Staying Safe Online (for kids)

•Download as PPTX, PDF•

0 likes•2,449 views

Cybersecurity for kids, discusses phishing attacks, malware, and some basic tips for helping young adults identify attacks and what they can do to protect themselves.

Technology Design

©2009CarnegieMellonUniversity:1
Staying Safe Online
iTeams 2013
Jason Hong

©2013CarnegieMellonUniversity:3
What do you do here?

©2013CarnegieMellonUniversity:4
How to Tell It’s a Fake?

©2013CarnegieMellonUniversity:6
URLs tell you what web site
you are really on
• Let’s say we want to know if we are at
Wombank.com

©2013CarnegieMellonUniversity:9
How to Tell It’s a Fake?

©2013CarnegieMellonUniversity:10
Fake or not?
• http://ellsped.org/.google-docs.com/docs/
• http://facebook-info.ucoz.pl/Facedook-bde/
• https://www.facebook.com/
• http://www3.nationalgeographic.com
• http://www.skype7.com/it
• http://192.232.251.34/~cdslocal/paypal.com
Takeaway 1: Learn where URLs are in
the browser and how to read them

©2013CarnegieMellonUniversity:11
When in Doubt, Don’t Click!
Search for it online
Takeaway 2: Use search engines to
look up information if not sure

©2013CarnegieMellonUniversity:12
Scammers can’t fake this part
Takeaway 3: Scammers can put anything in the browser content area
Takeaway 4: It’s easy to create fake web sites

©2013CarnegieMellonUniversity:15
Takeaway 5: Be suspicious of any site
that asks you for too much info,
especially your password

©2013CarnegieMellonUniversity:16
Who is Attacking, and Why?

©2013CarnegieMellonUniversity:17
Who is Attacking, and Why?
• Mainly computer hackers, all around
the world (some organized crime)
• Reason is mainly money
– Spread spam on Facebook
– Trick you into sending money
• “Stuck in London scam”
– Trick your friends into installing malware
Takeaway 6: Anyone can be a target

©2013CarnegieMellonUniversity:18
Malware
• General term for
“malicious software”
– Viruses, worms, adware
• Attack other computers
• Attack your friends
• Steal your parents’ bank accounts
• Steal your virtual goods
– Ex. World of Warcraft and other MMORPGs

©2013CarnegieMellonUniversity:19
Looks legitimate, but it’s not! This is
known as Fake Anti-Virus. Don’t click it!
Just close the window.

©2013CarnegieMellonUniversity:20
Other Examples of Fake AV
Takeaway 7: Never install software you
weren’t expecting to install

©2013CarnegieMellonUniversity:22
This is fake. Don’t ever install software
this way. Go to Adobe’s site and update.

©2013CarnegieMellonUniversity:23
Another Example of
Fake Software

©2013CarnegieMellonUniversity:24
Fake. Never install
software you
weren’t expecting.
Also, look at the URL

©2013CarnegieMellonUniversity:25
Also fake, look at the URL. Also,
all web browsers auto-update now.

©2013CarnegieMellonUniversity:26
Summary
• Being online can be fun, but there are
also a lot of bad people out there
– Want you to click on things
– Want you to give them your password
– Want you to install malware

©2013CarnegieMellonUniversity:27
You can protect yourself with
basic precautions
1. Learn how to read URLs
2. Use search engines when in doubt
3. Scammers can put anything in the
browser content area
4. It’s easy to create fake web sites
5. Be suspicious of any site that asks you for
too much info, especially your password
6. Anyone can be a target
7. Never install software you weren’t
expecting to install

©2013CarnegieMellonUniversity:28
More Information
• Cybersecurity for young adults
https://www.mysecurecyberspace.com/
– Good passwords
– Password reuse (don’t reuse passwords!)
– Cyberbullying
– Safe social networking

©2013CarnegieMellonUniversity:29
More Information
Commercially
• Products for training people about
cybersecurity
http://wombatsecurity.com/
(Note: I’m a co-founder of Wombat)

©2013CarnegieMellonUniversity:30
Extra backup slides

©2013CarnegieMellonUniversity:31
Most Common Passwords
(These are bad passwords)

Recently uploaded

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

Igalia

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

Top 10 Most Downloaded Games on Play Store in 2024

SynarionITSolutions

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Increase engagement and revenue with Muvi Live Paywall! In this presentation, we will explore the five key benefits of using Muvi Live Paywall to monetize your live streams. You'll learn how Muvi Live Paywall can help you: Monetize your live content easily: Set up pay-per-view access to your live streams and start generating revenue from your content. Increase audience engagement: Provide exclusive, premium content behind the paywall to keep your viewers engaged. Gain valuable viewer insights: Track viewer data and analytics to better understand your audience and tailor your content accordingly. Reduce content piracy: Muvi Live Paywall's security features help protect your content from unauthorized distribution. Streamline your workflow: The all-in-one platform simplifies the process of managing and monetizing your live streams. With Muvi Live Paywall, you can take control of your live stream monetization and create a sustainable business model for your content. Learn more about Muvi Live Paywall and start generating revenue from your live streams today!

