Hide Notes 

Slide 1: Internet Security How to Protect Yourself from Existing Internet Threats 2.0 Dave Palmer Instructional Media Agent South Central Extension District
Slide 2: Disclaimer The information presented here are only options, not recommendations. You alone are responsible for what you do on your own computer. 2 of 107
Slide 3: Agenda Part 1 - Existing threats Scams, Phishing, Viruses, Worms, Trojans Backdoors, Spyware, Rootkits, Botnets Part 2 - Protection Layered Security Best Practices Security Software & Suites Backups Support 3 of 107
Slide 4: Best Practices Ha nd ou t • Update your operating system regularly • Update other programs and applications regularly • Backup your data or your whole system on a regular basis. 4 of 107
Slide 5: Best Practices Ha • Use multiple layers of security for the best protection • There are no “safe” websites. Any website can be compromised. • Use STRONG passwords where money or sensitive information is involved. nd ou t 5 of 107
Slide 6: Malware – malicious software Intent is to damage, disrupt, steal, control or otherwise inflict problems on computers, data, hosts, or networks. 6 of 107
Slide 7: Latest Statistics • In 2006 there was 1 infected website for every 20,000 websites. Now it’s 1 in 150. • 1 in 78 links in instant messages leads to malware. Experts predict that will rise to 1 in 12. 7 of 107
Slide 8: Latest Statistics • 25 million new strains of malware detected in 2009 • 66% of these new strains were Trojans • McAfee reported a new record in the 2nd quarter of 2010 - 6 million new malware recorded 8 of 107
Slide 9: Social Networking Threats • Sites like MySpace, Facebook, LinkedIn, etc. • Threats include 3rd party applications and quizzes, games, shortened links • May contain malware, worms viruses, etc. but not the main threat 9 of 107
Slide 10: Social Networking Threats • Main risk - information you post about yourself that can jeopardize privacy and security like… • Date of birth, phone number, address, resume, current activities or other ways to specifically identify who you are and where you are. 10 of 107
Slide 11: The Scope of the Threat Is increasing rapidly 2009 2008 2007 2006 Malware threats have doubled every year since 2006 11 of 107
Slide 12: Why the Dramatic Increase? • Signature-based recognition is the basis of most Internet security software • Many malware variants now create unique versions of themselves for individual users to avoid signaturebased recognition. • Such malware is called “polymorphic.” 12 of 107
Slide 13: Ha nd ou t Malware Stories You Might Have Missed Handout Also available at: http://techteachtoo.com/category/internet-security/ 13 of 107
Slide 14: What are the Threats? Not malware Malware • • • • • • Tracking Cookies* • • Flash Cookies* • Adware • Hoaxes • Scams* • Phishing* • • Backdoors* Keyloggers Viruses Worms Trojans* Spyware* Rootkits* Bots* 14 of 107
Slide 15: Tracking Cookies • Not malware • Sometimes useful • No personal info unless offered • Storage can be limited • Can be set to expire • Easy to remove 15 of 107
Slide 16: Flash Cookies – ‘Super’ Cookies • Largely unknown widely used • Never expires • Difficult to find & remove • Can send info w/o your permission • Not a big threat Adobe Flash logo 16 of 107
Slide 17: Flash Cookies Widely used… …including in Extension 17 of 107
Slide 18: Controlling Flash Cookies http://www.macromedia.com/support/documentatio n/en/flashplayer/help/settings_manager03.html Go thru each tab and set each accordingly 18 of 107
Slide 19: Anatomy of a Web Top Level Domain (TLD) Notice the slashes (/) an address dou ts Domains never have a single slash on both ends 2H Handout http://collier.ifas.ufl.edu/HomeGarden/A-ZPubs.shtml subdomains domain URL or Web address 19 of 107 Web folder Webpage
Slide 20: Ha nd o Is this URL part of the University of Florida? See the slashes? This is the actual domain This is not the domain! ut http://www.premline.ru/img/ /webmail.ufl.edu/ This is a domain registered in Russia. It’s not connected with UF. 20 of 107
