pwned protecting yourself in the 2019
play

Pwned: Protecting Yourself in the 2019 By Dallin Warne 1 Why are you - PowerPoint PPT Presentation

Nov 11, 2023 •331 likes •581 views

Pwned: Protecting Yourself in the 2019 By Dallin Warne 1 Why are you a target? 99% Money 1% Everything else (revenge, activism, hate, espionage, etc) Why do they do it? Because it works. 3% 5% clicks on phishing links, down

  1. Pwned: Protecting Yourself in the 2019 By Dallin Warne 1

  2. Why are you a target? • 99% Money • 1% Everything else (revenge, activism, hate, espionage, etc) • Why do they do it? • Because it works. • 3% ‐ 5% clicks on phishing links, down from 25% in 2012 2

  3. 3

  4. By the Numbers • 52% of breaches involved hacking • 32% of breaches involved phishing • 28% of breaches involved malware • (Numbers don’t add up to 100% because of overlapping techniques) 4

  5. Ways to Protect Yourself • What to watch out for • Musts • Social media scams • Keep everything updated— • Being sent to unsolicited offers Computer, phone, webcam, router, oven, etc. • Outdated ‐ looking or broken • Antivirus (Windows/Mac/Phone) websites • Multi ‐ factor authentication • Browser security warnings • Password manager (Lastpass, • Shoulds 1Password, etc) • Credit Monitoring (Free through • Ad ‐ blocker bank/bureau) • Haveibeenpwned notifications • Freeze your credit at Big 3 • Use credit cards for online purchases • Bank and card transaction and only on reputable sites notifications • Screen calls from unknown numbers • Check for card skimmers • Hiya, Android scam alert 5

  6. Obvious Signs Generalized Poor English Sender’s email is from an unofficial domain or unknown number Dear Bad grammar or spelling Customer/sir/madam/anything Abnormal conversational words but your name 6

  7. Common Phishing Signs • Unexpected • Act urgently • Negative or positive consequences for inaction/action • Piques curiosity • Must take an action within the email. Unavailable to verify outside of it. • Money in any form including gift cards, rebates, sales, etc • Links • Website name is weird, or similar but not quite to what is expected. • URL shorteners • Lots of % in the link (%3Cscript%3Ealert(%27I%20got%20you.%27)%3B%3C%2Fscript%3E) • Attachments—especially documents and compressed files 7

  8. Advanced—Spear Phishing • Uses Social Engineering • Personal • Can include details about you, a customer or supervisor, etc • Relevant to you • Based on information that’s publicly available • Enticing • Known contacts’ accounts hacked 8

  9. What to do • Stop and think it through. • Be paranoid. • Verify by other means, especially when sending money or given a login page • Go directly to the website yourself without clicking on anything in the message • Sometimes you can just wait. 9

  10. Example: Sent to a Librarian 10

  11. Example 2 11

  12. Example 3 12

  13. Example 4 13

  14. Example 5 14

  15. Example: Extortion 15

  16. Payback • https://www.ted.com/talks/james_veitch_this_is_what_happens_wh en_you_reply_to_spam_email#t ‐ 108537 16

  17. 17

  18. Password • Two biggest ways to reduce risk: • Long, unique password from a password generator • Complexity matters less • Multi ‐ factor authentication 18

  19. Multi ‐ factor authentication • Best method is hardware ‐ based, push notifications, or time ‐ based codes • Text messages or emails aren’t as secure, but significantly better than passwords alone • Duo, Google, Microsoft all produce decent apps 19

  20. Passwords are so 1990s • PassPhrase or PassSentence, not password • 16+ characters. • 6 words from 2000 words = 63,521,358,201,095,760,000 possible combinations. • WizzoWazzo is Hilarious, Girls can’t eat 14 pizzas • Passwords are like tissues: Don’t reuse them. Have unique passwords as much as possible. • Use a password manager (Lastpass, 1Password, etc) • Don’t use passwords that are already hacked • Check out https://haveibeenpwned.com 20

  21. Password Managers • LastPass—Free, cloud ‐ based. • Adequate for most consumers • 1Password—$36/year, cloud ‐ based • Other free/paid available 21

  22. Utah Security Breach Law • “If an investigation under Subsection (1)(a) reveals that the misuse of personal information for identity theft or fraud purposes has occurred, or is reasonably likely to occur, the person shall provide notification to each affected Utah resident. • https://le.utah.gov/xcode/Title13/Chapter44/13 ‐ 44 ‐ S202.html • Weak consumer protection 22

