welcome
play

WELCOME Welcome to Security Awareness Month Hosted by the Office of - PowerPoint PPT Presentation

WELCOME Welcome to Security Awareness Month Hosted by the Office of Information Technology October 2018 1 What is Prevent, Plan, and Prepare National We live in a world that is more connected than ever before. The Internet touches Cyber


  1. WELCOME Welcome to Security Awareness Month Hosted by the Office of Information Technology October 2018 1

  2. What is Prevent, Plan, and Prepare National We live in a world that is more connected than ever before. The Internet touches Cyber almost all aspects of everyone’s daily life. Security National Cyber Security Awareness Month (NCSAM) is designed to raise awareness in all of us, about cyber Awareness security and increase the resiliency of the Nation in the event of a cyber incident. Month? Cyber security is critically important to us as a University with massive amounts of sensitive information to protect. And…cyber security is important anyone who uses a device that connects them to the internet. That might be your phone or your computer…but it also includes your bank, your medical provider, and the grocery store. 2

  3. Cyber Security Today’s Agenda Cybersecurity Awareness Month What is cyber security. Why is it important to you? About the Speaker and Topic Who is he and why do I care about this topic? PHISHING! This is not your normal Fishing trip! PASSWORDS How do I respond after infection? Continue the Discussion Where do I go from here? 3

  4. Let’s Go on a Phishing Trip This is not your normal Fishing Trip! Jeff Squibb Information Security Analyst 4

  5. About Me Job History A. Worked at SSM Health B. Worked at Olan Mills 5

  6. About Me Education A. Bachelor’s Degree in Information Systems Technology B. Master’s Degree in Instructional Technology 6

  7. Lets go on a Phishing Trip PHISHING This is not your normal Fishing Trip! 7

  8. Prevention Cyber Security Touches Everyone - and - • Do you have a device…any device? Response • A tablet, laptop, desktop? • Do you use a credit card? • Do you use an ATM? • Do you go to the doctor? • Do you use Wi-Fi? • Do you know or work with someone that has information of importance? 8

  9. Scams Computer / E-mail Scams • What is a scam? • Does it always come with a link? • How do I know if it is real or fake? Use Best Judgement! NEVER Click the Link 9

  10. What are Cybersecurity Touches Everyone Access to your machine: cyber • for your information • to reach other machines on your network criminals • within your email domain • For malicious mischief after? Access to your information: • to gain access to accounts • to manipulate your machine • to steal and reuse your information and identity • to hold your information for ransom Personal information includes: • SS number • Driver’s license info • Birth date • User names and passwords • Account numbers 10

  11. For Sale! 11

  12. Cybercrime Facts • Cybercrime has recently surpassed illegal drug trafficking as a criminal money- maker. • A personal identity is stolen once every 3.1 seconds as a result of cybercrime. • Nearly half of all cybercrimes are committed against small businesses. • In the month of August 2018, 215,000,000 records had been stolen. 12

  13. Lets Go Phishing 13

  14. Limit what you share online The less you share about yourself, the smaller the target you are for a phishing attack. Cybercriminals use information you post online to learn how to gain your trust. 14

  15. Protect your credentials No legitimate company or organization will ask for your username and password or other personal information via e-mail. • SIUC definitely won't. • Still not sure if the e-mail is a phish? Contact the SalukiTech Helpdesk. 15

  16. Attachments Beware of E-mail attachments are the most common vector for malicious software. • When you get a message with an attachment, delete it — unless you are expecting it and are absolutely certain it is legitimate. 16

  17. Confirm Identities Phishing messages can look official. • Cybercriminals steal organization and company identities, including logos and URLs that are close to the links they're trying to imitate. • There's nothing to stop them from impersonating schools, financial institutions, retailers, and a wide range of other service providers. 17

  18. Trust your instincts Do not reply using information in a suspicious message that claims to be from an agency or service provider. • Use your browser to manually locate the organization online. • Contact them via their website, e-mail, or telephone number. 18

  19. Check the sender Check the sender's e-mail address. • Any correspondence from an organization should come from an organizational e-mail address. • A notice from your college or the University is unlikely to come from [email protected]. 19

  20. Take your time If a message states that you must act immediately or lose access, do not comply. • Phishing attempts frequently threaten a loss of service unless you do something. • Cybercriminals want you to react without thinking; an urgent call to action makes you more likely to cooperate. 20

  21. suspicious messages Don't click links in If you don't trust the e-mail (or text message), don't trust the links in it either. • Beware of links that are hidden by URL shorteners or text like "Click Here." • They may link to a phishing site or a form designed to steal your username and password. 21

  22. E-mail attachments Do not open unexpected attachments! • Attachments are cybercriminals’ #1 choice for spreading malicious software… 22

  23. Hover to discover Avoid getting phished — no hook for you! • Mouse over links in e-mail to reveal their true URL. 23

  24. Trust your instincts Does that e-mail feel off? It probably is. • Contact the sender to confirm it's legit. 24

  25. Is it urgent? Cybercriminals want you to do what you're told, when you're told. • Slow down. • Think before you click. 25

  26. Manage social media carefully Posting personal info online creates bait for scams and #phishing. 26

  27. #Phishing is social engineering and it's Remember not just for e-mail! You can get phished by phone or text message. 27

  28. Passwords https://youtu.be/opRMrEfAIiI 28

  29. Passwords 39% of passwords are only 8 characters long and… …can be cracked in under 24 hours! 29

  30. Top 10 Survey Says! Passwords 2017 1. 123456 2. Password 3. 12345678 4. qwerty 5. 12345 6. 123456789 7. letmein 8. 1234567 9. football 10. iloveyou 30

  31. PASSWORD MANAGERS 31

  32. Password Manager 33

  33. • Be on the lookout for an emotional reaction Reminder from an e-mail message that attempts to convince the reader to take some sort of action • Free stuff! Click here! • Locked out of account unless you click here! • Bank failure! Click here! • You have/owe money! Click here or else! • Income tax return ready! Click here! • You are under investigation! Click here! • OMG is this you in this picture? Click here! • I can’t open this document, can you? Click here! • You are infected with viruses! Click here! 34

  34. Have I been pwned? So…What is pwned? https://haveibeenpwned.com/ 35

  35. Passwords https://www.youtube.com/watch?v=Srh_TV_J144 36

  36. Reminder • Make your passwords complex. Use a combination of numbers, symbols, and letters (uppercase and lowercase). • Change your passwords regularly (every 45 to 90 days). Do NOT give any of your usernames, • passwords, or other computer/ website access codes to anyone. Do NOT open emails, links, or • attachments from strangers. 37

  37. _________ Infection(s) Prevention • Install One program or two – up to you • l an antivirus/anti-malware program • How many is too many? • Be sure the program is up to date • Expired? • Free tools – Microsoft & Others • Don’t click the links • Don’t visit the “bad” sites 38

  38. What Next Steps Should Your Stay Vigilant Don’t let it grip you, but… Do Now? STOP. THINK. CONNECT. WWW.StaySafeOnline.ORG StopThinkConnect.org SecureIt.SIU.EDU Stay Up to Date Other training, webinar, ask friends. What Can IT Do To Help? What to do now…in the future. 39

Recommend


More recommend