 All right, now let's take a look at some basic security on how to secure computer for personal internet use. Now, some class topics on this here is we're gonna look at the online risk. See what's available on there. And we'll look at the hackers. They kind of came about to be. And look at identity theft as well as some end user security best practices. Now, more specifically on password and password attack countermeasures as well as setting up security protocols such as internet security suites and our spyware, et cetera, et cetera, et cetera. So what are the risks? Well, you may already know that viruses are bad. Spyware is bad. You may have heard of something called adware which could also be bad but more annoying than anything else. But you know, it always comes down to what you don't know will probably hurt you at least in this field. So let's take a look at some of the things that we know about and hopefully get into some of the unknown. So some of the known risks that we have, right? But did you know that you could actually be helping hackers with getting your information and using it for their benefit if you happen to use email? And the likelihood of 99.99% of you all using email is most likely, right? Do you use some type of auto fill in when you go to your browsers and use the internet explorer or Firefox or Chrome or whatever it is you're using for internet exploring? And usually comes with a nice little feature called the auto fill in. This is where basically you go to a form that you fill out and you get to put in your information and then if you go to another form somewhere else it will then have that information that you've already put in so you don't have to refill it in every time. It's a nice little convenience. However, very dangerous to have on your machine. Very easy to get to as a hacker. Do you shop online? Likelihood is probably. Whether it be both private or via the business that could definitely put you at risk. Do you use a messenger or instant messenger program? All right, so IM program such as AOL, instant messenger, Yahoo, MSN or Link or something to that effect that could possibly put you at risk. Do you clear your cash and cookies regularly? If you do, that might be actually a good thing. If you don't, that could possibly be a cause of concern because hackers will actually get access to those cookies and to your cash which is basically where your temporary internet files are stored and so forth. Now do you also allow ActiveX controls? And sometimes this can be controlled through what we call a group policy. So whenever you log into the system it sets this group policy that says do not use ActiveX controls for certain sites and so forth and only use it for internal sites which we call the intranet and such. Now did you know according to a recent survey only less than three minutes, less than three minutes for your computer to be attacked once it's connected to the internet? Now my personal opinion is that it takes a lot less than three minutes. I mean we're talking literally 30 seconds that you could be attacked from the internet once you're connected. It all just depends on what type of security you already have in place before you connect onto the internet. If you have no security and you connect to the internet it can be literally less than a minute of time before your computer is attacked. I used to teach back when Windows 2000 first came out a Microsoft course where we installed 2000 professional. This was before Windows XP. And while we were updating, looking for updates online, while we were doing the updating we were getting attacked. So it didn't take very long at all even back then to be attacked and mainly had to do with what kind of security measures you already have in place. If you have a firewall then you're somewhat secure. You have an antivirus and firewall you're a little bit more secure. You have lots of different options there that you can implement and that your organization most likely is implementing to help protect against that. So again what are the risks here? There are ways of accessing the system with attackers pretending they're legitimate companies like Microsoft and so forth and learning your private information often without you knowing it's even happening. They will then have possibly remote access to your machines. They can remote to your machine whenever you're connected to the internet. It could be coming through bogus Microsoft updates for instance. So instead of going through the Microsoft update site you're going to some third party site and downloading updates that way. It could be recording cookies which a cookie is basically a text file on your system that is stored in your cache file isn't in your temporary cache, temporary files that actually stores information about you. So next time you go to a website it'll have like your name and say it's welcome back and it'll have your name there and it's all stored within a cookie and that's how it knows who you are. And of course we also have root kits and keystroke loggers and these of course are very hard to find at times and they can cause a lot of damage. Specifically too they cause your machines to generally slow down and cause them to crash every so often and use up a lot of your resources just as your memory and your processing power. So things you need to know, did you know that if someone were to access the internet from your home and a crime was committed the odds are that you will be held responsible. Here according to the infoworld.com a recent article if someone commits a crime with your internet connection you could be held responsible and some others say that you should be held responsible. This is a very true actually a lot of the advanced hacking and such that I do with mile two some of it comes through the wireless side of things and you probably I'm assuming you would have some type of wireless access point which is a wireless router that you connect to your internet through and if somebody got a hold of that router or was able to get onto your machine onto your network via that router because you either one didn't secure it you left it unsecured or you have very weak security such as web security for instance with a weak key then somebody if somebody does get access to that and then commits crimes because it is your equipment you may be held responsible for that and there are definitely cases out there where that was the case so just be very cautious that because it's your equipment you have to be careful you have to keep it protected so make sure you put some good passwords on it make sure you secure it with higher encryption levels so when it comes to wireless for instance you want to use WPA or WPA2 as part of your security encryption and you want to make sure that everything is nicely password protected with nice long complicated passwords now complicated password doesn't necessarily mean that it has to be up a lowercase symbols and everything and sound all like 3G explanation 0.52 uppercase D lowercase B number 8 the at symbol and so forth but it can be simply something like Mary had a little lamb but you just use the first initial of every word and then you maybe add a number or a symbol there and that could be it as well something easy to remember we refer to that as a past phrase and it could be something like that make sure it's plenty of characters long as in eight or more or even 10 or more characters all right now if we look at the hacker there's basically different levels of hackers all right now when we look at the term hacker there's different levels of hackers and even within the hacking community they have their own little system own reasons acts of the commit and so forth such as like your vandals that basically do out of curiosity or personal fame these would be called your script kitties and the