.ccsf.edu/tlc/p
  df/barracuda_spam_filter.pdf

10
Evil SPAM Address harvesting

• Offers to good to be true
• To get your email address Confirmed addresses ?
  Money!
• Fake Delete me from this list links

11
Evil SPAM Scams

• Example Contribute 2,000 to help transfer
  Nigerian money ? Receive 2,000,000 in return
• Other common scam tactics (from the secret
  service)
• Disbursement of money from wills
• Contract fraud (C.O.D. of goods or services)
• Purchase of real estate
• Conversion of hard currency
• Transfer of funds from over invoiced contracts
• Sale of crude oil at below market prices
• Called 4.1.9 frauds after the fraud section of
  the Nigerian penal code

12
Viruses

• Attachments with viruses Can be
• Destructive of your data
• Keyloggers Lurk in the background and capture
  your keystrokes
• Rootkits Evade detection by loading before
  other programs

13
Virus example.
Fake craigslist msg w virus in attachment From
administration_at_craigslist.org To
johnkerry_at_whitehouse.gov Subject Important
notify about your e-mail account. Hello user of
Craigslist.org e-mail server, Your e-mail account
will be disabled because of improper using in
next three days, if you are still wishing to use
it, please, resign your account information. Pay
attention on attached file. For security reasons
attached file is password protected. The password
is "13545". Cheers, The Craigslist.org team
March 2004
14
Virus Tips

• Avoid opening attachments if not expecting them
• Keep your Operating system updated
• Install an anti-virus program
• Update your anti-virus program regularly
• Be extra suspicious of attachments Beware
  Nonsense names

Names ending with.zip .scr .pif .exe .vbs
.com Double suffixes name.gif.exe
15
Virus links

• Virus guide (explanations in plain language that
  you can understand)http//www.worldstart.com/guid
  es/virus1.htm
• Security centers for ISPs and email providers
  Yahoo, Gmail, Hotmail, EarthLink

16
Phishing

• Attempts to gather confidential information
• Credit card s
• PINs
• Account s
• Passwords
• May use original sites graphics
• Return addresses/links mimic originals

Since August 2003, most major banks in the USA,
the UK and Australia have been hit with phishing
attacks
17
CCSFs policy.

• Our policy statement
• CCSF PERSONNEL WILL NEVER SEND OUT A MESSAGE
  ASKING FOR ACCOUNT INFORMATION OR INSTRUCTING
  USERS TO OPEN AN ATTACHMENT THAT RELATES TO THEIR
  ACCOUNT THAT IS NOT PERSONALLY SIGNED BY A
  SYSTEMS ADMIN
• (i.e., with a name such as Shirley Barger, Anne
  Morris, Doug Re, whomever). "Virtually yours,"
  "The CCSF Team", "CCSF Administrators" and such
  AIN'T our STYLE, and will never be.

18
Confirm account numbers

• Phishing for confidential information
• ATM Pin
• Account logins and passwords
• Social Security
• Growing fraud phenomenon
• Spam for
• Siphoning money
• Identity Theft

19
Unsophisticated Phishing
20
Sophisticated Phishing
21
Legit page with security
22
Legit page indicators

• Security indicators
• https instead of http at start of URL Web address
• Lock icon inside address box
• Lock icon at bottom right of status bar

23
FYI Vishing

• Leverages Voice over Internet Protocol (VoIP)
  technology
• Uses automated phone messages
• Tricks people into revealing private personal and
  financial information
• Is made possible by new computerized phone
  equipment

24
The Vishing process

• The criminal autodials phone numbers
• Automated recording Your credit card has had
  fraudulent activity
• Tells them to call a phone number immediately
• Could be an toll free number
• Often with a spoofed caller ID for the real
  financial company
• That number instructs the consumer to enter their
  16-digit credit card number
• The visher can use this number
• To place fraudulent charges on the consumer's
  card
• To harvest additional details such as security
  PIN, expiry date, date of birth, bank account
  number, etc.

