TCEA Workshop 6898: Phishing for Worms – Why is my

advertisement

TCEA Workshop 6898:

Phishing for Worms – Why is my

Computer so Slow?

A brief look at some annoying and sometimes dangerous creatures inhabiting cyberspace

William Ball, Technology Coordinator

Holli Horton, Technology Trainer

Calallen ISD

Corpus Christi, TX

1

How prevalent are viruses and things?

More than two thirds of home users think they are safe from online threats.

2

Viruses, worms, and Trojan Horses are malicious programs that can cause damage to your computer and information on your computer.

3

With an ounce of prevention and some good common sense, you are less likely to fall victim to these threats.

4

Be a Critical Thinker

5

What is a virus?

Virus (n.) Code written with the express intention of replicating itself. A virus attempts to spread from computer to computer by attaching itself to a host program.

It may damage hardware, software, or information.

6

What is a worm?

Worm (n.) A subclass of virus. A worm generally spreads without user action and distributes complete copies (possibly modified) of itself across networks.

A worm can consume memory or network bandwidth, thus causing a computer to stop responding.

7

What is a Trojan Horse?

Trojan Horse (n.) A computer program that appears to be useful but that actually does damage.

One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

8

How do these spread?

Many of the most dangerous viruses are primarily spread through e-mail

9

Tip:

Never open anything that is attached to an e-mail unless you were expecting the attachment and you know the exact contents of that file.

10

Be a Critical Thinker

11

12

Googling the phone number (703)

482-0623 gets:

Phonebook results for 703-482-0623:

United States Government, Central

Intelligence Agency, ( 703 ) 482 0623 , Mc

Lean, VA 22101

This is not the CIA Office of Public Affairs in Washington, D.C., as the email reports.

13

FBI Warns of Email Scam

The Federal Bureau of Investigation issued an alert about a scam involving

unsolicited e-mails, purportedly sent by the FBI, that tell computer users that their Internet surfing is being monitored by the agency. The users are told they have visited illegal Web sites and are instructed to open an attachment to answer questions, reports CNN.

This email virus is a variant of the Sober Y worm which was originally discovered on November 16th, 2005. Like the previous variants, this one sends itself inside a ZIP archive as an attachment in e-mail messages with

English or German texts.

It should be noted that along with the "usual" messages that look like fake bounces, password change notification requests, Paris Hilton video ads and so on, the worm sends messages that look like they come from FBI or

CIA. The From field of such messages contains any of the following:

Department@fbi.gov (also can be Office@, Admin@, Mail@, Post@)

Department@cia.gov (also can be Office@, Admin@, Mail@, Post@)

The Subject field contains any of the following:

You visit illegal websites

Your IP was logged

The FBI is investigating the scam.

14

15

The reason this email was successful was because:

It came from a perceived important or powerful person

Accused wrongdoing; plays on guilt

Gave an opportunity to right a wrong

This is called…

16

Social Engineering

17

In the field of computer security, social engineering is the practice of obtaining confidential information by manipulation of legitimate users.

18

By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes. It is generally agreed upon that “ users are the weak link

” in security and this principle is what makes social engineering possible.

19

Beware of messages that request password or credit card information in order to “set up their account” or

“reactivate settings”.

20

Do not divulge sensitive information, passwords or otherwise, to people claiming to be administrators.

21

System administrators do not need to know your password to do any work on the servers.

22

Social engineering works — in an Infosecurity survey, 90% of office workers gave away their password in exchange for a cheap pen!

23

Be a Critical Thinker

24

What is Phishing?

Phishing (v.) is a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.

25

In 2005, phishing represented an average of one in every 304 emails, compared to one in every 943 in 2004.

26

27

Dear Citibank Customer,

When signing on to Citibank Online, you or somebody else have made several login attempts and reached your daily attempt limit. As an additional security measure your access to

Online Banking has been limited. This Web security measure does not affect your access to phone banking or ATM banking.