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Roshan Dwivedi

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

A Year of the Servo Reboot: Where Are We Now?

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Axa Assurance Maroc - Insurer Innovation Award 2024

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Apidays New York 2024 - The value of a flexible API Management solution for O...

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

presentation ICT roal in 21st century education

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Automating Google Workspace (GWS) & more with Apps Script

Powerful Google developer tools for immediate impact! (2023-24 C)

Top 10 Most Downloaded Games on Play Store in 2024

Scaling API-first – The story of a global engineering organization

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams

Artificial Intelligence Chap.5 : Uncertainty

Why Teams call analytics are critical to your entire business

Featured

PEPSICO Presentation to CAGNY Conference Feb 2024

Neil Kimberley

Content Methodology: A Best Practices Report (Webinar)

contently

How to Prepare For a Successful Job Search for 2024

Albert Qian

A report by thenetworkone and Kurio. The contributing experts and agencies are (in an alphabetical order): Sylwia Rytel, Social Media Supervisor, 180heartbeats + JUNG v MATT (PL), Sharlene Jenner, Vice President - Director of Engagement Strategy, Abelson Taylor (USA), Alex Casanovas, Digital Director, Atrevia (ES), Dora Beilin, Senior Social Strategist, Barrett Hoffher (USA), Min Seo, Campaign Director, Brand New Agency (KR), Deshé M. Gully, Associate Strategist, Day One Agency (USA), Francesca Trevisan, Strategist, Different (IT), Trevor Crossman, CX and Digital Transformation Director; Olivia Hussey, Strategic Planner; Simi Srinarula, Social Media Manager, The Hallway (AUS), James Hebbert, Managing Director, Hylink (CN / UK), Mundy Álvarez, Planning Director; Pedro Rojas, Social Media Manager; Pancho González, CCO, Inbrax (CH), Oana Oprea, Head of Digital Planning, Jam Session Agency (RO), Amy Bottrill, Social Account Director, Launch (UK), Gaby Arriaga, Founder, Leonardo1452 (MX), Shantesh S Row, Creative Director, Liwa (UAE), Rajesh Mehta, Chief Strategy Officer; Dhruv Gaur, Digital Planning Lead; Leonie Mergulhao, Account Supervisor - Social Media & PR, Medulla (IN), Aurelija Plioplytė, Head of Digital & Social, Not Perfect (LI), Daiana Khaidargaliyeva, Account Manager, Osaka Labs (UK / USA), Stefanie Söhnchen, Vice President Digital, PIABO Communications (DE), Elisabeth Winiartati, Managing Consultant, Head of Global Integrated Communications; Lydia Aprina, Account Manager, Integrated Marketing and Communications; Nita Prabowo, Account Manager, Integrated Marketing and Communications; Okhi, Web Developer, PNTR Group (ID), Kei Obusan, Insights Director; Daffi Ranandi, Insights Manager, Radarr (SG), Gautam Reghunath, Co-founder & CEO, Talented (IN), Donagh Humphreys, Head of Social and Digital Innovation, THINKHOUSE (IRE), Sarah Yim, Strategy Director, Zulu Alpha Kilo (CA).

Social Media Marketing Trends 2024 // The Global Indie Insights

Kurio // The Social Media Age(ncy)

The search marketing landscape is evolving rapidly with new technologies, and professionals, like you, rely on innovative paid search strategies to meet changing demands. It’s important that you’re ready to implement new strategies in 2024. Check this out and learn the top trends in paid search advertising that are expected to gain traction, so you can drive higher ROI more efficiently in 2024. You’ll learn: - The latest trends in AI and automation, and what this means for an evolving paid search ecosystem. - New developments in privacy and data regulation. - Emerging ad formats that are expected to make an impact next year. Watch Sreekant Lanka from iQuanti and Irina Klein from OneMain Financial as they dive into the future of paid search and explore the trends, strategies, and technologies that will shape the search marketing landscape. If you’re looking to assess your paid search strategy and design an industry-aligned plan for 2024, then this webinar is for you.

