This is a presentation that I shared with a group of College students on Cyber Security.
This was part of the Cyber Safe Tamil Nadu 2009 program organized jointly by NASSCOM, DSCI and the Tamil Nadu police.
As part of the Cyber Saft Tamil Nadu – 2009 Event, anchored jointly by NASSCOM, Tamil Nadu Police and DSCI, I presented on this topic to a bunch of college students in Chennai.
We would be looking at all of these aspects of Cyber Security.
If you browse, email or generally use the Internet, you should be aware of Cyber Security.
There could be three kind of Risks - Hacker/Attacker/Intruder – people who try to exploit weaknesses in software and computer systems for their own gain or for some popularity or mischief - Malicious Code – like Viruses or Worms – Any code that could be used to attack your computer - Vulnerability – Due to programming errors / bugs etc.
Attachments – Be sure of the source of the email attachment. Scan and then open the attachment. Spam – Activate your spam setting. Check for the ‘real’ source of the email – not just the sender’s name, as shown to you. Don’t bulk email your friends – use Bcc option. Chat & Instant Messaging – Do not meet people whom you got introduced through Chat / IM without verifying their identity. Do not click on suspicious links that you receive through Chat/IM.
Limit Personal info on these sites. Ensure that you set appropriate privacy settings. Links and Add ons – Be cautions while clicking on Links or Add ons to the site. Billboard Rule – If you don’t want some information of yours to be on a Billboard, then don’t put it on a Social networking site.
https – Secure, encrypted sites. http – not secure.
Physical Security – Do not leave your mobile devices lying around. Password Protection – As far as possible, password protect all your mobile devices, including Laptops. USB – Do not plug in a USB drive into your system if you are not sure of its origin. Scan it before accessing the contents. Wireless Security Key – Do not stick to the default key. Set a complex key so that neighbors or others in your vicinity do not access your wireless internet.
Phishing attacks - Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. Identity Theft – Stealing your identity fraudulently and using it for the thief's gain.
Phishing Email Example
Phishing Email Example
Phishing Example
Phishing Example
Phishing Example
Nigerian Email Scam
Supplementing Passwords – While registering for a web service (email / social networking etc..), you may be asked to answer a security question or use a secondary password. In such cases, share a response/password that is not easy to guess. The most common security question is – “What is your mother’s maiden name?”. While answering such a question, if you share a fictitious maiden name, your account would be more secure.
Use licensed applications. Ensure that updates and patches are current so that vulnerabilities are taken care of. Be cautious about file sharing sites. Nothing comes for free. You may get viruses and worms through these sites too. If you leave your internet on through the night to download large files, you may leave a gate open for intruders to attack your system.