Archive for October 2012

Read error messages and check-boxes.

by in , , , 0


When you see an error message pop up on the screen, read it! You may not understand everything, but if you look through the message, you can get the gist of what is going on. Hackers can sometimes generate errors to collect everything you type and everything that comes up on your screen. If you don't understand an error, you should at least capture the error screen.  To do that, hold down the shift key and press the key labeled "Print Screen" or "PrtSc".  This will put the screen into short-term storage called the clipboard. Then open an e-mail message, right click on the message body and select "paste".  Now you can print the error message or send it to tech support for further analysis.

BEWARE of Phishing Scams!

by in , , , 0

We've all received them, emails from a seemingly trusted source like a bank, delivery company or even your own place of employment, claiming there was some type of issue or another requiring you to offer up some personal information or click on a link or button to help clear the issue up. If you receive an email of this sort DO NOT CLICK ON ANY LINK OR OFFER UP ANY INFORMATION!


This is a common form of security attack called a phishing or spear phishing scam.

Groups attempting to steal personal information will often use e-mails that appear to originate from a trusted source to try and trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site look like they are part of a bank or some other organization the user is doing business with.

If you receive an email like this and you think it may be fraudulent, please report it immediately to the T&C Helpdesk at X8552 or helpdesk@csuci.edu. They will assist you and instruct you on how to remove it effectively.

Remember...  nobody from T&C will ever ask you for any personal information, including your password!

Think twice before posting pictures of yourself or your family and friends.

by in , , , , 0


Photographs often contain information that could be used to identify you or the places you visit frequently. Never post unflattering or embarrassing pictures (no matter how funny) that could come back to haunt you. Carefully examine photos for identifying information such as the name of your school, the name of a sports team or organization you belong to, the address of the place you work or your favorite social hangout. Do not give out the full name of a child in your captions. One mother was very concerned to see her son's wrestling picture online with his full name. Pictures can also be copied or altered and used on other websites in ways that might be detrimental to your reputation.

Is your online shopping site secure?

by in , , 0

When banking and shopping online, make sure websites are security enabled. Look for web addresses with “https://” or “shttp://”. “Http://” is not secure. Learn more at http://staysafeonline.org/stay-safe-online/protect-your-personal-information/online-shopping

Don't Accept Offers of "Free PC Scans" That Pop up When You Use the Internet

by in , 0

Secure Computers LLC paid a $1,000,000 fine for offering "free spyware scans" that told users their systems had been infected with spyware, even if the system was clean. They are not the only ones doing this — when you surf the Web you are still likely to see pop-up windows like that. Some "scans" don't just give misleading results; they actually try to install unwanted software on your PC. Often the screen pop-ups only have a "scan" button and no "cancel" or "quit" option. In fact they could interfere with your PC no matter which of the buttons you choose. Be safe: close pop-ups like this by clicking on the X in the top right corner of the browser window. Better yet, use a pop-up blocker software.

(You can view the article on Secure Computers LLC here - http://www.atg.wa.gov/pressrelease.aspx?id=5926).

October 2012 - secureCI Monthly Newsletter

by in , 0


secureCI presents Ouch!

The SANS Monthly Information Security Bulletin at Channel Islands

  • Your Accounts
  • Your Devices
  • Your Information

Hacked: Now What?


OVERVIEW
No matter how many steps you take to protect yourself or your information, there is still a chance you will get hacked. Like driving a car, no matter how safe you are, sooner or later you most likely will have an accident. However, you can still protect yourself, even after you have been compromised. The sooner you detect an incident, and the faster you respond to it, the greater chance you have of reducing the harm. To help you prepare, we discuss different ways to determine if your computers, accounts, or information have been compromised, and how you can best respond. For responding, most of our advice applies to your personal life. If you have a work related device, work account, or work information hacked, report the incident to the CI Help Desk (Phone: 805 437-8552 / eMail: helpdesk@csuci.edu) or the security team immediately, and then follow their instructions.

YOUR ACCOUNTS
You probably have numerous online accounts for everything from online banking and shopping to email and social networking. Keeping track of them and identifying when an account is compromised can be a constant challenge. Here are some steps to help you identify and respond to compromised accounts. 

Symptoms:
  • You can no longer log in to the website, even though you know your password is correct.
  • Your friends or co-workers are receiving emails from you -- emails that you never sent.
  • Someone is posting messages on your social networking page (such as Facebook or Twitter), posing as you.
  • Someone is transferring money out of your online bank account.
  • Contact information or other settings on your online accounts are being changed without your knowledge or consent.
  • A website or service provider publicly announces they have been hacked and user accounts or passwords have been compromised.

Response:

  • If you can still log in, change your password immediately.   As always, be sure to use strong passwords.
  • If you can’t log in, contact the service provider or website immediately.  Most online providers provide some way to notify them that your account has been hacked.  These methods can include an online form, an email address to contact, or a phone number to call.  
  • Once you have regained access, review all of your account settings to make sure nothing has been changed by the attacker. 
  • Make sure you change your password on any other accounts that have the same password.