  23. Is it a Phish? • Is the sender’s email address correct? • Is it an unsolicited email? • Does it give a sense of urgency? • Does it ask for money or to buy something? • Is there a document attached? • Does it ask you to log in or give personal info? • Can you verify the request outside the email? • Hover over the links: • Do they take you to a known website? Or does it look strange? • Are there a lot of % symbols? 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT Haohuang Wen 1 , Qi Alfred Chen 2 , Zhiqiang Lin 1 1 Ohio State University 2 University of California, Irvine USENIX

278 views • 26 slides
Protecting the Bay Protecting Alameda WATER QUALITY & FLOOD PROTECTION INITIATIVE 2019 1

Protecting the Bay Protecting Alameda WATER QUALITY & FLOOD PROTECTION INITIATIVE 2019 1

Protecting the Bay Protecting Alameda WATER QUALITY & FLOOD PROTECTION INITIATIVE 2019 1 Discussion Outline 1. Essential Community Values 6. Meeting the Challenge 2. Realizing Values = Clean 7. Community Outcomes Water Program 8.

763 views • 17 slides
Dont get pwned in 2018 webapp lockdown checklist Luka Kladaric Sekura consulting

Dont get pwned in 2018 webapp lockdown checklist Luka Kladaric Sekura consulting

Dont get pwned in 2018 webapp lockdown checklist Luka Kladaric Sekura consulting luka@sekura.io @kll 1 What this talk is about Securing users, their browsers and computers. 2 What this talk isnt about Securing your servers or the

508 views • 33 slides
Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

6/2/20 HealthMatters in our Homes Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k and nd Wh Why 1 During this presentation, we will: Summarize what COVID-19 is, how it spreads, and who

463 views • 19 slides
PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019

PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019

Innovation Centre PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, June 2427, 2019 September 26, 1996 Bellcores Researchers Break Smart Cards BELLCORE ATTACK (1/2) Computation of a signature S = ( m ) d mod N

503 views • 24 slides
Protecting Pollinators in Minnesota: How Are We Doing? November 20, 2019 The Issue Why are we

Protecting Pollinators in Minnesota: How Are We Doing? November 20, 2019 The Issue Why are we

Photo by Christopher E. Smith Protecting Pollinators in Minnesota: How Are We Doing? November 20, 2019 The Issue Why are we concerned about pollinators? Photo by Brett Whaley Background Executive Order 16-07 Directing Steps to Reverse

690 views • 23 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

418 views • 8 slides
Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its mark on every continent, with its highest prevalence being in sub Saharan Africa 10% of the worlds population An Assessment of In 2008,

353 views • 6 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

614 views • 7 slides
Protecting forests: the role of the EU and the case for mandatory due diligence Next steps in

Protecting forests: the role of the EU and the case for mandatory due diligence Next steps in

Protecting forests: the role of the EU and the case for mandatory due diligence Next steps in the EU and other jurisdictions on forest-risk commodities 10 October 2019 1 EU context long awaited Communication From 2008 to 2019

482 views • 9 slides
1 General Managers Report November 20, 2019 2 Protect Our Resources 3 Protecting and

1 General Managers Report November 20, 2019 2 Protect Our Resources 3 Protecting and

1 General Managers Report November 20, 2019 2 Protect Our Resources 3 Protecting and Preparing 2 nd Salt Summit Inter-jurisdictional group: local, county and state o agencies Work to minimize salt impacts on water supplies o

259 views • 22 slides
Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation.

Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation.

Protecting Steel By Mr. Christopher L. Gibbons Protecting Steel Who are Teamac? 3 rd generation. Privately owned company. Based in Hull. Weve been making paint since 1908. Who am I? Chris Gibbons. L2 Icorr Paint inspector. 40 years

603 views • 14 slides
Protecting Your Respiratory Health Protecting Your Respiratory Health Tips to Help You Breathe

Protecting Your Respiratory Health Protecting Your Respiratory Health Tips to Help You Breathe

Breathe In, Breathe Out: Protecting Your Respiratory Health Protecting Your Respiratory Health Tips to Help You Breathe Easier The American Lung Association suggests taking these steps to help keep your lungs healthy and reduce the risk of

90 views • 6 slides
Analyzing Pwned Passwords with Spark Kelley Robinson @kelleyrobinson Developer Evangelist +

Analyzing Pwned Passwords with Spark Kelley Robinson @kelleyrobinson Developer Evangelist +

Analyzing Pwned Passwords with Spark Kelley Robinson @kelleyrobinson Developer Evangelist + @KELLEYROBINSON BIG DATA & SECURITY Spark: then and now The state of passwords Spark in action Big Data Security BIG DATA & SECURITY

606 views • 33 slides
NASS IDEAS Award | 2019 Key components to protecting elections at every level Key

