Protecting Your PC

1
Protecting Your PC

• Technology Training Week
• Steve Schwarz

2
A Little Knowledge is a Dangerous Thing

• Its far easier to learn how to use technology
  than to learn how to use technology correctly,
  ethically, and productively.
• This concept is easy to understand using a car
  analogy
• Computers have been compared to the gift of
  fire.

3
Anti-Virus Software

• A computer virus is software designed to cause
  annoyance or damage.
• 200 to 300 new viruses surface every month.
• Antivirus software is utility software that can
  scan for viruses or constantly check RAM if left
  running 24/7.
• Most antivirus programs offer weekly updates. You
  should find out how to download/install updates
  and remember to do so every week.
• Some network administrators push updates to your
  computer so you dont have to worry.
• Free anti virus software is going to be as good
  as its cost.

4
Firewalls

• A firewall is hardware or software that protects
  a computer or network from intruders.
• If you have a home network that uses a router,
  you only have to worry about applications sending
  information out to an intruder.
• Some firewalls automatically configure
  themselves. Others like Zone Alarm will ask you
  whether or not to allow traffic through your
  connection. Problems arise when youre not sure
  when to say yes or no. However, Zone Alarm is
  free!
• Windows now ships with its own firewall. It is
  self-configuring and wont prompt you as often as
  some other applications will.

5
Anti-Spyware Software

• Todays hackers want to make money. Destroying
  your PC isnt profitable. Spyware may display pop
  up advertisements, track your keystrokes or send
  your personal information to a third party.
• Spyware is software running on your machine that
  was installed without your knowledge.
• Trojan horse Software was downloaded and
  installed along with another program.
• Back door - A virus on your computer
  automatically downloaded the spyware.

6
Anti-Spyware Software Blocks Cookies

• Cookies are small text files downloaded by Web
  browsers.
• Only the server who sent the cookie can retrieve
  it.
• However, if an advertising company provides ads
  for multiple companies, they can track your
  actions as you move from site to site.
• They may not know your name, but they know your
  interests.

7
Be Careful Installing Software

• If you see a message box such as the one
  below..just say no

8
Viruses

• MACRO VIRUS Spread by binding themselves to
  software such as Word, Excel, Access or
  PowerPoint.
• You can let the virus loose on your machine by
  opening up the infected file.
• WORM a virus that spreads not only from file to
  file but from machine to machine via E-mail and
  the Internet.
• VIRUS HOAX An email designed to scare people
  into thinking they have a virus when they dont.
  This can cause the victim to erroneously pass
  along the email.
• http//hoaxbusters.ciac.org/HBMalCode.shtml

9
How Do People Attack Computers?

• MALWARE Malicious software designed to attack a
  victims computer.
• VIRUS Malware that is designed to be
  destructive.
• Malignant viruses damage your computer system.
  They can scramble or delete your files.
• Benign viruses display cryptic messages or slow
  down your PC.

10
Types of Hackers

• Black Hat A hacker with malicious intent.
• Cracker Hack for profit
• Hacktivists Hack to send a political message
• Cyberterrorists Want to destroy critical
  systems.
• Script Kiddies People who want to hack but lack
  the skills. They download hacking code to
  compensate.
• Ethical/White Hat Hack to find vulnerabilities.
  Will report findings to the vulnerable company.

11
Opting In and Opting Out

• Opting In occurs when you allow a Web site to
  email you advertising offers related to your
  preferences and interests.
• Opting Out occurs when you explicitly let a Web
  site know that you have no interest in receiving
  advertising offers by email.
• Typically you indicate whether you opt in or opt
  out when you register at a site.

12
Phishing Attacks

• Phishing is a huge problem. Attacks are up over
  500 in the last year.
• A phishing attack involves social engineering.
• Some phishing attacks are quite convincing.

13
How Most Phishing Attacks Work

• You receive an email from your bank, credit card
  company, Ebay, PayPal, etc.
• The email explains that you should click a link
  embedded in the email in order to log into your
  account.
• Clicking the link actually takes you to a site
  run by a hacker. If you log in, the hacker will
  have your personal information.
• The link text may contain the address of the
  proper site, but you can see the real destination
  by running your mouse over the link and looking
  at the status bar.
• Most legitimate companies will NEVER ask you to
  click a link to visit their log in page.
• http//en.wikipedia.org/wiki/Phishing
• http//www.nytimes.com/2006/02/27/technology/27hac
  k.html?ex1148184000en03a6a875b5c8e074ei5070

14
Viral Marketing

• When businesses sell the information theyve
  gathered about you. This can lead to spam.
• Viral marketers often provide you with free fun
  entertainment to lure you into providing personal
  information.
• If youre worried about viral marketing, then
  make sure you read the companys privacy
  policy..if one even exists.