The sooner you identify you have been compromised
and the faster you respond, 
the more you can minimize the harm.


YOUR DEVICES
With the explosion of mobile devices, we now have even more things to protect. Once attackers control your device, they have the ability to intercept every action you take on that device. Here are some steps to help you identify and respond to infected devices. 

Symptoms:
  • Your computer is taking you to websites you do not want to go to.
  • Your computer is running programs that you never installed.
  • Your anti-virus reports an infected file.
  • Anti-virus and system updates are failing.
  • Your device is continually crashing.
  • Your smart phone is making expensive calls or purchasing apps without your permission.
Respond:
  • Perform a full scan with your updated anti-virus solution. If it detects any infected files, follow the steps it recommends. You may want to consider running a secondary security scan from online scanners.
  • If your device cannot be secured by your security software, or you want to ensure it is fully recovered.
  • Consider re-installing the operating system or performing a full factory reset, installing the latest version of your anti-virus, and recovering your data from backup (you are doing regular backups of your personal data, correct?).
YOUR INFORMATION
Protecting your own information, such as your Social Security Number, medical history, or purchase history, is challenging, since you often do not control this data. Instead, organizations like your health care provider, your credit card company, or your school store and maintain this data. Here are some steps to help you identify when your personal information has been compromised and how to respond. 

Symptoms:
  • A service provider announces or informs you they had an incident and your data may have been compromised, such as your credit card number or your medical history.
  • You see unauthorized charges on your credit card.
  • Your credit reports indicate loan applications you do not recognize.
  • Your health insurance is processing claims for treatments you did not receive.
  • You receive letters for overdue payments on accounts that you did not open. 
Response:
  • Call your credit card issuer immediately. Have them cancel the credit card and issue a new one. This is a free service your credit card company should provide.
  • Contact your service provider. For example, if you believe there is fraud with your insurance account or bank account, call your insurance company or bank. 
  • During any filing process, always document all conversations with date, time, and the name of the person you talked to. Keep copies of all written correspondence and use certified mail to show proof of delivery.

RESOURCES
Some of the links have been shortened for greater readability using the TinyURL service. To mitigate security issues, OUCH! always uses TinyURL’s preview feature, which shows you the ultimate destination of the link and asks your permission before proceeding to it.

How I Got Hacked:
http://preview.tinyurl.com/8q2jwsu

Free Online Security Scanners:
http://preview.tinyurl.com/9ky9s6w

Internet Crime Complaint Center:
http://www.ic3.gov/default.aspx

Identity Theft Resource Center:
http://www.idtheftcenter.org/

Facebook Hacked Page:
www.facebook.com/help/hacked

Common Security Terms:
http://preview.tinyurl.com/6wkpae5

 SANS Security tip of the Day:
http://preview.tinyurl.com/6s2wrkp

LEARN MORESubscribe to the monthly OUCH! security awareness newsletter, access the OUCH! archives, and learn more about SANS security awareness solutions by visiting us at http://www.securingthehuman.org.  OUCH! is distributed under the Creative Commons BY-NC-ND 3.0 license.

Lock your workstation before you leave your desk

by in , 0

Did you know there are keyboard shortcuts other than CRTL+ALT+DEL that you can use to lock your desktop? This will prevent people from walking up and snooping on your computer. You can save a keystroke by simultaneously pressing the Windows key + L. The Windows key has four wavy squares.

Or, to make things even easier, create a desktop shortcut.
  1. Right click any empty area of your desktop 
  2. Click New 
  3. Click Shortcut 
  4. Type in the following: rundll32.exe user32.dll, LockWorkStation 
  5. Click Next 
  6. Name your shortcut 
Click Finish Now it's as easy as a double click!

Should I Click on that Link?

by in , , 0

We've all received them, emails from a seemingly trusted source like a bank or delivery company claiming there was some type of issue or another requiring you to offer up some personal information or click on a link or button to help clear the issue up. This is a common form of security attack call a phishing or spear phishing scam.

As October is National Cyber Security Awareness Month (NCSAM), to help support cyber security awareness, the SANS Institute (www.sans.org) has posted the five minute online security awareness video "Email and Instant Messaging" covering the risks of using these technologies (including phishing scams, infected attachments, and drive-by downloads), and the steps you can take to protect yourself.  This video will be available through October 15th when a new video will replace it.

Please take the time to view this informative video.

Be Skeptical When You Read Your Email

by in , , 0

Keep asking "Why should I believe that?" It's important to remember that you can't trust the "from" address on e-mail from outside the organization, as it's often faked by fraudsters and viruses. If you didn't expect a message, link, or attachment from someone, ask yourself why you should trust that it really came from the apparent sender, and that it's safe. When in doubt, it's a good idea to call and verify that they sent you the message.