Cybercrime Awareness Cybercrime Awareness Michael De La Cruz Michael De La Cruz Information Security Information Security Officer Officer
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Cybercrime AwarenessCybercrime Awareness
Michael De La CruzMichael De La Cruz
Information Security OfficerInformation Security Officer
ObjectivesObjectives
To provide a general awareness of To provide a general awareness of CybercrimeCybercrime
To understand Cybercrime methodsTo understand Cybercrime methods To identify Internet scamsTo identify Internet scams To learn how to keep from being a victimTo learn how to keep from being a victim
What is Cybercrime?What is Cybercrime?
Cybercrime is any illegal act committed by Cybercrime is any illegal act committed by using a computer network.using a computer network.– Cybercrime is a subset of computer crime.Cybercrime is a subset of computer crime.
Examples of CybercrimeExamples of Cybercrime
Web defacementWeb defacement Unauthorized network Unauthorized network
accessaccess Cyber-StalkingCyber-Stalking Internet fraudInternet fraud
Identity theftIdentity theft Child pornographyChild pornography Interception and Interception and
fabrication of emailsfabrication of emails Theft of passwordsTheft of passwords
Who are the perpetrators?Who are the perpetrators?
Not just “hackers.”Not just “hackers.”– Companies seeking competitor’s trade secretsCompanies seeking competitor’s trade secrets– Con-artistsCon-artists– PedophilesPedophiles– Disgruntled employeesDisgruntled employees– ““Accidental” criminalsAccidental” criminals
The Internet should be viewed as another The Internet should be viewed as another medium in which criminals can conduct medium in which criminals can conduct illegal acts.illegal acts.
Who are the cybervictims?Who are the cybervictims?
CompaniesCompanies– No security awarenessNo security awareness– Bottom linersBottom liners
IndividualsIndividuals– The unaware individualsThe unaware individuals– The “don’t care” individualsThe “don’t care” individuals– The “innocent by-stander” individualsThe “innocent by-stander” individuals
SocietySociety
What does the WORLD know What does the WORLD know about YOU?about YOU?
The Stalker’s Home PageThe Stalker’s Home Page– http://www.glr.com/stalk.htmlhttp://www.glr.com/stalk.html– Email searchesEmail searches– Phone number searchesPhone number searches– Address searchesAddress searches
Credit Card FraudCredit Card Fraud
A quick search on GOOGLE yielded this A quick search on GOOGLE yielded this information:information:– Discover Card number range: 601100-601199Discover Card number range: 601100-601199– Visa Card number range: 4000-4999Visa Card number range: 4000-4999
How much more information can we get?How much more information can we get?
Search Engine FunSearch Engine Fun
TRY THISTRY THIS– Conduct an Advanced search on Conduct an Advanced search on
GOOGLE for your first 8 numbers of GOOGLE for your first 8 numbers of your credit card number.your credit card number.
– Now try searching for the first 5 numbers Now try searching for the first 5 numbers of your SSN.of your SSN.
– Try a search on GOOGLE for the letters Try a search on GOOGLE for the letters SSN while filtering for Excel documents.SSN while filtering for Excel documents.
Website FraudWebsite Fraud
Many con-artists go to great measures to Many con-artists go to great measures to create a legitimate looking website in order create a legitimate looking website in order to convince customers to give up their to convince customers to give up their personal information.personal information.
April 11, 2003April 11, 2003– 50 ANZ bank customers in Australia were duped 50 ANZ bank customers in Australia were duped
into revealing their bank username and into revealing their bank username and passwords. The victims’ logged on to what passwords. The victims’ logged on to what appeared to be their bank, but in reality was appeared to be their bank, but in reality was redirecting them to another web site that was redirecting them to another web site that was secretly recording all their data.secretly recording all their data.
SpywareSpyware
Spyware is used by companies to gather the Spyware is used by companies to gather the surfing habits of individuals.surfing habits of individuals.
Pop-up ads are usually a result of spyware Pop-up ads are usually a result of spyware being present on a computer.being present on a computer.
Keyloggers are a form of spyware that Keyloggers are a form of spyware that secretly record keystrokes and have the secretly record keystrokes and have the ability to email them back to the intruder.ability to email them back to the intruder.
Desktop SecurityDesktop Security
Many people become victims of a cyber Many people become victims of a cyber attack by what is referred to as “drive by attack by what is referred to as “drive by hacking.”hacking.”
Tools are freely available on the Internet to Tools are freely available on the Internet to allow for such behavior to occur.allow for such behavior to occur.
