Surfing Safely Security for the Masses Kevin W

Surfing Safely: Security for the Masses Kevin W. Wall, CISSP kwwall@acm. org http: //www. wideopenwest. com/~kwwall/pr esentations/security/safe-surfing. ppt Copyright © – Kevin W. Wall – Some Rights Reserved. This work is licensed under the Creative Commons® Attribution-Non. Commercial-Share. Alike 2. 5 License. To view a copy of this license, visit http: //creativecommons. org/licenses/by-nc-sa/2. 5/

Overview • • • What this talk is and is not Some security statistics Fundamental security tips Basic security ideas Fighting common problems – – Combating identity theft Worms and viruses Spyware / adware Common Internet scams

What This Talk Is… and Is Not • What it is… – – An attempt to give back to the community Make my job easier by having a smarter populace Focuses on Windows (specifically XP Home) Focuses on common problems • What it is not… – An endorsement of particular products – An attempt to sell services or consulting – An offer to fix your computer (that’s why the others are here ; -) – Comprehensive

Some Security Statistics • One in four people see at least one scam e-mail a month (usually phishing). • 23% of Americans affected by online identity theft. • 70% of consumers thought fraudulent e-mails they received from legitimate company. • 80% PCs lack up-to-date anti-virus, spyware protection, or firewall. • Most people surveyed believed their PCs were safe online. • 4 minutes: Average amount of time a default install, unpatched Windows XP SP 1 system lasted on the Internet before being compromised.

Fundamental Security Tips • Jeff Richards’ Laws of Data Security: 1. Don’t buy a computer 2. If you buy a computer, don’t turn it on. • To which Matt Bishop added: 3. If you’ve already turned on your computer, don’t connect it to the Internet. • Kevin Wall’s Corollary: 4. If you do connect to the Internet, use nothing faster than a 300 baud modem, as this will slow down the rate your PC is infected with viruses, worms, and spyware.

Fundamental Security Tips (The Real Ones) 1. 2. Regularly back up your PC. Enable auto-updates. • 3. 4. 5. Minimally for Windows, your anti-virus software, your antispyware software, and your browser. Login using “limited” account normal work. Install and configure a firewall. Install and configure anti-virus and anti-spyware software so they are always active. 6. If possible, switch to less “targeted” software. 7. Don’t surf to “seedy” sites. 8. Don’t open unexpected e-mail attachments. 9. Secure your Wi. Fi connections at home. 10. Pick strong passwords and use software to manage them.

Strong Passwords: An Example: TLhdgt 4 u, &wafwj. Mnemonic: The LORD has done great things for us, and we are filled with joy. (Psalm 126: 3 NIV) Technique: Use first letter of each word, include punctuation, change some words to digits or symbols. (Shameless plug) more techniques and examples at: http: //www. wideopenwest. com/~kwwall/presentatio ns/security/good-passwords. html

Basic Security Ideas Security is about: • Managing risk • Ensuring trust

Avoiding Identity Theft: Phishing, Pharming, and other Phunny Sounding Security Words • Phishing • Pharming • Miscellaneous phiendishly clever spam scams • Tips for avoiding

Phishing Definition: Phishing is a form of Internet fraud whereby a criminal attempts to trick a victim into accepting a false identity presented by the criminal in order to trick the victim into providing them with valuable confidential information. Typical bait: A phony e-mail Typical hook: A phony web site that captures your password, SSN, credit card information, etc.

Identity Theft: Avoiding • Order your free credit report yearly. Call 1877 -322 -8228 or visit: http: //www. annualcreditreport. com/ • Regularly check your credit card / bank statements for unauthorized spending.

Pharming • Definition: An attack that redirects the user to a phony web site by “poisoning” the local Domain Name System (DNS) server(s). • Typical victim: User using the Internet via an open Wi. Fi hotspot. • Security issue: Allows attacker to use a “man-in-the-middle” attack to capture everything you send to the phony web site.

Defeating Pharmers • If you need to do something that you are not willing to have everyone see, then use a virtual private network (VPN). – That includes e-mail, web surfing, IM, watching podcasts, etc. What software tool is used is irrelevant. • Otherwise, do not enter that type of information while accessing the Internet via a Wi. Fi hotspot. • Change default router password on your home router to avoid “drive-by” pharming.

Identity Theft: Avoiding • Remove your name from the marketing lists of the three credit reporting bureaus, to limit pre-approved offers for credit or insurance. Those offers contain sensitive information that can be retrieved by identity thieves. Call toll-free 1 -888 -567 -8688 or go to https: //www. optoutprescreen. com/

Identity Theft: Avoiding • Reduce the number of credit cards you actively use. – Carry only one or two of them in your wallet. – Consider canceling unused accounts. – Use temporary cards online. • Never give out your Social Security number, credit card number or other personal information over the phone, by mail or on the Internet unless you initiated the call and have a trusted business relationship with the company.

Identity Theft: Avoiding • Always take your credit card receipts with you and shred them whenever possible. • Keep all security patches of your operating system and applications up-to-date. – Use automated updates if supported. • Install a separate firewall at your router. – Many decent, cheap router / firewall combinations. – Be sure to disable remote access. – Keep anti-virus and spyware protection up-todate and run regularly.

Signs of Malware Infection 1. Browser homepage changed 2. Extra toolbars installed on browser that you didn’t install 3. Firewall keeps warning you of programs attempt to connect to the Internet 4. Firewall or AV software keeps getting disabled 5. Your PC becomes inexplicably slow at times when you aren’t really doing anything on it 6. Excessive pop-up windows that continually pop-up and you can’t close while surfing the web 7. Your PC takes much longer in booting than it used to. 8. You get a lot of e-mail “bounces” addressed to people you don’t know or a substantial increase in spam.

Two Common Internet Scams • 419 (a. k. a. , “Nigerian”) scam • Fake stock broker forecasting stock scam Wk # # left 1 4, 000, 0 00 7 62, 500 2 2, 000, 0 00 8 31, 250 3 1, 000, 0 00 9 15, 625 4 500, 000 10 7812 5 250, 000 11 3906 6 125, 000 12 1953

Avoiding Common Internet Scams • Remember what your parent’s taught you: “If it sounds too good to be true, then it probably is. ” • Beware of general fraud indicators: – – – Promise you money, jobs or prizes Ask for donations Propose lucrative business deals Ask you to provide sensitive personal information Ask you to follow a link to a website and log on to an account. • Two good sites: – http: //www. hoax-slayer. com/common-internet-scams. html – http: //www. fbi. gov/majcases/fraud/internetschemes. htm

Useful References • Qwest’s Incredible Internet site; in particular, http: //www. incredibleinternet. com/index. php? do= protect_your_identity • David Wheeler’s “Securing Microsoft Windows (for Home and Small Business Users)”, http: //www. dwheeler. com/essays/securingwindows. html • Internet Scambusters: http: //www. scambusters. org/