The state of Washington Office of Cybersecurity has recently posted a good article related to information security and online shopping at http://cybersecurity.wa.gov/resources/security-tips/. This is a good time of year for this kind of reminder as we all are taking advantage of the convenience and ease of shopping online.
It cannot be emphasized enough that we each must constantly take care with our private information, particularly financial information like bank accounts and credit cards, and particularly when using or accessing such information using mobile devices.
Don’t trust public computers or wireless networks (even the college’s public Wi-Fi network) to be secure enough for these kinds of transactions. It is not difficult for a malicious actor to be able to intercept wireless signals as they pass between your phone and the most secure wireless access point, thus having access to obtain whatever information you type into your device. This could include account numbers, user names, passwords and personal identification numbers (PIN).
Do your online shopping with a trusted wired connection as often as you can (not with public computers like in a library or college computer labs–you never know if the person using it before you compromised the machine). If you must use a mobile device, like a phone or tablet, be certain to follow the OCS guidelines to make your shopping “trip” as uneventful as possible.
Did you know that Phishing has a season, just like real fishing?
Statistics show that during the year-end holiday period, malicious users are more successful with phishing attacks about holiday giving or shopping because they tailor their message to fit the hustle and bustle and activities of the season.
Here is a short videowhich reminds all of us not to let our guard down just because we are too busy or distracted to carefully scrutinize an e-mail advertises a sale or touches our heart.
Have a good holiday season, and Safe Computing!
The links below are to a couple of very short awareness videos published by a third-party which remind us of some of the basics related to the information security topics of malware and phishing. Clicking on the links below will open the videos in a new browser window.
The principles discussed in each of these videos apply to both the workplace and to your use of technology at home.
If you are using Internet Explorer 10 or better, once you have gone to the shared OneDrive folder where these are stored, you can use the white pointers to move between the Individual videos without having to return to this page.
The arrows look like these:
Other browsers will require you to click on each link individually.
Don’t Let Malware Spoil the Fun! (1:50)
Phishing: What Would You Do? (1:24)
Ransomware is a type of malicious software that encrypts files on a computer until the user pays money to a bad actor to get them unencrypted. This is the fastest growing sector of malicious software and is enormously inconvenient if you become a victim.
I have posted a good article about ransomware on the OUCH page of this site, but wanted to bring everyone’s attention to it here on the blog. Take a few minutes and get up to speed on this pernicious threat.
The OUCH archives page on this site is found under “AWARENESS” > “SANS OUCH! ARCHIVE” through the menu at the top right of this page. It can also be reached directly at: http://commons.bellevuecollege.edu/itsecurity/sans-ouch/ .
The original article can also be found at the Securing the Human website at http://securingthehuman.sans.org/newsletters/ouch/issues/OUCH-201608_en.pdf.