Slide 21: Shortened Links • TinyURL.com, Bit.ly.com, many others • Can make a long URL into a short URL They change this: http://hillsborough.extension.ufl.edu/intern etsecurityresources.html Into this: http://tinyurl.com/2eqmr32 21 of 107
Slide 22: The Answer? URL Decoders • Untiny.me website http://untiny.me/ • True URL http://www.trueurl.net/service/ website or FF addon • LongURLplease – http://www.longurlplease.com/ Firefox addon and bookmarklet • More information at: http://techteachtoo.com/url-decoders/ 22 of 107
Slide 23: Spam "...most non-commercial spam these days is aimed solely to get you to click on a link, even out of curiosity. As soon as you click on that link, you're infected, most likely to become yet another botnet victim, have your identity and information stolen and go on to participate, all unknowingly in the infection of further victims." Rik Ferguson senior security analyst Trend Micro 23 of 107
Slide 24: Spam E-mail • • • • • About 90% of all e-mail is spam Most gets caught in e-mail filters Spam increased 14% in 1st half of 2010 Just 2 botnets generate 53% of all spam Spam is the primary means of distributing malware 24 of 107
Slide 25: Social Engineering Means: Manipulating people to do things or to divulge confidential information 25 of 107
Slide 26: Scams • Appeal to curiosity, compassion, greed • Disasters generate large numbers of scams • Appear legitimate 26 of 107
Slide 27: Scams • DO NOT click on links in these e-mails • Typically offer something of value, ask for money in advance • Nearly impossible to track the monetary transactions 27 of 107
Slide 28: Scam Targets • Dating sites - exploit the victims’ desire for a companionship • Religious sites - seek donations for “worthy cause” • Social websites exploit personal info 28 of 107
Slide 29: Scams Estimated annual losses • US - $1-$2 billion • UK – 150 million pounds • Australia - $36 million AUD 29 of 107
Slide 30: Phishing • Aim is to steal valuable information such as credit cards, social security numbers, user IDs and passwords • Usually done by email • Social engineering 2H an do u ts 30 of 107
Slide 31: Phishing • Often masquerades as legitimate business, or government • Often contains a threat or consequence • E-mails try look genuine, trustworthy Excellent Phishing IQ test: www.sonicwall/phishing/ 31 of 107
Slide 32: Phishing Example Link #1 Link #2 32 of 107
Slide 33: Place your cursor over the e-mail link. Right click (If you left click on the link you might get infected) Click on ‘Copy Shortcut’ Open a Word doc or Notepad Paste 33 of 107
Slide 34: The link: Link #1 The URL: http://stproofing.com/living/bankofamerica.repu tion/Online_BofA_Banking.UpdatingScreen.dosta te=CAupdating.cfmpage=corp_bofacom.BankofA mricaScreen.dostate=CA/ 34 of 107
Slide 35: Link #2 This instruction has been send to all bank customers and is obligatory to follow. Actual URL: http://pushplaydj.ca/photos/albums/userpic s/notice/www.bankofamerica.com/ 35 of 107
Slide 36: Phishing Sites 1st half of 2009 nearly 100% Increase Source: Anti-Phishing Working Group 36 of 107
Slide 37: Phishing • Bottom line: Legitimate organizations never ask for sensitive information through e-mail 37 of 107
Slide 38: Backdoor - malware • Backdoors allow access to a computer without a password or user name. • Allows downloading of more malware 38 of 107
Slide 39: Trojans • Programs that masquerade as “good” programs • Often carry a “payload” or open a backdoor • Can spy, steal information, log keystrokes, phone home & download other malware 39 of 107
Slide 40: Spyware • Purpose is to capture information of value • Email addresses, usernames, passwords, credit card info, etc. • Can transmit this information 40 of 107
Slide 41: Rootkit • Actively avoids detection • Has the ability to hide & change appearance • Can turn off System Restore, anti-virus, anti spyware programs • Very difficult to remove even for experts 41 of 107
Slide 42: Bots or Zombies • A “bot” is a computer infected with certain malware, and controlled remotely without the knowledge of the user • Combined into networks called botnets • Botnets rented or sold to criminals 42 of 107
Slide 43: Simple Botnet 43 of 107
