1 / 75

TCEA Workshop 6898: Phishing for Worms – Why is my Computer so Slow?

TCEA Workshop 6898: Phishing for Worms – Why is my Computer so Slow?. A brief look at some annoying and sometimes dangerous creatures inhabiting cyberspace. William Ball, Technology Coordinator Holli Horton, Technology Trainer Calallen ISD Corpus Christi, TX.

opal
Download Presentation

TCEA Workshop 6898: Phishing for Worms – Why is my Computer so Slow?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TCEA Workshop 6898:Phishing for Worms – Why is my Computer so Slow? A brief look at some annoying and sometimes dangerous creatures inhabiting cyberspace William Ball, Technology Coordinator Holli Horton, Technology Trainer Calallen ISD Corpus Christi, TX

  2. How prevalent are viruses and things? More than two thirds of home users think they are safe from online threats.

  3. Viruses, worms, and Trojan Horses are malicious programs that can cause damage to your computer and information on your computer.

  4. With an ounce of prevention and some good common sense, you are less likely to fall victim to these threats.

  5. Be a Critical Thinker

  6. What is a virus? Virus (n.) Code written with the express intention of replicating itself. A virus attempts to spread from computer to computer by attaching itself to a host program. It may damage hardware, software, or information.

  7. What is a worm? Worm (n.) A subclass of virus. A worm generally spreads without user action and distributes complete copies (possibly modified) of itself across networks. A worm can consume memory or network bandwidth, thus causing a computer to stop responding.

  8. What is a Trojan Horse? Trojan Horse (n.) A computer program that appears to be useful but that actually does damage. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

  9. How do these spread? Many of the most dangerous viruses are primarily spread through e-mail

  10. Tip: Never open anything that is attached to an e-mail unless you were expecting the attachment and you know the exact contents of that file.

  11. Be a Critical Thinker

  12. Googling the phone number (703) 482-0623 gets: • Phonebook results for 703-482-0623: United States Government, Central Intelligence Agency, (703) 482-0623, Mc Lean, VA 22101 • This is not the CIA Office of Public Affairs in Washington, D.C., as the email reports.

  13. FBI Warns of Email Scam The Federal Bureau of Investigation issued an alert about a scam involving unsolicited e-mails, purportedly sent by the FBI, that tell computer users that their Internet surfing is being monitored by the agency. The users are told they have visited illegal Web sites and are instructed to open an attachment to answer questions, reports CNN. This email virus is a variant of the Sober Y worm which was originally discovered on November 16th, 2005. Like the previous variants, this one sends itself inside a ZIP archive as an attachment in e-mail messages with English or German texts. It should be noted that along with the "usual" messages that look like fake bounces, password change notification requests, Paris Hilton video ads and so on, the worm sends messages that look like they come from FBI or CIA. The From field of such messages contains any of the following: Department@fbi.gov (also can be Office@, Admin@, Mail@, Post@) Department@cia.gov (also can be Office@, Admin@, Mail@, Post@) The Subject field contains any of the following: You visit illegal websitesYour IP was logged The FBI is investigating the scam.

  14. The reason this email was successful was because: • It came from a perceived important or powerful person • Accused wrongdoing; plays on guilt • Gave an opportunity to right a wrong This is called…

  15. Social Engineering

  16. In the field of computer security, social engineering is the practice of obtaining confidential information by manipulation of legitimate users.

  17. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes. It is generally agreed upon that “users are the weak link” in security and this principle is what makes social engineering possible.

  18. Beware of messages that request password or credit card information in order to “set up their account” or “reactivate settings”.

  19. Do not divulge sensitive information, passwords or otherwise, to people claiming to be administrators.

  20. System administrators do not need to know your password to do any work on the servers.

  21. Social engineering works — in an Infosecurity survey, 90% of office workers gave away their password in exchange for a cheap pen!

  22. Be a Critical Thinker

  23. What is Phishing? Phishing (v.) is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.

  24. In 2005, phishing represented an average of one in every 304 emails, compared to one in every 943 in 2004.

  25. <font color="#000000" face="Arial"> <p>When signing on to Citibank Online, you or somebody else have made several login attempts and reached your daily attempt limit. As an additional security measure your access to Online Banking has been limited. This Web security measure does not affect your access to phone banking or ATM banking. </p> <p>Please verify your information <a href="http://200.189.70.90/citi">here</a>, before trying to sign on again. You will be able to attempt signing on to Citibank Online within twenty-four hours after you verify your information. (You do not have to change your Password at this time.)</p> <p>&nbsp;</p> <p><b>Citibank Online Customer Service</b></p> <br> </td>

  26. Dear valued customer We regret to inform you that your eBay account could be suspended if you don't re-update your account information. To resolve this problems please click here and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 3-4 days, after this period your account will be terminated.For the User Agreement, Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us.Due to the suspension of this account, please be advised you are prohibited from using eBay in any way. This includes the registering of a new account. Please note that this suspension does not relieve you of your agreed-upon obligation to pay any fees you may owe to eBay. Regards,Safeharbor Department eBay, Inc Dear valued customer

  27. <DIV style="width: 605; height: 224"><STRONG><FONT face=arial> We regret to inform you that your eBay account could be suspended if you don't re-update your account information. To resolve this problems please </FONT> <a target="_blank" a href="http://211.239.171.57/alfa/eBayISAPI.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid="><FONT face=arial color=#0000ff>click here</FONT></a></STRONG><FONT face=arial> and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 3-4 days, after this period your account will be terminated.

  28. The code disguises the real target of this link: href="http://wordart.co.jp/.online/co/login.php">https://service.capitalone.com/oas/login.do?objectclicked=LoginSplash</a></FONT></TD> href="http://wordart.co.jp/.online/co/login.php">https://service.capitalone.com/oas/login.do?objectclicked=LoginSplash</a></FONT></TD>

  29. Where is this taking you? Is this a secure site?

  30. Where is this taking you? Is this a secure site?

  31. How Not to Get Hooked by a Phishing Scam from the Federal Trade Commission

  32. Do not reply or click the link Legitimate companies don’t ask for account information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address.

  33. Don’t email personal or financial information Email is not a secure method of transmitting personal information. Period.

  34. Review credit card and bank statements as soon as you receive them Determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

  35. Use anti-virus software and keep it up to date Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.

  36. Be cautious about opening any attachment regardless of who sent them Have you heard this before?

  37. Report suspicious activity to the FTC If you get spam that is phishing for information, forward it to spam@uce.gov If you believe you’ve been scammed, file your complaint at www.ftc.gov.

  38. Be a Critical Thinker

  39. What is spyware? Spyware is Internet jargon for Advertising Supported software. It is a way for shareware authors to make money from a product, other than by selling it to the users.

  40. Spyware is any technology that aids in gathering information about a person or organization without their knowledge.

  41. Drive-by Download? A drive-by download is a program that is automatically downloaded to your computer, often without your consent or even your knowledge.

  42. Unlike a pop-up download, which asks for assent (albeit in a calculated manner likely to lead to a "yes"), a drive-by download is carried out invisibly to the user: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message.

  43. Why is it called spyware? While this may be a great concept, the downside is that the advertising companies also install additional tracking software on your system, which is continuously "calling home", using your Internet connection and reports statistical data to the "mothership".

  44. Is spyware illegal? Even though the name may indicate so, Spyware is not an illegal type of software in any way. However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product.

More Related