script kitties are generally what we call the noobs or the new newcomers they basically will download a tool and then just execute the tool without really knowing what the tool is doing or how to execute the attack without the tool and such so these are generally gonna be maybe your preteens your teenagers and such that are out there causing a little bit of havoc and maybe they're just doing it for personal fame or anything else right you also have your trespassers and these are gonna mainly maybe do it more so for personal gain you know there might be money involved there and they can range from you know being more like a hobbyist to expert hacker considered within that realm we also have course within the personal gain also lost a largest area lost with the dollar amount and if we move on up we have our thieves and these are gonna have the largest area of dollar lost also fastest growing segment and this is gonna be what the identity theft people are basically and these are gonna be the ones stealing your credit card numbers and you know swiping your card it could be as simple as somebody you know at the restaurant that you give your credit card to and they have another card swiper that they use and that will just record your information all they have to do is swipe it as simple as that and they may even do it in plain sight in front of you without you really knowing so again it's very very dangerous and such out there but it's also very profitable for them if they gather enough credit card information with everything else about you and also the largest segment spent on dollar amounts spent on defense of course would be your spies these are gonna be your experts, your specialists and of course they might have more of a national interest in it, they might also be the hacktivists which may do it more for a cause than anything else but again largest amount of dollar spent on defense against it is definitely there so keep that in mind as you know you kind of see things going on and so forth and just know that it's very real and very very current so what is identity theft? Well identity theft occurs when someone uses their personally identifiable information like your name, social security number, credit card number without your permission to commit frauds or the crimes and the FTC estimates that as many as 10 million Americans have their identity stolen each year and you can actually go to the consumerftc.gov website to check that out and it's amazing on some of the things there. It's becoming more and more each year and it's very easily done until you have to be very cautious, check items, make sure you do a lot of different things there to get things going. All right, fighting identity theft. Now awareness of course is an effective weapon against identity theft, you need to be aware of what's going on, what are these bad guys doing out there? How are they actually committing this? What are they doing to get your information and things like that? And they do everything from stealing your mail from the mailbox to just swiping your credit card at the local restaurant. I mean this is very very straightforward, very easy to do. It just depends on how desperate they are and so forth that they're in, situation they're in. So awareness also how information is stolen and what you can do to protect yourself whereas also of the need to monitor your personal information, uncover any problems quickly. Again, very very interesting. I did a little project where I actually used somebody else's credit card with their permission of course and I spent over $4,000 using that credit card. I did everything from purchase things online to physically go to the store and purchase items to go to a restaurant and I was never asked for ID. They never checked the signature to match and nothing like that and it was just amazing how much money I was able to spend and I ended up giving the credit card back. Of course everything that was spent and so forth was reimbursed and so forth but needless to say it was a nice little project that I was able to see firsthand that it doesn't really matter. As long as you have a credit card you can spend money, it's crazy. If you ever lose your credit card or think you lost it make sure that you let your bank know or your credit card company know that you might wanna put a hold on it or make sure at least that you monitor it until you locate it or something. It's always better to put it on hold and then find it later and then have them open it back up then not say anything at all and wait a few days because within a few days your card might be maxed out literally. So you gotta be very cautious and aware of that. Also awareness of what to do when you suspect your identity has been stolen as something I just mentioned there. You can also check out the Consumer FTC website to check out some of those features. Now we have some little practice links here for you that you guys can check. And basically here there's little online games that you basically go through that actually ask you questions and take you through the process of what to do and so forth to see if you're aware of the different scenarios. So I've put a few different of the links out there, everything from auction, if you're doing any kind of online auctioning, if you know stuff about spyware or even using Friend Finder, ID theft, Face Off, we have Invasion Wireless Hackers I mentioned here a minute ago, right? If you're doing any kind of investment online, if you have any type of laptop that you just kind of have around, I was at the library not too long ago and there was a lady there that was sitting two tables down and she had her laptop up and running and everything and then she just leaves to go to the restroom and leaves her laptop right there, not even locked, not even locked and just leaves it there and is literally gone for at least five minutes and comes back, everything's course is fine but you could imagine just being gone for 20 seconds could be if nobody's looking, right? On how easily that laptop could have been stolen or compromised because she didn't lock the computer so it made it vulnerable to lots of attacks but be aware that that definitely is doable. Of course you're doing any kind of peer to peer sharing, phishing scams via email, spam scams and so forth, right? And things like that. So why don't we take you guys through some of these and then if you get an opportunity you can check out some of these other ones as well and go through it and kind of test yourself on that. So why don't we give that a shot and give it a go? All right, hopefully you had lots of fun going through some of those exercises there and again it seemed a little silly but it does come through and show you that there are definitely things out there that you're like, oh, I didn't know about that and hopefully that was the case on some of those and hopefully it was also a little fun to go through and kind of get yourself a little bit more awareness. So let me show you guys some other types of identity theft resources that you can use, some different websites in particular and so forth that you can check out and take from there. So let's go ahead and take a look at a few of those. All right, so hopefully that helped you out a little bit with looking at some of those sites and keep in mind overall, don't panic. This is just a short introduction to some of the matters and simple fixes, of course, that we'll be discussing and defending against hackers is as easy as playing solitaire on your PC. Once you know what you're looking for, the rest is gonna be pretty easy, right? So it's just a matter of getting what you're looking for and finding it and knowing what to do, of course, about it and so forth. All right, awesome. Well, great, let's go ahead and take you on to the next section. Let's go. Let's go.