email security protection l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Email Security & Protection PowerPoint Presentation
Download Presentation
Email Security & Protection

Loading in 2 Seconds...

play fullscreen
1 / 28

Email Security & Protection - PowerPoint PPT Presentation


  • 351 Views
  • Uploaded on

Email Security & Protection Cyber Security Month October 2006 What are we going to cover? Phishing Spam Viruses & Worms What is GU doing about this? Policies Resources Phishing

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Email Security & Protection' - Jeffrey


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
email security protection

Email Security & Protection

Cyber Security Month

October 2006

what are we going to cover
What are we going to cover?
  • Phishing
  • Spam
  • Viruses & Worms
  • What is GU doing about this?
  • Policies
  • Resources
phishing
Phishing
  • Occurs when ID thieves trick people into providing their Social Security number, financial account numbers, PINs, mother’s maiden name and other personal information by pretending to be someone they are not
phishing con t
Phishing, con’t
  • What to look for
    • Phishy emails
      • Appear to be from legitimate retailer, bank, organization or govt. agency
      • Sender asks to confirm your personal information for some reason (account is being closed, order has been placed in your name, your information has been lost)
    • Links within emails that ask for your personal information
      • Lure people to phony websites that look like the real site
      • By following the instructions and entering personal information you’ll deliver it directly into the hands of the ID thieves
phishing scam sample
Phishing Scam Sample
  • Email message with a link to take you to a fake survey site
phishing scam sample6
Phishing Scam Sample
  • Email message with link to take you to Pay Pal site. When the link is clicked the victim is taken to a legitimate looking Pay-Pal website:
phishing scam sample8
Phishing Scam Sample
  • Legitimate site
phishing what to look for con t
Phishing, What to look for con’t
    • To check whether a message is legite, call the company directly or go to their website (use a search engine to find it)
  • Pharming
    • Virus or malicious program is secretly planted in your computer and hijacks your web browser
    • You type in the legitimate address but you’re taken to a fake copy of the site without realizing it
phishing what to look for con t10
Phishing, What to look for con’t
  • Pop Up Screens
    • Never enter personal information in a pop up screen
    • Phisher will direct you to the real company’s website but an unauthorized screen created by the scammer will appear with blanks to provide your personal information
    • Legite company, organization won’t ask for personal info via a pop up screen
    • Install pop up blocking software to help prevent this type of phishing
phishing how to protect yourself con t
Phishing, How to protect yourself con’t
  • Protect your PC with spam filters, anti-virus and anti-spyware software and a firewall and keep them up to date
    • Spam filters – help reduce the number of phishing emails you get
    • Anti-virus – scans incoming messages
    • Anti-spyware – looks for programs that have been installed on your computer and tracks your online activity without your knowledge
    • Firewalls – prevent hackers and unauthorized communication from entering your computer
phishing how to protect yourself con t12
Phishing, How to protect yourself con’t
  • Look for programs that offer automatic updates and take advantage of free patches
  • Only open attachments if you’re expecting them
  • Phishing can occur by phone too
    • Verify the person’s identity before providing any personal info (ask for person’s name, name of agency, phone number, physical address)
slide13
Spam
  • Indiscriminately sent unsolicited, unwanted, irrelevant or inappropriate messages, especially commercial advertising in mass quantities
  • Also know as junk mail
  • Why is Spam a threat?
    • Spam may contain worms, viruses, and other malicious code
spam con t
Spam con’t
  • CAN-SPAM Act of 2003
    • Established requirements for those sending commercial email
      • Ban on false or misleading header info
      • No deceptive subject lines
      • Requires an opt out method
      • Opt out mechanism must process request for at least 30 days after you send commercial email
      • Email must be identified as advertisement and include sender’s physical address
  • Reporting Spam
    • Forward to spam@uce.gov
spam con t15
Spam con’t
  • Resources
    • CAN SPAM Act see the FTC’s CAN SPAM guide at http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm
    • FCC CAN SPAM pamphlet at http://www.fcc.gov/cgb/consumerfacts/canspam.html
  • Reducing Spam
    • Federal Trade Commissions guide at http://www.ftc.gov/bcp/conline/edcams/spam/business.htm
viruses and worms
Viruses and Worms
