Responsible Computing - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Responsible Computing

Description:

Don't trust an email simply because it comes from a legitimate-looking address. ... It may also search the user's hard drive for email addresses and attempt to spam ... – PowerPoint PPT presentation

Number of Views:54
Avg rating:3.0/5.0
Slides: 18
Provided by: ADIX3
Category:

less

Transcript and Presenter's Notes

Title: Responsible Computing


1
Responsible Computing
  • Mr. A. Craig Dixon, M.S.
  • Madisonville Community College
  • http//www.madisonville.kctcs.edu/facstaf/cdixon/
  • New Horizons Teaching and Learning Conference
  • May 16, 2007

2
Computing Dangers
  • The Internet, while a powerful and useful tool,
    has made it easier than ever to bother people
    with a host of ills. Among those we will discuss
    are
  • Scams and hoaxes
  • Spam
  • Viruses
  • Spyware and adware

3
Scams and Hoaxes
  • The ease with which a person can send an email or
    publish a web page has lead to the creation and
    quick distribution of several falsehoods. These
    primarily fall into two categories
  • Chain letters
  • Phishing scams

4
Chain Letters
  • The old adage Dont believe everything you read
    goes double for anything you read on the
    Internet.
  • Email hoaxes abound some misrepresent the facts,
    others are out-and-out lies.
  • Many involve famous people like Dr. James Dobson
    others big-name companies from AOL to Cracker
    Barrel. Still others warn of non-existent
    computer viruses or show phony or doctored
    photographs.

5
Examples of Chain Letters
  • Nigerian officials do not need your help in
    retrieving money from a government bank account.
    (This is known as the 419 scheme.)
  • There is no such thing as an email tracker that
    counts how many people you send an email to. Any
    email promising money, gift certificates,
    donations to charity, answers to jokes, etc.
    based on an email counter are hoaxes.
  • CBS did not cancel Touched By An Angel due to
    pressure from Madeline Murray OHare (who has
    been dead for years.)
  • No one has died from dirty needles in the room of
    balls a Chuck-E-Cheese or anywhere else.
  • Almost no legitimate petition is conducted
    through forwarding email. Most use a web site
    connected to a database.
  • There is not a rash of viruses hiding in emails
    with the subject line It Takes Guts to Say
    Jesus or A Card for You, although this may
    occur on a case-by-case basis.

6
Ways to Identify Chain Letters
  • Check out www.snopes.com. It is one of the most
    popular urban-legend-busting sites on the
    Internet.
  • For virus warnings or other alleged computer
    maladies, search the web site of a credible
    anti-virus maker like Symantec (makers of Norton
    Antivirus.)
  • If a famous person or company is mentioned, check
    the person or companys official web site. Most
    are quick to post explanations or denials of
    false claims. Use site searches when possible
    many of these hoaxes are very old.
  • If all else fails, type a unique word or phrase
    from the email into a search engine. Many times
    there will be several hits to sites that debunk
    the myth.

7
Phishing
  • Phishing is a dangerous scam to entice people to
    give away passwords or account information to
    malicious entities.
  • Most phishing scams involve sending email to an
    unsuspecting user that appears to be from a
    trusted company like eBay or Citibank, claiming
    the user needs to verify their account
    information.
  • The email contains a link to a site that is not
    affiliated with the company. When the user enters
    his or her information on this site, it is
    collected by the malicious entity and may be used
    for identity theft or other malevolent purposes.

8
Avoiding Phishing Scams
  • Dont trust an email simply because it comes from
    a legitimate-looking address. It is very easy to
    create this illusion using a technique called
    email spoofing.
  • Company logos are also easy to steal and include.
  • Learn to identify how your browser denotes a
    secure site. (This is still not a guarantee of
    legitimacy.)
  • Most companies wont ask for sensitive
    information like user names and passwords in an
    email. It is best to confirm the request by phone
    or by a means of contact posted on the companys
    official site.
  • Counter-intuitively, many phishing emails claim
    that by entering your personal data, you are
    protecting your identity.
  • Phishing emails often convey a sense of urgency
    in dealing with the purported problem. Dont be
    fooled take your time and get the facts.
  • Many companies have ways to report phishing. If
    you believe you have been targeted in a phishing
    attack, save the email so you can forward it to
    the company via the proper channels.

9
Spam
  • Anyone with an email address is familiar with the
    scourge of inboxes spam.
  • Spam originally denoted repetitive postings to a
    newsgroup, but has come to mean, in the
    vernacular, all undesirable email.
  • By some estimates, spam accounts for over 80 of
    all email traffic on the Internet.
  • Spam takes its name from a Monty Python sketch
    that uses the word spam over 100 times in a
    matter of minutes.

10
Methods of Obtaining Addresses
  • Spammers are often unscrupulous in obtaining
    email addresses. Below are some of their tactics.
  • Email spiders Similar to search engine spiders,
    except they search web pages for anything of the
    form name_at_domain.tld and report it as an email
    address.
  • Dictionary attacks Once the spammer identifies
    a domain (e.g. kctcs.edu) he or she has a program
    that sends email to addresses constructed by
    adding _at_kctcs.edu to the end of a group of
    characters that might be a user name. If the
    email is not returned, the address is assumed
    valid and added to the list. AOLs mail server
    bounces millions of messages a day.
  • Buying a list of email addresses from companies
    or other spammers These lists sell for up to 5
    cents per address.