Slide 44: Botnet Statistics • Mariposa botnet, shutdown in 2010 controlled 12.7 million compromised computers • Over 3,000 botnets are believed to exist • Botnets use compromised computers send 100+ billion spam messages daily • Botnets also used to attack commercial & government websites. 44 of 107
Slide 45: Botnet Cyber Attack Estonia, a tiny but highly wired country on the Baltic Sea, was essentially shut down for 3 weeks during April and May of 2007 by organized cyber (botnet) attacks. 45 of 107
Slide 46: Another Botnet Attack Dozens of S. Korean & U.S. agencies attacked in July 2009. Dept. of Defense, FAA, Homeland Security, NYSE, NASDAQ, etc. 46 of 107
Slide 47: The Child Porn Connection • Multiple cases of innocent people accused of child porn • Malware may redirect a computer to webpages • Or visit child porn sites at a rate of 40/minute • Use remotely controlled computers for storage • http://www.theregister.co.uk/2009/11/09/malwar e_child_abuse_images_frame_up/ 47 of 107
Slide 48: Part 2 – The Protection We’ve covered the threats, but how do we protect ourselves? 48 of 107
Slide 49: 7-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall Data 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 7) Backup Data Optional: Create user accounts 49 of 107
Slide 50: 4-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall Data 3) Use a Security Suite should include a software firewall, antivirus and anti-spyware 4) Backup Data Optional: Create user accounts 50 of 107
Slide 51: nd ou t • Treat your laptop as though it were a wallet or purse when away from home • Backup regularly • Don’t conduct financial transactions online on non-encrypted sites (look for https:// or the padlock icon) Best Practices Ha 51 of 107
Slide 52: Encrypted websites Look for 52 of 107
Slide 53: Best Practices • Be paranoid about e-mail attachments • There’s no such thing as a “safe” website • Analysis of domains by Symantec revealed that 90% of infected websites are legitimate sites that had been compromised without the owners knowledge. (July 2010) 53 of 107
Slide 54: Best Practices Ha nd ou t • Don’t open obvious spam – delete it • Never trust unsolicited e-mails • Don’t click on links in e-mail – type them in • Use strong passwords when $$ is involved • Watch URLs to know where you are • Turn computer off when not in use • Nothing is foolproof – be prepared 54 of 107
Slide 55: Read the Fine Print • When you click on the box, you are signing a legal contract. • Read before agreeing • Keep a copy (paper or digital) esp. if money is involved. 55 of 107
Slide 56: Use Good Passwords Ha nd ou t • Great Internet security means nothing if the bad guys can guess your passwords • Use strong passwords when dealing with $$ 56 of 107
Slide 57: More Passwords henearkrxern 57 of 107
Slide 58: Keep Passwords Safe • Need a “system” of choosing and using passwords? see handout • Password management software • Roboform, KeePass, FreePass, Password Safe, others Ha nd ou t RoboForm KeePass58 of 107
Slide 59: Password Management Software • Password generator • Master password • Encrypted database of passwords • Desktop, portable, Web-based 59 of 107
Slide 60: USB Malware • Flash drives banned by US Army in 2008 due to malware issues. • Ban lifted in 2010 • Lots of malware is written to move on a flash drive. 60 of 107
Slide 61: USB Flash Drive w/ Read-Only • ‘Read-only’ or ‘write-protect’ switch prevents malware being written to the flash drive • Useful if using multiple unfamiliar computers 61 of 107
Slide 62: Update Your Operating System • Install all security patches • Go to Windows Update website windowsupdate.microsoft.com/ 62 of 107
Slide 63: Update/ Upgrade Your Applications • Hackers embed malware in applications • 4 times 2009-10 it happened to Adobe PDF files. Adobe issued patches. • Without the patches, you’re vulnerable to infection when viewing PDFs • Alternative – use 3rd party (not Adobe) application to read pdfs – FoxIt reader 63 of 107