  • Self replicating, malicious codes that attach to an application program or other executable system component and leave no obvious signs of their presence
  • Can arrive via emails or downloads
  • Can slow down your company’s systems and productivity as you need to dedicate resources to remove it
viruses and worms con t
Viruses and Worms con’t
  • Other impacts
    • Increased spam
    • Denial of service
    • Deleted files
    • Allow remote access to your computer
  • No particular way to identify that your computer has been infected
    • Some may destroy files and shut down your computer
    • Others may only subtly affect computer normal operations
    • Anti-virus software may alert you that it’s found malicious code and may be able to clean it automatically
viruses and worms con t18
Viruses and Worms con’t
  • What to do if infected
    • Minimize the damage – contact your IT dept
    • For home computers – disconnect your computer from the Internet
  • Remove malicious code
    • Update virus definitions for your anti-virus software
    • Perform manual scan of entire system
    • If software can’t locate and remove code, you may need to reinstall your operating system
      • NOTE: Reinstalling or restoring your operating system typically erases all your files and additional software you have installed on your machine
viruses and worms con t19
Viruses and Worms con’t
  • Resources
    • National Cyber Alert System Tip: Recovering from Viruses, Worms and Trojan Horses at http://www.uscert.gov/cas/tips/ST05-006.html
what s gu doing
What’s GU doing?
  • Barracuda firewall
    • Blocks an average of 400 phishing types of email messages on a daily basis
    • Blocks roughly 112 viruses
    • Blocks roughly 36,000 spam emails
  • Email server virus protection
    • Blocks roughly 98% of viruses that are sent
what s gu doing con t
What’s GU doing con’t
  • Your computer
    • Each GU owned computer is installed with virus protection and a firewall
    • Outlook has Spam detection rules built in that users can configure
  • User awareness
    • Be aware of hazards in order to protect yourself
policies
Policies
  • Find them on the http://cybersecurity.gonzaga.edu website
  • Employee Email Policy
    • Prohibited Activities
      • Sending SPAM, chain letters from a Gonzaga email account
      • Unauthorized altering of the header of an email message to prevent the recipient from determining the actual sender of the email
      • Sending email from another user’s account or falsifying sender information in any way
policies con t
Policies con’t
    • Using email for any activity that is unlawful or in violation of any Gonzaga policies
    • Unauthorized disclosure or forwarding of information proprietary to the university or deemed confidential in nature or information that could be construed as a statement of official university policy, position, or attitude
  • Mass Mailings
    • Warnings and mass mailings about important technology issues must be approved by the Director of Central Computing or assigned designee
    • Mass mailings to staff and faculty shall be approved by the Director of Public Relations or assigned designee
    • Mass mailings to students shall be approved by the Vice President of Student Life or assigned designee
policies con t25
Policies con’t
  • General Policy
    • Using a reasonable amount of Gonzaga University’s resources for personal emails is acceptable
    • All email stored in the “Deleted Items” directory will be automatically purged (permanently deleted and unrecoverable) after a period of thirty (30) days. This includes email attachments stored in the Deleted Items directory
    • Central Computing and Network Support Services (CCNSS) will employ methods to reduce the number of SPAM type email and viruses that are received by university recipients. CCNSS will attempt to ensure valid email is allowed, however, some false positives can be expected
policies con t26
Policies con’t
  • Student Email Policy
    • Students have the responsibility of accessing and reading their email messages in a timely fashion and maintaining their email box at a reasonable size. Zagmail users should move messages from their inbox and maintain their inbox at a size no greater than 25 megabytes
    • The university reserves the right to purge email from accounts
resources
Resources
  • Check out the new Cyber Security website at http://cybersecurity.gonzaga.edu
  • Learn more about how to keep your computer secure at www.onguardonline.gov and www.staysafeonline.org
  • Info on how to put a ‘fraud alert’ on your files at the credit reporting bureaus at www.consumer.gov/idtheft or 877-438-4338
  • Report phishing at www.fraud.org or 800-876-7060
resources28
Resources
  • Check out the new Cyber Security website at http://cybersecurity.gonzaga.edu
  • Learn more about how to keep your computer secure at www.onguardonline.gov and www.staysafeonline.org
  • Info on how to put a ‘fraud alert’ on your files at the credit reporting bureaus at www.consumer.gov/idtheft or 877-438-4338
  • Report phishing at www.fraud.org or 800-876-7060