NASS IDEAS Award | 2019 Key components to protecting elections at every level Key

NASS IDEAS Award | 2019 Key components to protecting elections at every level Key partnership with state OCIO and county IT professionals County-by-county approach Sustained advocacy Building a human firewall by requiring all

396 views • 5 slides
Protecting Immigrant Families Advancing Our Future Campaign The Invisible Wall June 2019

Protecting Immigrant Families Advancing Our Future Campaign The Invisible Wall June 2019

Protecting Immigrant Families Advancing Our Future Campaign The Invisible Wall June 2019 Presented by: Renato Rocha, Center for Law and Social Policy Ed Walz, Springboard Partners Tanya Broder, Connie Choi, Gabrielle Lessard, Kat

778 views • 52 slides
Linguistic properties of multi-word passphrases Joseph Bonneau , Ekaterina Shutova

Linguistic properties of multi-word passphrases Joseph Bonneau , Ekaterina Shutova

Linguistic properties of multi-word passphrases Joseph Bonneau , Ekaterina Shutova jcb82,es407@cl.cam.ac.uk Computer Laboratory USEC Workshop on Usable Security 2012 Kralendijk, Bonaire, Netherlands March 2, 2012 Passphrases an increasingly

770 views • 30 slides
Wave Sound Space Tourist On-board Protection Space Tourist On-board Protection Space Tourist

Wave Sound Space Tourist On-board Protection Space Tourist On-board Protection Space Tourist

Wave Sound Space Tourist On-board Protection Space Tourist On-board Protection Space Tourist On-board Protection Space Tourist On-board Protection Summer School on Space Weather: Physics, Impacts and Predictions, Alpbach/Austria, 1 st August

743 views • 41 slides
2020 Statewide Energy Efficiency Plan Update October 18, 2019 Agenda 1. Highlights 2. Impacts

2020 Statewide Energy Efficiency Plan Update October 18, 2019 Agenda 1. Highlights 2. Impacts

2020 Statewide Energy Efficiency Plan Update October 18, 2019 Agenda 1. Highlights 2. Impacts and Foundational Programs 3. Material Changes 4. Demand Reduction 5. Financing 6. Performance Incentive 7. Marketing 8. Working Groups and

781 views • 25 slides
MEETUP MARCH 2ND INTRODUCTION COUNTERTOP COMPANY PROJECT SOLID SURFACE, GRANITE, QUARTZ &

MEETUP MARCH 2ND INTRODUCTION COUNTERTOP COMPANY PROJECT SOLID SURFACE, GRANITE, QUARTZ &

MEETUP MARCH 2ND INTRODUCTION COUNTERTOP COMPANY PROJECT SOLID SURFACE, GRANITE, QUARTZ & CONCRETE 2001 RETAIL AND COMMERCIAL DATE CLIENT HOME BUILDING 2007 HOME BUILDING 2011 HOME BUILDING 2015 GREEN BUILDING Green Product

628 views • 23 slides
Investor Relations Update As of January 30, 2019 Safe Harbor Statement Except for historical

Investor Relations Update As of January 30, 2019 Safe Harbor Statement Except for historical

Investor Relations Update As of January 30, 2019 Safe Harbor Statement Except for historical information contained herein, the matters set forth in this presentation contain forward- looking statements, including industry market projections; our

418 views • 28 slides
Lance Spitzner www.securingthehuman.org facebook.com/securethehuman @securethehuman 1 in

Lance Spitzner www.securingthehuman.org facebook.com/securethehuman @securethehuman 1 in

Lance Spitzner www.securingthehuman.org facebook.com/securethehuman @securethehuman 1 in 251,800,000 Source: http://www.bookofodds.com/content/view/full/252163 1 in 112,000,000 Source: http://www.bookofodds.com/content/view/full/248157 The Human

768 views • 23 slides
MMFCU Bill Pay Business Accounts Bill Pay for Businesses Businesses can sign up for Online Bill

MMFCU Bill Pay Business Accounts Bill Pay for Businesses Businesses can sign up for Online Bill

MMFCU Bill Pay Business Accounts Bill Pay for Businesses Businesses can sign up for Online Bill Pay and streamline the back office functions of their business. Features include: -Pay bills and view payment activity online anytime. - Delegate

414 views • 6 slides
Dashboard Block Block details by height Block details by ID Transaction details by receipient

Dashboard Block Block details by height Block details by ID Transaction details by receipient

Dashboard Block Block details by height Block details by ID Transaction details by receipient ID Transaction details by sender ID Transaction details by transaction ID Transactions User details with comments User details with transactions

827 views • 57 slides

More recommend