Trends In Paid Search: Navigating The Digital Landscape In 2024

Search Engine Journal

From their humble beginnings in 1984, TED has grown into the world’s most powerful amplifier for speakers and thought-leaders to share their ideas. They have over 2,400 filmed talks (not including the 30,000+ TEDx videos) freely available online, and have hosted over 17,500 events around the world. With over one billion views in a year, it’s no wonder that so many speakers are looking to TED for ideas on how to share their message more effectively. The article “5 Public-Speaking Tips TED Gives Its Speakers”, by Carmine Gallo for Forbes, gives speakers five practical ways to connect with their audience, and effectively share their ideas on stage. Whether you are gearing up to get on a TED stage yourself, or just want to master the skills that so many of their speakers possess, these tips and quotes from Chris Anderson, the TED Talks Curator, will encourage you to make the most impactful impression on your audience. See the full article and more summaries like this on SpeakerHub here: https://speakerhub.com/blog/5-presentation-tips-ted-gives-its-speakers See the original article on Forbes here: http://www.forbes.com/forbes/welcome/?toURL=http://www.forbes.com/sites/carminegallo/2016/05/06/5-public-speaking-tips-ted-gives-its-speakers/&refURL=&referrer=#5c07a8221d9b

5 Public speaking tips from TED - Visualized summary

SpeakerHub

Everyone is in agreement that ChatGPT (and other generative AI tools) will shape the future of work. Yet there is little consensus on exactly how, when, and to what extent this technology will change our world. Businesses that extract maximum value from ChatGPT will use it as a collaborative tool for everything from brainstorming to technical maintenance. For individuals, now is the time to pinpoint the skills the future professional will need to thrive in the AI age. Check out this presentation to understand what ChatGPT is, how it will shape the future of work, and how you can prepare to take advantage.

ChatGPT and the Future of Work - Clark Boyd

Clark Boyd

Getting into the tech field. what next

Tessa Mero

Google's Just Not That Into You: Understanding Core Updates & Search Intent

Lily Ray

How to have difficult conversations

Rajiv Jayarajah, MAppComm, ACC

Introduction to Data Science

Christy Abraham Joy

Time Management & Productivity - Best Practices

Vit Horky

The six step guide to practical project management If you think managing projects is too difficult, think again. We’ve stripped back project management processes to the basics – to make it quicker and easier, without sacrificing the vital ingredients for success. “If you’re looking for some real-world guidance, then The Six Step Guide to Practical Project Management will help.” Dr Andrew Makar, Tactical Project Management

The six step guide to practical project management

MindGenius

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

RachelPearson36

During this webinar, Anand Bagmar demonstrates how AI tools such as ChatGPT can be applied to various stages of the software development life cycle (SDLC) using an eCommerce application case study. Find the on-demand recording and more info at https://applitools.info/b59 Key takeaways: • Learn how to use ChatGPT to add AI power to your testing and test automation • Understand the limitations of the technology and where human expertise is crucial • Gain insight into different AI-based tools • Adopt AI-based tools to stay relevant and optimize work for developers and testers * ChatGPT and OpenAI belong to OpenAI, L.L.C.

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...

Applitools

12 Ways to Increase Your Influence at Work

GetSmarter

ChatGPT webinar slides

Alireza Esmikhani

More than Just Lines on a Map: Best Practices for U.S Bike Routes

Project for Public Spaces & National Center for Biking and Walking

Has your project been caught in a storm of deadlines, clashing requirements, and the need to change course halfway through? If yes, then check out how the administration team navigated through all of this, relocating 160 people from 3 countries and opening 2 offices during the most turbulent time in the last 20 years. Belka Games’ Chief Administrative Officer, Katerina Rudko, will share universal approaches and life hacks that can help your project survive unstable periods when there seem to be too many tasks and a lack of time and people.

Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...

DevGAMM Conference

Barbie - Brand Strategy Presentation

Erica Santiago

Featured (20)

PEPSICO Presentation to CAGNY Conference Feb 2024

Content Methodology: A Best Practices Report (Webinar)

How to Prepare For a Successful Job Search for 2024

Social Media Marketing Trends 2024 // The Global Indie Insights

Trends In Paid Search: Navigating The Digital Landscape In 2024

5 Public speaking tips from TED - Visualized summary

ChatGPT and the Future of Work - Clark Boyd

Getting into the tech field. what next

Google's Just Not That Into You: Understanding Core Updates & Search Intent

How to have difficult conversations

Introduction to Data Science

Time Management & Productivity - Best Practices

The six step guide to practical project management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...

12 Ways to Increase Your Influence at Work

ChatGPT webinar slides

More than Just Lines on a Map: Best Practices for U.S Bike Routes

Ride the Storm: Navigating Through Unstable Periods / Katerina Rudko (Belka G...

