Introverted Leadership Mentor
The brilliant Hannah Morgan and I presented Bullet Proofing Your Career Online at the STC Rochester Spectrum Conference. We’ll be presenting again at the STC Technical Communications Summit in Rosemont, IL in May. You won’t be able to experience our incredibly witty repartee, but I’ve embedded the slides below.
I shared this presentation at the October program meeting of the Rochester Chapter of the Society for Technical Communication. The presentation demonstrates how the Information Security Office at the Rochester Institute of Technology used marketing techniques to reinforce key messages to raise awareness around information security concerns such as phishing.
To see more about how we’re using blogging to raise awareness in a specific academic course, visit the RIT Cyber Self Defense blog.
How can you tell how secure your web browser may be? Scanit’s Browser Security Test checks your browser security settings and provides a report explaining the vulnerabilities, the potential impacts, and how to correct them.
Your security software should include an antivirus, anti-spyware, and a firewall.
Keep your browser and applications up to date. If you’re prompted for an update, accept it.
Use a strong complex password or passphrase. Consider using a password vault such as LastPass to generate and store your passwords.
Current browsers all provide some protection against phishing. There are also browser tools that you’ll find helpful.
Limiting account privileges (WindowsXP) provides simple but effective protection when working online. Limited accounts allow you to do most daily activities but do not allow you to install software (only accounts with administrative privileges can install software on the computer).
Many attacks take advantage of administrative privileges to install malware on your computer. If you’re using a limited account, attackers and malicious websites will not be able to install malware. (This is less of an issue with Windows 7 and Mac OS X because they ask you to confirm software changes.)
Threats have doubled since 2009 and the threat vectors have increased. Vigilance is even more important.
One thing hasn’t changed. The key to safe browsing is not which browser you choose. It’s following safe practices.
Please comment on the post and let us know some safe practices you recommend.
What’s the easiest way to break into a computer account?
Cracking the password? Putting a trojan on the computer? Hacking? Unfortunately, it’s simply tricking you into giving up your password through a technique known as phishing.
Computers have vulnerabilities that can be exploited by attackers using different types of malware. However, your attacker is as likely to come after you through “social engineering” as they are through malware. Just as our computers have vulnerabilities, we too are susceptible to attack!
Social engineering attacks are attempts to trick you into revealing private information. Successful attacks may result in identity theft and loss of funds. Social engineering attacks take a number of different forms, including phishing attempts, work at home scams, and Nigerian 419 schemes. Attackers often take advantage of current events, such as the tsunami that hit Japan.
This article deals with one type of online scam—phishing attempts. Phishing is a common technique in identity theft. We’ve all received phishing emails or instant messages that appear to link to a legitimate site. These emails and web sites are designed to capture personal information, such as bank account passwords, social security numbers and credit card numbers. Losses to phishing attempts are estimated to be as high as $500M every year.
Phishing emails used to be easy to recognize because of their poor spelling and grammar. Now, phishing emails are often indistinguishable from official correspondence. Anyone can put together a phishing attack using resources (or kits) purchased on the Internet.
Safe computing practices are the best defense against phishing. Here are a few safety tips:
Although avoiding phishing attempts is typically a matter of following safe practices, there are a number of browser helpers available to help warn you of suspicious web sites. Browser helpers normally work as another toolbar in your browser. Use one or more for your protection:
I had the privilege of presenting my 25-minute presentation on Shockproofing Your Use of Social Media as a five-minute Lightning Talk at the STC Summit in Sacramento on May 18th.
Lightning talks introduce an additional element of stress for the presenters: the slides advance every 15 seconds whether they’re ready or not. Our audience was ~150 Summit attendees, so we were presenting to our peers as well.
It’s quite the experience sharing the stage with eight other presenters with totally different styles. Would I do it again? In a heartbeat!
