digit digital
play

Digit Digital al Se Security y Training Topics Covered Week 5 - PowerPoint PPT Presentation

Be Best Practices A digital training brought to you by RSAT Security in partnership with Supreme Technologies Group. Digit Digital al Se Security y Training Topics Covered Week 5 Week 1 Social Media Introduction to Information Security


  1. Be Best Practices A digital training brought to you by RSAT Security in partnership with Supreme Technologies Group. Digit Digital al Se Security y Training

  2. Topics Covered Week 5 Week 1 Social Media Introduction to Information Security Week 6 Week 2 Responsible Organizations Use of Information Email Security Week 3 Week 7 Data Leakage & How to prevent it Mobile Devices Week 4 Week 8 Responsible Use of the Internet – Clean Desk Principle Protecting your identity

  3. WEEK #6 Email Security

  4. Ema Email Secur urity ty Topics Covered: • Spoofing • 2 Factor Authentication

  5. Em Email Sec ecurity - Sp Spoofing What is Email Spoofing? Email spoofing is the fabrication of an email header in the hopes of duping the recipient into thinking the email originated from someone or somewhere other than the intended source.

  6. Em Email Sec ecurity - Sp Spoofing How does email spoofing work? Email spoofing is possible because the Simple Mail Transfer Protocol (SMTP) does not provide a mechanism for address authentication. Although email address authentication protocols and mechanisms have been developed to combat email spoofing, adoption of those mechanisms has been slow.

  7. Em Email Sec ecurity - Sp Spoofing Email spoofing is NOT email hacking! A hacked email account means that the cyber criminal has ACTUALLY gain control over your email account. These types of hacks are extremely rare because spoofing is a much easier method of attack.

  8. Em Email Sec ecurity - Sp Spoofing Why would someone spoof my email address?

  9. Em Email Sec ecurity - Sp Spoofing Why would someone spoof my email address? 1) Hiding the sender’s true identity - If this is the only goal, it can be achieved more easily by registering anonymous mail addresses. 2) Avoiding spam blacklists - If a sender is spamming, they are bound to be blacklisted quickly. A simple solution to this problem is to switch email addresses.

  10. Em Email Sec ecurity - Sp Spoofing Why would someone spoof my email address? 3) Identity theft – Sending messages in your name can be used to extract information about you from friends or institutions that you have accounts with. 4) Character attack - Tarnishing the image of the assumed sender, a character attack that places the so-called sender in a bad light.

  11. Em Email Sec ecurity - Sp Spoofing Why would someone spoof my email address? 5) Avoiding spam blacklists - If a sender is spamming, they are bound to be blacklisted quickly. A simple solution to this problem is to switch email addresses.

  12. How to pr prevent spo spoofing ng

  13. Em Email Sec ecurity - Sp Spoofing How to prevent spoofing. To prevent or minimize the chance of becoming a victim of email spoofing, it is important to keep anti-malware & operating system (i.e. Windows) software up to date, and to be wary of tactics used in social engineering. These topics have been covered in our previous trainings.

  14. Em Email Sec ecurity - Sp Spoofing What is 2 factor authentication? 2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide another piece of information.

  15. Em Email Sec ecurity - Sp Spoofing What is 2 factor authentication? This second factor could come from one of the following categories: • Something you know: This could be a personal identification number (PIN), a password, answers to “secret questions” or a specific keystroke pattern. • Something you have: Typically, a user would have something in their possession, like a credit card, a smartphone, or a small hardware token. • Something you are: This category is a little more advanced, and might include biometric pattern of a fingerprint, an iris scan, or a voice print.

  16. Em Email Sec ecurity - Sp Spoofing What is 2 factor authentication? Google found that an SMS code sent to a recovery phone number helped block 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks.

  17. Em Email Sec ecurity - Sp Spoofing

  18. How to ena nabl ble 2 2 fact ctor r aut uthe hentication n for r your ur email acc ccoun unt

  19. How to enable 2 factor authentication – Gmail

  20. How to enable 2 factor authentication – Gmail

  21. How to enable 2 factor authentication – Office 365

  22. How to enable 2 factor authentication – Office 365

  23. Em Email Sec ecurity – Ad Advance Support If you are an organization with a internet domain (i.e. voteordie.org), and you are very concerned about email security, then you should schedule an offline Casey Foundation sponsored consultation with RSAT Security. There are more advance technical methods to add security to your email system at the domain level.

  24. Time for Q&A

  25. For additional support for your organization, please email us at rsatinfo@rsatsecurity.com rsatinfo@rsatsecurity.com (212) 634-7276 est. 702 www.rsatsecurity.com

Recommend


More recommend