Slide 64: Update Your Applications • Average computer holds 60+ programs • Use auto-update if available • Update manually if needed • Use Secunia.com, others • Free, safe, checks your programs, notifies you if updates are needed 64 of 107
Slide 65: 7-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall Data 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 7) Backup Data Optional: Create user accounts 65 of 107
Slide 66: Hardware Router w/Firewall • First layer of defense • Most wireless routers have a firewall • Hard wire if possible • Protects against incoming attacks • $100 - $150 66 of 107
Slide 67: Software Firewall • Protects against inbound attacks and outbound communication by malware • ZoneAlarm, Comodo free & paid versions just get basic firewall, Vista and Windows 7 has good firewall too Outbound Communication 67 of 107
Slide 68: Software Firewall • Vista or Windows 7 - Use the preinstalled Windows firewall. • Turn it off before installing another, including security suites DO NOT use more than 1 software firewall • If you have the XP operating system you SHOULD obtain a software firewall. DO NOT use XP’s firewall. 68 of 107
Slide 69: 7-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall Data 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 7) Backup Data Optional: Create user accounts 69 of 107
Slide 70: Anti-spyware: Spybot Search & Destroy • Detects and removes: adware spyware Trojans keyloggers dialers -Free - Real-time protection - Donations only 70 of 107
Slide 71: Spybot Search & Destroy • Installation of software, including malware, changes the registry • Spybot warns of potential registry changes with “TeaTimer” feature 71 of 107
Slide 72: Spybot Search and Destroy ‘Immunization’ feature helps block installation of some malware, plus it tweaks browser settings to help block cookies, malware installations, bad websites and more. 72 of 107
Slide 73: Anti-spyware: Super AntiSpyware • Detects & removes: spyware Adware Trojans Dialers Worms HiJackers KeyLoggers Rootkits 73 of 107 - Free version available - Paid version includes Real-time protection Scheduling of scans $29.95 $14.95 $9.95
Slide 74: Only tracking cookies 74 of 107
Slide 75: Trojan location 75 of 107
Slide 76: Removal Reboot 76 of 107
Slide 77: Anti-spyware: MalwareBytes • Detects & removes many types of malware • Free version • Full version $24.95 one-time fee real-time protection automatic updates automated scheduling 77 of 107
Slide 78: Antivirus Software • Most detect & remove only viruses • Many software options, free, free trial, paid • UF faculty has access to McAfee for free • Do not install multiple anti-virus programs 78 of 107
Slide 79: “Rogue” or fake anti-malware 79 of 107
Slide 80: Rogue Anti-Malware Products 600% Increase 1st Half of 2009 Also known as “scareware, ransomware” 80 of 107
Slide 81: “Rogue” Anti-malware products • Includes fake anti-virus, fake antispyware products • They DO NOT protect you • They may install or download malware • Very difficult to uninstall • May ask for money to uninstall • This type called “ransomeware” • Investigate before buying 81 of 107
Slide 82: To buy products other than those mentioned Type the name of the software into Google and read the results that appear. 82 of 107
Slide 83: Find a System That Works for You • • • • • • • • Run Secunia – update apps as needed Export bookmarks / favorites Scan with anti-spyware program(s) Scan with anti-virus program – 1 only When finished set a Restore Point Backup whole system with image tool Backup data only Label all backups as “clean” & add date 83 of 107
Slide 84: 7-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall Data 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 7) Backup Data Optional: Create user accounts 84 of 107
Slide 85: Backup Your Data • Why backup? • Data loss or corruption • Human error, fire, flood, malware • Backing up is cheaper, easier than re-creating the data 85 of 107
Slide 86: Backup Your Data • Many ways to backup • Data only, whole system, online, local • Compressed, uncompressed, automated 86 of 107
Slide 87: Data-Only Backup • Dozens of software choices for every budget including free • Backs up selected files • Paid products typically use proprietary compression • SyncToy – Free MS program – no compression 87 of 107 Back2Zip free software