Please verify your information here , before trying to sign on again. You will be able to attempt signing on to Citibank Online within twenty-four hours after you verify your information. (You do not have to change your Password at this time.)

Citibank Online Customer Service

Copyright © 2004 Citicorp

28

<font color="#000000" face="Arial">

<p>When signing on to Citibank Online, you or somebody else have made several login attempts and reached your daily attempt limit. As an additional security measure your access to Online

Banking has been limited. This Web security measure does not affect your access to phone banking or ATM banking. </p>

<p>Please verify your information <a href="http://200.189.70.90/citi">here</a>, before trying to sign on again. You will be able to attempt signing on to Citibank Online within twenty-four hours after you verify your information. (You do not have to change your Password at this time.)</p>

<p>&nbsp;</p>

<p><b>Citibank Online Customer Service</b></p>

<br>

</td>

29

Dear valued customer

Dear valued

Need customer

Help?

We regret to inform you that your eBay account could be suspended if you don't reupdate your account information. To resolve this problems please click here and reenter your account information. If your problems could not be resolved your account will be suspended for a period of 3-4 days , after this period your account will be terminated.

Dear valued customer

For the User Agreement , Section 9, we may immediately issue a warning, temporarily suspend, indefinitely suspend or terminate your membership and refuse to provide our services to you if we believe that your actions may cause financial loss or legal liability for you, our users or us. We may also take these actions if we are unable to verify or authenticate any information you provide to us.

Due to the suspension of this account, please be advised you are prohibited from using eBay in any way. This includes the registering of a new account. Please note that this suspension does not relieve you of your agreed-upon obligation to pay any fees you may owe to eBay.

30

Regards,Safeharbor Department eBay, Inc

<DIV style="width: 605; height: 224"><STRONG><FONT face=arial> We regret to inform you that your eBay account could be suspended if you don't re-update your account information. To resolve this problems please </FONT>

<a target="_blank" a href=" http://211.239.171.57/alfa/eBayISAPI.php?MfcISAPIComm

and=SignInFPP&UsingSSL=1&email=&userid="><FONT face=arial color=#0000ff>click here </FONT></a></STRONG><FONT face=arial> and re-enter your account information. If your problems could not be resolved your account will be suspended for a period of 3-4 days, after this period your account will be terminated.

31

32

33

The code disguises the real target of this link: href="http://wordart.co.jp/.onli

href=" ne/co/login.php">https://servic objectclicked=LoginSplash</a

></FONT></TD>

34

Where is this taking you?

Is this a secure site?

35

Where is this taking you?

Is this a secure site?

36

How Not to Get Hooked by a

Phishing Scam from the Federal Trade Commission

37

Do not reply or click the link

Legitimate companies don’t ask for account information via email. If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address.

38

Don’t email personal or financial information

Email is not a secure method of transmitting personal information.

Period.

39

Review credit card and bank statements as soon as you receive them

Determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

40

Use anti-virus software and keep it up to date

Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.

41

Be cautious about opening any attachment regardless of who sent them

Have you heard this before?

42

Report suspicious activity to the

FTC

If you get spam that is phishing for information, forward it to spam@uce.gov If you believe you’ve been scammed, file your complaint at www.ftc.gov.

43

Be a Critical Thinker

44

What is spyware?

Spyware is Internet jargon for

Advertising Supported software.

It is a way for shareware authors to make money from a product, other than by selling it to the users.

45

Spyware is any technology that aids in gathering information about a person or organization without their knowledge.

46

Drive-by Download?

A drive-by download is a program that is automatically downloaded to your computer, often without your consent or even your knowledge.

47

Unlike a pop-up download, which asks for assent (albeit in a calculated manner likely to lead to a "yes"), a drive-by download is carried out invisibly to the user: it can be initiated by simply visiting a Web site or viewing an HTML email message.

48

Why is it called spyware?