15
Secure Transactions

• Many people dont make purchases online due to
  safety issues. However, they will gladly hand a
  waiter/waitress their credit card or order over
  the phone.
• If there is a lock in the browser window and the
  URL begins with https instead of http, your
  transaction is secure. This means that your
  information is being transferred over the Web in
  an encrypted form. It can only be read by the
  e-commerce site. However, once the information
  has arrived, it is up to the business to protect
  your data and make sure it isnt stolen.

16
Secure Sockets Layer

• Creates a secure and private connection between a
  Web client and a Web server.
• Encrypts the information and sends it over the
  Internet.
• Your browser automatically supports SSL.

17
Threats in Cyberspace

• Computers are weapons and targets of computer
  crime.
• If someone steals your credit card number and not
  your card, you have no way of knowing until
  strange charges appear on your bill.
• Your card could get stolen from an e-commerce
  companys database.

18
Identity Theft

• If someone is able to access your SSN, drivers
  license number and a fake credit card can get
  credit or debit cards in your name.
• Every day, thousands of people in the US have
  their identity stolen.
• This is correlated to high credit card interest
  rates.

19
Identity Theft Part Two

• Identity thieves can run up huge credit card
  debt, take out loans, travel around the world
  while pretending to be you.
• This will likely ruin your financial standing.
  Your credit cards will be closed and you wont be
  able to obtain credit.
• You dont usually have to pay back the identity
  thiefs debt, but your financial standing is
  ruined.
• In 2001, up to 1.1 million people fell victim to
  identity theft. It can takes months or years to
  straighten out.

20
Denial of Service Attacks

• Web sites are overloaded with requests from
  machines designed to slow the site down to the
  point where the public will find the site no
  longer accessible.
• Sometimes the owner of the machine helping to
  perform the DOS has no idea he/she is
  participating. Thats because unbeknowest to the
  owner, his/her machine has been turned into a
  zombie.
• http//antivirus.about.com/od/whatisavirus/a/zombi
  epc.htm
• http//tweezersedge.com/archives/2005/02/000534.ht
  ml
• http//whatis.techtarget.com/definition/0,289893,s
  id9_gci213591,00.html
• http//blogs.zdnet.com/threatchaos/index.php?p310
  

21
Snooping by Others

• Snoopware helps people monitor whats happening
  on their computers.
• Key logger software can be used to monitor how
  your PC is being used.
• Only parents of minors can legally snoop on
  others.
• Screen capture software periodically captures and
  stores screen images.

22
Email NOT Private

• Email is as insecure as a message written on a
  postcard.
• Each message is stored at one point or another on
  at least four computers
• Senders computer
• Senders mail server
• Recipients mail server
• Recipients computer

23
Companies Want Your Personal Information

• Companies get information about your preferences
  and identity by
• Using information you willingly provide
• From information other organizations have
  collected about you.

24
Volunteering Information

• Contests and Promotions
• Warranty Cards and Rebate Offers
• Registration at Web Sites
• Theres personal information about adults in
  hundreds of different databases.
• What people earn
• Where they live
• What they paid for their home
• There are few laws restricting this information.
• Market researchers know who will spend 8,000
  shopping online this year. Many businesses will
  pay for such information.

25
Information Collected by Contact

• 92.8 percent of Web sites gather some type of
  identifying information
• Largest Databases
• Chase and First Union Banks
• Walmart (101 Terabytes of data)
• Limited
• Sears

26
Spam

• Electronic junk mail or unsolicited email.
• Usually selling products/services
• Email addresses are readily available as are
  programs who can send out 10,000 or more emails
  at once.
• Constitutes almost ½ of all E-mail traffic.
• Spammers fake their email return addresses to
  make it hard to track them down.
• Never unsubscribe to a Spam offering since it
  confirms that your email is being used.

27
How to Protect Yourself

• Three Rules
• If it can be stolen, lock it up
• If it can be damaged, back it up
• If it can come in and do damage, block it
• Email is never private, but it can be encrypted
• ZixMail
• CertifiedMail

28
Protect Information on Hard Drives

• Dont give away computer with a hard drive unless
  you use special software to scramble all of the
  bits.
• A woman in Nevada bought a used computer that
  contained records for 2,000 pharmacy customers
  including their names, SSNs, and the medications
  they purchased at the pharmacy.

29
Protecting Yourself Online

• Use secure sites (https)
• Never give out your SSN unless the law demands it
• Use long passwords of 10 characters/numbers.
• Use different passwords for different systems.