11
Methods of Dealing with Spam
  • Use a spam blocker many ISPs and mail services
    provide these for free. Microsoft Outlook has a
    spam filter built in.
  • Employ a black list, a list of addresses to block
    email from, or a white list, a list of addresses
    to accept email from.
  • When posting email addresses online, some users
    prefer to list their address as user (at)
    domain.tld or userNOSPAM_at_domain.tld to confuse
    email spiders.
  • Do not click on remove links. Many spammers use
    these links to detect live email addresses and
    sell them.

12
Viruses
  • A virus is a program that covertly installs
    itself in order to destroy data or otherwise
    disrupt normal computer functions.
  • Worms are viruses that exploit vulnerabilities in
    applications or the operating system itself.
  • Trojan horses are viruses that pose as legitimate
    programs, but silently drop a damaging payload as
    well.
  • Executable viruses must be run by the user, and
    are thus usually attached to an email with a
    cleverly vague body that convinces the user to
    run the file.
  • Boot sector viruses infect a critical area of the
    disk that is read every time the disk is
    accessed. It rewrites this section to make the
    computer copy the virus onto any computer into
    which the disk is inserted.
  • Macro viruses hide in files that support macros,
    which are small programs that automate repetitive
    tasks.

13
Avoiding Viruses
  • Buy quality antivirus software and keep it
    updated! New virus definitions are released
    almost daily. Downloading these updates usually
    takes a minute or less.
  • Watch for updates for your major applications and
    your operating system to be posted by the
    manufacturer. Windows users should run Windows
    Update frequently.
  • Before using a portable storage medium in another
    computer, turn on its write protection. (There is
    usually a small switch on the medium itself.)
    This prevents anything from being written to the
    medium. This is not an option if you need to save
    something to the medium.
  • Be very careful when opening email attachments.
    It is a good idea to verify that the person who
    was supposed to have sent it actually did. Even
    after that, you should scan it for viruses before
    opening it. Viruses typically hide in files with
    the extensions .exe, .pif, .vbx, .bat, and .zip.
    Viruses can also be hidden in Microsoft Office
    files (.doc, .xls, .mdb, and .ppt) using macros.

14
Adware and Spyware
  • Both adware and spyware are similar to viruses in
    that they are almost always installed without the
    users knowledge.
  • Both differ from viruses in that they do not
    attempt to destroy data.
  • Adware attempts to display unsolicited
    advertisements such as pop-up ads on the users
    computer. It may also search the users hard
    drive for email addresses and attempt to spam
    them, or hijack the users browser to make it
    display pages the user did not request.
  • Spyware silently records a users actions
    (particularly the web sites he or she visits) and
    reports them back to a third-party, usually for
    marketing purposes, although spyware has been
    used for identity theft.

15
More about Adware and Spyware
  • Adware and spyware makers often pay legitimate
    software makers to include malware in their
    products install. Peer-to-peer (P2P) file
    sharing programs like Kazaa and Morpheus are
    notorious for this practice.
  • Some adware and spyware is installed simply by
    visiting the wrong web site.
  • Common adware and spyware programs include
    Gator/GAIN/Claria, Alexa, Bonzi Buddy, and WhenU.
  • Designers of this malware often do not care how
    much of a systems resources their software uses
    consequently, the systems performance can be
    significantly affected.

16
Avoiding Adware and Spyware
  • Avoid P2P software its uses are mostly illegal
    anyway.
  • Do not click on pop-up ads or links in spam
    email.
  • Install a firewall, a program that controls
    incoming and outgoing data from your computer.
  • A firewall can be configured to only allow
    traffic from programs you specify (your browser,
    email client, etc.) to access the Internet.
  • Zone Labs provides a free firewall called
    ZoneAlarm. Symantec includes a commercial
    firewall in its Internet Security suite.
  • Install a spyware/adware removal tool, keep it
    updated, and run it often. Two of the most
    popular and reliable removal tools are Lavasoft
    AdAware and Spybot Search and Destroy. Both are
    free and may be used together for maximum
    protection.

17
Choosing a Browser
  • Use a modern browser. Most new browsers include
    popup blockers.
  • Consider an alternative browser.
  • Despite recent surges by competitors, Microsoft
    Internet Explorer still controls 80 of the
    browser market. This, combined with numerous
    security flaws in its code, make it the most
    attractive target for malware creators.
  • Many alternative browsers also reject ActiveX
    controls, which many computer experts consider
    inherently unsafe. This may limit a sites
    functionality, but it also limits the users
    vulnerability.
  • A great alternative browser is Firefox from the
    Mozilla Corporation. You can download it at
    www.mozilla.com.
  • Explore the add-ons available for browsers.
    Besides being handy, toolbars like those from
    Yahoo, Google, and MSN provide additional tools
    to prevent malware attacks. Some even include
    anti-phishing features that warn you if you are
    accessing a site known to be involved in phishing
    attacks.
Write a Comment
User Comments (0)
About PowerShow.com