Slide 88: Whole-System Backup • Takes an “image” of the whole system not each file individually • Included in Win 7, others include Acronis, Norton Ghost • Backup in 20-30 min, restore - 30 min to 1 hr 88 of 107
Slide 89: Online Backup Options • Advantages • Inexpensive • Some operate in the background • Disadvantages • Monthly fee • Depends on Internet access 89 of 107
Slide 90: • Advantages • Low one-time cost 1 TB less than $100 • Multi-purpose • Easily accessible • Disadvantage • Risks similar to original data • Note – keep unit unplugged unless in use Local External Backup External Hard Drive 90 of 107
Slide 91: 7-Layer Security Options 1) Use Best Practices 2) Wireless Router w/ hardware firewall 3) ZoneAlarm software firewall Data 4) Spybot w/ tea timer 5) Super Anti Spyware 6) Anti virus software 7) Backup Data Optional: Create user accounts 91 of 107
Slide 92: User Accounts • All users should be required to log in, even at home • A PC with no log-in password is like a car with the keys in the ignition. • Most malware requires administrator privileges to work 2H an do u ts 92 of 107
Slide 93: • • • • an The Windows default is to run in dou ts Administrator mode - allows easy installation of other programs – even malware A safer option is to create a user account without admin privileges Use admin account only when installing software. Handouts contain how-to instructions for Windows XP and Vista 93 of 107 User Accounts 2H
Slide 94: 4-Layer Security Options 1) Use Best Practices Data 2) Wireless Router w/ hardware firewall 3) Use a Security Suite 4) Backup Data Optional: Create user accounts 94 of 107
Slide 95: Security Suite Options • • • • • • • Webroot Kaspersky BitDefender Norton ESET Trend Micro AVG • • • • • • • ZoneAlarm McAfee F-Secure Avira Panda Symantec PC Tools 95 of 107
Slide 96: Security Suite Information • Security Software Testing service http://www.matousec.com/projects/pro active-security-challenge/results.php • Comprehensive information http://www.firewallguide.com/suites.ht m#More_Security_Suites 96 of 107
Slide 97: Secure Browsing Options FireFox with Security Plugins • Plugins are a feature that can be added to a larger program to expand capabilities • NoScript – plugin to stop web scripts from running • Better Privacy – plugin to control Flash cookies 97 of 107
Slide 98: Secure Browsing Options - Sandboxie • Creates a small “virtual” space inside your computer called a “sandbox.” • Can run a program or a browser inside the sandbox. • Whatever happens in there stays in there unless you say otherwise 98 of 107
Slide 99: When you do need help… 1) Friends & family You 2) Local PC Users Group 3) Online help forums CompUSA, Geek Squad, Local repair shop 4) Commercial Repair 99 of 107
Slide 100: Don’t Forget ‘Safe Mode’ • Stops malware from running & defending itself • Windows versions have different process • Boots using minimal programs - no malware • You should see “Safe Mode” in all 4 corners of your screen • Run your scanning programs normally • To exit Safe Mode, reboot 100 of 107
Slide 101: PC Users Groups • 50+ groups around the state. Dues avg $12-$35/yr • Classes, meetings, learn about computers, build relationships • Members help members with problems • For more info go to Fla Assn of Computer User Groups http://www.facug.org/ 101 of 107
Slide 102: Help / Support Forums Can be very useful when you need help. A few suggestions: 1) Do your reading. You may be able to find what you need without asking any questions. 2) Sign up for a free account. 3) Read the rules, stickys and FAQs before you start asking questions. Ha nd ou t 102 of 107
Slide 103: Support Forums 103 of 107
Slide 104: Resources My website is at: TechTeachToo.com - Practical technology tips & tricks - Relevant tech news - Software reviews & tutorials - A brief weekly newsletter 104 of 107
Slide 105: My Time is UP! Many thanks to… • Bill Black – IT Support Ninja • Brent Broaddus – Local IT Jedi • DarryD – Obi-Wan & IT Master 105 of 107