Barbie - Brand Strategy Presentation

Staying Safe Online (for kids)

10. ©2013CarnegieMellonUniversity:10 Fake or not? • http://ellsped.org/.google-docs.com/docs/ • http://facebook-info.ucoz.pl/Facedook-bde/ • https://www.facebook.com/ • http://www3.nationalgeographic.com • http://www.skype7.com/it • http://192.232.251.34/~cdslocal/paypal.com Takeaway 1: Learn where URLs are in the browser and how to read them

17. ©2013CarnegieMellonUniversity:17 Who is Attacking, and Why? • Mainly computer hackers, all around the world (some organized crime) • Reason is mainly money – Spread spam on Facebook – Trick you into sending money • “Stuck in London scam” – Trick your friends into installing malware Takeaway 6: Anyone can be a target

18. ©2013CarnegieMellonUniversity:18 Malware • General term for “malicious software” – Viruses, worms, adware • Attack other computers • Attack your friends • Steal your parents’ bank accounts • Steal your virtual goods – Ex. World of Warcraft and other MMORPGs

26. ©2013CarnegieMellonUniversity:26 Summary • Being online can be fun, but there are also a lot of bad people out there – Want you to click on things – Want you to give them your password – Want you to install malware

27. ©2013CarnegieMellonUniversity:27 You can protect yourself with basic precautions 1. Learn how to read URLs 2. Use search engines when in doubt 3. Scammers can put anything in the browser content area 4. It’s easy to create fake web sites 5. Be suspicious of any site that asks you for too much info, especially your password 6. Anyone can be a target 7. Never install software you weren’t expecting to install

28. ©2013CarnegieMellonUniversity:28 More Information • Cybersecurity for young adults https://www.mysecurecyberspace.com/ – Good passwords – Password reuse (don’t reuse passwords!) – Cyberbullying – Safe social networking

Editor's Notes

These slides are by Jason Hong, a professor of computer science at Carnegie Mellon University.These slides were used at iTeams 2013, a camp for kids to learn about technology and entrepreneurship.Teaching kids cybersecurity was the main goal of my short 20 minute talk.Feel free to reuse and modify.
Picture from http://nakedsecurity.sophos.com/2012/06/12/beware-fake-facebook-notifications/
Picture from a real fake web site (via PhishTank).At this point, most kids will say that they will login, which is the wrong thing to do because the screens we just saw were fake.
How can you tell that it’s fake? Well, the only real hints you have are highlighted here, in terms of the email address and the URL (or web address). So let’s teach you how to read these email addresses and web addresses, so you can avoid these kinds of attacks.
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil.Anti-Phishing Phil is a game that teaches people how to identify phishing scams.(Note: for disclosure purposes, Jason Hong is also a co-founder of Wombat Security)
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
The only real tricky one here is the 4th one, National Geographic. Usually, about half of people will get it right, the other half won’t.It’s actually legitimate. This point actually leads nicely to the next slide, which is that if you aren’t sure, then use a search engine instead.Don’t click on strange links in email or Facebook, look up your destination instead.
It’s important to emphasize that bad guys can put any content they want in the browser content area.It’s also really easy to create a fake web page that looks legitimate.But it’s hard for them to fake the web address part.
I included this screenshot because Blizzard games are popular (World of Warcraft, Diablo, Starcraft, etc). Can emphasize that this is how a lot of gamers get hacked.
Here, I ask the kids about who is attacking, and why do they care?The basic answer is that there are a range of bad guys (small time to professional), and most of them care about making money off of you.
Takeaway 6 is trying to make sure that the kids understand that anyone can be a target. It’s not just rich people, it’s not just executives, it really can be anyone.Only a handful of kids seem to have heard of malware before too.
Good to emphasize that learning this material can help the kids protect themselves as well as their parents, siblings, and friends.
Here’s one example of malware, which is fake anti-virus.
Some more fake anti-virus. Simple lesson here is don’t install software that you weren’t expecting to install.http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/computer-viruses/fake-antivirus-warnings
Koobface example. These are fake messages that try to get you to install fake video software.http://news.cnet.com/koobface-virus-hits-facebook/
Koobface example, trying to trick you into “updating” your video software.
http://www.tomshardware.com/news/imperva-rockyou-most-common-passwords,9486.html
From Wall Street Journal about how Facebook spam works.

Staying Safe Online (for kids)

Recommended

Recommended

More Related Content

Recently uploaded

Recently uploaded (20)

Featured

Featured (20)

Staying Safe Online (for kids)

Editor's Notes