25
Spyware

• Programs installed secretly on your computer as
  you browse the Internet
• Purpose
• Pop up ads
• Capture info about browsing habits
• Keyloggers Forward your keystrokes as you enter
  passwords/credit card s

26
Dealing with Spyware Windows

• Combat actively (free programs)
• Windows Defenderhttp//www.microsoft.com/athome/s
  ecurity/default.mspx
• Spybot Search and Destroy (www.safer-networking.o
  rg)
• Ad-Aware (www.lavasoft.com)
• Fee-based (buy and subscribe to updates)
• Spy Sweeper (www.webroot.com)

27
Dealing with Spyware Mac

• Apples Security pages http//www.apple.com/macos
  x/features/security/
• OS X programs (25 - 30)
• Internet Cleanup
• Same company as Stuffit
• http//www.allume.com/mac/cleanup/
• MacScan http//macscan.securemac.com/

28
Dont contribute to Spam

• Use the BC email field for groups
• BC Field hides addresses
• May help get msgs to Yahoo, Hotmail recipients
• Helps prevent address capture by spammers

29
Dont look like Spam

• Dont get your messages flagged by Spam-stopping
  programs
• Make your email Subject lines count
• Avoid uninformative subjects Not Info
• Instead CNIT 3/22 meeting minutes
• Dont use suspicious Subjects
• Hi!
• Pix
• Re
• Dont leave subjects blank

30
Protecting your Children

• Education!
• Tips for keeping your child safe online
  http//www.helpwithpcs.com/internet/child-interne
  t-safety.htm
• Supervision
• News and links on kids and Internet safety
  http//www.safekids.com
• Software.
• Info and suggestions?Apple-specific
  softwarehttp//www.thexlab.com/faqs/internetsafe
  tychild.html
• On kids and computer games http//www.microsoft.c
  om/athome/security/children/gamingonline.mspx

31
Tips for kids

• Adapted from http//www.blogsafety.com/teentips.ht
  m
• Be anonymous
• Avoid postings that could enable a stranger to
  locate you your last name, your school, sports
  teams, town, hangouts.
• Protect your info
• If you can, allow only people you know and trust.
  If you don't use privacy anyone can see your
  info, including people with bad intentions.
• Avoid in-person meetings
• Don't get together with someone you "meet" online
  unless you are certain of their actual identity.
  If you do meet the person, arrange to meeting in
  a public place and bring friends along.
• Photos
• Think before posting. Avoid posting photos that
  allow people to identify you, especially sexually
  suggestive images.
• Before uploading a photo, think about how you'd
  feel if it were seen by a parent/grandparent,
  college admissions counselor, or future employer.

32
Spam Resources

• Your own ISP for Spam info
• Webopedias help http//www.pcwebopedia.com/quick
  _ref/SpamGuide.asp
• Suze Orman on financial scams http//biz.yahoo.co
  m/pfg/e15credible/index.html
• http//www.spam.com/
• Paypals pages on Security, Identity theft,
  (http//www.paypal.com ?Security Center link)
• Paypals great Spoof tutorial

33
Identity Theft Resources

• Paypals pages on Security, Identity theft,
  (http//www.paypal.com ?Security Center link)
• Paypals great Spoof tutorial https//www.paypal.
  com/cgi-bin/webscr?cmdxpt/cps/general/SpoofMails-
  outside
• The federal governments official info site
  http//www.consumer.gov/idtheft/
• Federal Trade Commission ID Theft booklet
  http//www.ftc.gov/bcp/conline/pubs/credit/idtheft
  .htm

34
More Information

• About Key logging (programs that capture
  passwords as you type) http//www.pcworld.com/how
  to/article/0,aid,123397,00.asp
• US Gov pages http//www.cybercrime.gov/
• Info on downloads loaded with spyware
  http//www.stopbadware.com/
• Government page on security for kids with info,
  games, links.http//www.kids.gov/k_computer.htm

35
Further info

• Intro Information about spyware, with links to
  (Windows) protection toolshttp//www.pcstats.com
  /articleview.cfm?articleid1458
• Microsofts Security center for home
  usershttp//www.microsoft.com/athome/security/de
  fault.mspx
• Detailed (techie) advice on securing your
  browsers http//www.cert.org/tech_tips/securing_b
  rowser/