 All right, now let's take a look at some basic security on how to secure computer for personal internet use. Now, some class topics on this here is we're gonna look at the online risk. See what's available on there. And we'll look at the hackers. They kind of came about to be. And look at identity theft as well as some end user security best practices, and more specifically on password and password attack countermeasures, as well as setting up security protocols such as internet security suites and our spyware, et cetera, et cetera, et cetera. So what are the risks? Well, you may already know that viruses are bad. Spyware is bad. You may have heard of something called adware which could also be bad, but more annoying than anything else. But you know, it always comes down to what you don't know will probably hurt you at least in this field. So let's take a look at some of the things that we know about and hopefully get into some of the unknown. So some of the known risks that we have, right? But did you know that you could actually be helping hackers with getting your information and using it for their benefit if you happen to use email? And the likelihood of 99.99% of you all using email is most likely, right? Do you use some type of auto fill in when you go to your browsers and use the internet explorer or Firefox or Chrome or whatever it is you're using for internet exploring? And usually comes with a nice little feature called the auto fill in. This is where basically you go to a form that you fill out and you get to put in your information. And then if you go to another form somewhere else, it will then have that information that you've already put in so you don't have to refill it in every time. It's a nice little convenience. However, very dangerous to have on your machine. Very easy to get to as a hacker. Do you shop online? Likelihood is probably. Whether it be both private or on via the business, that could definitely put you at risk. Do you use a messenger or instant messenger program? All right, so IM program, such as AOL, instant messenger, Yahoo, MSN, or Link or something to that effect, that could possibly put you at risk. Do you clear your cash and cookies regularly? If you do, that might be actually a good thing. If you don't, that could possibly be a cause of concern because hackers will actually get access to those cookies and to your cash, which is basically where your temporary internet files are stored and so forth. Now do you also allow ActiveX controls? And sometimes this can be controlled through what we call a group policy. So whenever you log into the system, it sets this group policy that says do not use ActiveX controls for certain sites and so forth and only use it for internal sites, which we call the intranet and such. Now did you know according to your recent survey only less than three minutes, less than three minutes for your computer to be attacked once it's connected to the internet? Now my personal opinion is that it takes a lot less than three minutes. I mean, we're talking literally 30 seconds that you could be attacked from the internet once you're connected. It all just depends on what type of security you already have in place before you connect to the internet. If you have no security and you connect to the internet, it can be literally less than a minute of time before your computer is attacked. I used to teach back when Windows 2000 first came out, Microsoft course, where we installed 2000 professional. This was before Windows XP. And while we were updating, looking for updates online, while we were doing the updating, we were getting attacked. So it didn't take very long at all, even back then to be attacked and mainly had to do with what kind of security measures you already have in place. If you have a firewall, then you're somewhat secure. You have an antivirus and firewall, you're a little bit more secure. You have lots of different options there that you can implement and that your organization most likely is implementing to help protect against that. So again, what are the risks here? There are ways of accessing the system with attackers pretending they're legitimate companies like Microsoft and so forth and learning your private information often without you knowing it's even happening. They will then have possibly remote access to your machines. They can remote to your machine whenever you're connected to the internet. It could be coming through bogus Microsoft updates, for instance. So instead of going through the Microsoft update site, you're going to some third party site and downloading updates that way. It could be recording cookies, which a cookie is basically a text file on your system that is stored in your cache file, isn't in your temporary cache, temporary files, that actually stores information about you. So next time you go to a website, it'll have like your name and says, welcome back and it'll have your name there and it's all stored within a cookie and that's how it knows who you are. And of course, we also have root kits and keystroke loggers and these of course are very hard to find at times and they can cause a lot of damage. Specifically too, they cause your machines to generally slow down and cause them to crash every so often and use up a lot of your resources just as your memory and your processing power. So things you need to know, did you know that if someone were to access the internet from your home and a crime was committed, the odds are that you will be held responsible? Here, according to infoworld.com, recent article, if someone commits a crime with your internet connection, you should, you could be held responsible and some others say that you should be held responsible. This is very true actually. A lot of the advanced hacking and such that I do with mile two, some of it comes through the wireless side of things and you probably, I'm assuming you would have some type of wireless access point which is a wireless router that you connect to your internet through and if somebody