The latest Microsoft Security flaw is a good The latest Microsoft Security flaw is a good example of how vulnerable each users example of how vulnerable each users desktop is to such an attack.desktop is to such an attack.
PornographyPornography
Pornography is the first consistently Pornography is the first consistently successful e-commerce product.successful e-commerce product.
Deceptive marketing tactics and mouse Deceptive marketing tactics and mouse trapping technologies encourage trapping technologies encourage customers to access their websites.customers to access their websites.
Many sites are created to gather users Many sites are created to gather users personal information and install personal information and install backdoors (trojans) on their computers.backdoors (trojans) on their computers.
Pornography StatisticsPornography Statistics
30% of SPAM is from pornographers30% of SPAM is from pornographers Accessed unintentionally Accessed unintentionally (whitehouse.com, (whitehouse.com,
coffeebeansupply.com, teenagershideout.com, clothingcatalog.com, coffeebeansupply.com, teenagershideout.com, clothingcatalog.com, watersports.com, boys.com)watersports.com, boys.com)
Child Pornography est. revenue per year is Child Pornography est. revenue per year is $200 million - $1 billion.$200 million - $1 billion.
1 in 2 parents do not use internet filtering 1 in 2 parents do not use internet filtering software.software.
What can I do?What can I do?
Awareness is the first step in protecting yourself Awareness is the first step in protecting yourself and your family.and your family.
Invest in Anti-virus, Firewall, and SPAM blocking Invest in Anti-virus, Firewall, and SPAM blocking software for your home PC.software for your home PC.
Detect secure websites when conducting Detect secure websites when conducting transactions online.transactions online.
Do NOT respond or act on emails sent from Do NOT respond or act on emails sent from unknown sources.unknown sources.
Stay on top of current Cybercrime trendsStay on top of current Cybercrime trends– www.stcc.cc.tx.us/ITSprojects/infosec/infosec.www.stcc.cc.tx.us/ITSprojects/infosec/infosec.htmhtm
Detecting Secure WebsitesDetecting Secure Websites
Yellow Lock at bottom right of website
HTTPS instead of HTTP
EmailsEmails
SPAM emails are becoming easier to detect SPAM emails are becoming easier to detect by the average user. Look for these clues to by the average user. Look for these clues to identify SPAM:identify SPAM:– The receiver’s name is the same as the sender’sThe receiver’s name is the same as the sender’s– The subject is offering money making dealsThe subject is offering money making deals– The user is unknown and there are links to what The user is unknown and there are links to what
appear to be legitimate websites.appear to be legitimate websites.
Email FiltersEmail Filters STCC is currently using a SPAM email filtering STCC is currently using a SPAM email filtering
software to block most unwanted emails.software to block most unwanted emails. This is will not block all emails, since it filters by This is will not block all emails, since it filters by
keywords, but will eliminate the more obvious keywords, but will eliminate the more obvious ones.ones.
Email filters for home use can be purchased to Email filters for home use can be purchased to protect your family from SPAM.protect your family from SPAM.– Bundle packages are available that include pop-up Bundle packages are available that include pop-up
blockers, anti-virus, spy-ware removers, and Internet blockers, anti-virus, spy-ware removers, and Internet filters.filters.
Helpful LinksHelpful Links
Tiny Personal FirewallTiny Personal Firewall– www.tinysoftware.comwww.tinysoftware.com
Antivirus SoftwareAntivirus Software– http://www.thefreesite.com/Free_Software/Anti_virus_freeware/http://www.thefreesite.com/Free_Software/Anti_virus_freeware/
SPAM blockersSPAM blockers– http://netsecurity.about.com/library/blfreepopup.http://netsecurity.about.com/library/blfreepopup.htmhtm
STCC InfoSec pageSTCC InfoSec page– www.www.stccstcc.cc..cc.txtx.us/.us/ITSprojectsITSprojects//infosecinfosec//infosecinfosec..htmhtm
ConclusionConclusion
The key to protecting yourself is being aware.The key to protecting yourself is being aware. Not all cybercriminals are “hackers.”Not all cybercriminals are “hackers.” There is a whole other world that exists in There is a whole other world that exists in
cyberspace…make sure that your information cyberspace…make sure that your information travels safely.travels safely.
QuestionsQuestions
Michael De La CruzMichael De La Cruz
Information Security OfficerInformation Security Officer
[email protected]@stcc.cc.tx.us
Related Documents