While this may be a great concept, the downside is that the advertising companies also install additional tracking software on your system, which is continuously "calling home", using your Internet connection and reports statistical data to the "mothership".

49

Is spyware illegal?

Even though the name may indicate so, Spyware is not an illegal type of software in any way.

However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product.

50

What is adware?

Generically, adware is any software application in which advertising banners are displayed while the program is running.

51

Adware has been criticized because it usually includes code that tracks a user's personal information and passes it on to third parties, without the user's authorization or knowledge.

52

In addition to privacy and security concerns, resource-hogging adware and spyware can cause system and browser instability and slowness.

For users paying for dialup services by time used, ad-loading and hidden communications with servers can be costly.

53

Adware isn't necessarily spyware.

Registered shareware without ads may be spyware. Purchased out-ofthe-box software may contain adware and may also be spyware.

54

All this makes for a confusing mess and users need to be on guard when installing any type of software.

55

Be a Critical Thinker

56

Top 10 Cyber Security Tips

from StaySafeOnline.com

57

1. Use anti-virus software and keep it up to date

Anti-virus software is designed to protect you and your computer against known viruses so you don’t have to worry. But with new viruses emerging daily, anti-virus programs need regular updates, like annual flu shots, to recognize these new viruses. Be sure to update your anti-virus software regularly.

58

2. Don’t open emails or attachments from unknown sources

A simple rule of thumb is that if you don't know the person who is sending you an email, be very careful about opening the email and any file attached to it. Should you receive a suspicious email, the best thing to do is to delete the entire message, including any attachment.

59

3. Protect your computer from

Internet intruders – use firewalls

Firewalls create a protective wall between your computer and the outside world. They come in two forms, software firewalls that run on your personal computer and hardware firewalls that protect a number of computers at the same time. They work by filtering out unauthorized or potentially dangerous types of data from the Internet, while still allowing other (good) data to reach your computer.

60

4. Regularly download updates and patches for your OS and other software

Most major software companies today release updates and patches to close newly discovered vulnerabilities in their software.

61

5. Use hard-to-guess passwords

Mix upper case, lower case, numbers, or other characters not easy to find in a dictionary, and make sure they are at least eight characters long. Don’t share your password, and don’t use the same password in more than one place.

62

6. Back-up your data on disks or

CDs regularly

Back up small amounts of data on floppy diskettes and larger amounts on CDs or DVDs. If you have access to a network, save copies of your data on another computer in the network.

63

7. Don’t share access to your computers with strangers

Your computer operating system may allow other computers on a network, including the

Internet, to access the hard-drive of your computer in order to “share files”. This ability to share files can be used to infect your computer with a virus or look at the files on your computer if you don’t pay close attention. (Music sharing programs like Kazaa, Napster, and Gnutella are common music file sharing programs.)

64

8. Disconnect from the Internet when not in use

Disconnecting your computer from the Internet when you’re not online lessens the chance that someone will be able to access your computer.

65

9. Check your security on a regular basis

You should evaluate your computer security at least twice a year. Look at the settings on applications that you have on your computer. Your browser software, for example, typically has a security setting in its preferences area.

66

10. Make sure you know what to do if your computer becomes infected

It’s important that everyone who uses a computer be aware of proper security practices. People should know how to update virus protection software, how to download security patches from software vendors and how to create a proper password.

(If in doubt, contact the nearest 14 year-old.)

67

Be a Critical Thinker

68

Free Tools

69

Microsoft Anti-Spyware

70

Lavasoft’s AdAware

71

Spybot Search and Destroy

Be careful – none of these sites is what you want!

72

Spybot Search and Destroy

Tucows is a safe site to download from.

73

How do you fix this mess?

Be aware of Social Engineering techniques

Never share your password with anyone

Protect your computer:

Keep your OS updates current

Use antivirus software and keep it up-todate

Use programs like Adaware and Spybot

Search and Destroy to keep your computer free from malware

74

Be a Critical Thinker

75

Download