got a hold of that router or was able to get onto your machine, onto your network via that router because you either one didn't secure it, you left it unsecured or you have very weak security such as web security for instance with a weak key, then somebody, if somebody does get access to that and then commits crimes because it is your equipment, you may be held responsible for that and there are definitely cases out there where that was the case. So just be very cautious that because it's your equipment, you have to be careful, you have to keep it protected. So make sure you put some good passwords on it. Make sure you secure it with higher encryption levels. So when it comes to wireless, for instance, you wanna use WPA or WPA2 as part of your security encryption and you wanna make sure that everything is nicely password protected with nice long complicated passwords. Now complicated password doesn't necessarily mean that it has to be up or lowercase symbols and everything and sound all like 3G, explanation 0.52, uppercase D, lowercase B, number eight, the at symbol and so forth but it can be simply something like Mary had a little lamb but you just use the first initial of every word and then you maybe add a number or a symbol there and that could be it as well, something easy to remember. We refer to that as a past phrase and it could be something like that. Make sure it's plenty of characters long as in eight or more or even 10 or more characters. All right, now if we look at the hacker, there's basically different levels of hackers. All right, now when we look at the term hacker, there's different levels of hackers and even within the hacking community they have their own little system, own reasons to access the commit and so forth such as like your vandals that basically do out of curiosity or personal fame. These would be called your script kitties and the script kitties are generally what we call the noobs or the newcomers. They basically will download a tool and then just execute the tool without really knowing what the tool is doing or how to execute the attack without the tool and such. So these are generally gonna be, maybe your preteens, your teenagers and such that are out there causing a little bit of havoc and maybe they're just doing it for personal fame more than anything else. You also have your trespassers and these are gonna mainly maybe do it more so for personal gain. There might be money involved there and they can range from being more like a hobbyist to expert hacker considered within that realm. We also have course within the personal gain also the largest area lost with the dollar amount. And if we move on up, we have our thieves and these are gonna have the largest area of dollar loss also fastest growing segment and this is gonna be what the identity theft people are basically and these are gonna be the ones stealing your credit card numbers and swiping your card. It could be as simple as somebody at the restaurant that you give your credit card to and they have another card swiper that they use and that will just record your information. All they have to do is swipe it as simple as that and they may even do it in plain sight in front of you without you really knowing. So again, it's very, very dangerous and such out there, but it's also very profitable for them if they gather enough credit card information with everything else about you, right? And also the largest segment spent on dollar amounts spend on the defend of course would be your spies, right? These are gonna be your experts, your specialists and of course they might have more of a national interest in it. These might also be the hacktivists which may do it more for a cause than anything else but again, largest amount of dollar spent on the fence against it is definitely there. So keep that in mind as you kinda see things going on and so forth and just know that it's very real and very, very current. So what is identity theft? Well, identity theft occurs when someone uses their personally identifiable information like your name, social security number, credit card number without your permission to commit frauds or other crimes. And the FTC estimates that as many as 10 million Americans have their identity stolen each year and you can actually go to the consumerftc.gov website to check that out and it's amazing on some of the things there. It's becoming more and more each year and it's very easily done. So you have to be very cautious, check items, make sure you do a lot of different things there to get things going. All right, fighting identity theft. Now, awareness, of course, is an effective weapon against identity theft. You need to be aware of what's going on. What are these bad guys doing out there? How are they actually committing this? What are they doing to get your information and things like that? And they do everything from stealing your mail from the mailbox to just swiping your credit card at the local restaurant. I mean, it's very, very straightforward, very easy to do. It just depends on how desperate they are and so forth that they're in the situation they're in. So awareness also, how information is stolen, what you can do to protect yourself. Awareness also of the need to monitor your personal information to uncover any problems quickly. Again, very, very interesting. I did a little project where I actually used somebody else's credit card with their permission, of course, and I spent over $4,000 using that credit card. I did everything from purchase things online to physically go to the store and purchase items to go to a restaurant. And I was never asked for ID. They never checked the signature to match and nothing like that. And it was just amazing how much money I was able to spend. And I ended up giving the credit card back. Of course, everything that was spent and so forth was reimbursed and so forth. But needless to say, it was a nice little project that I was able to see firsthand that it doesn't really matter. As long as you have a credit card, you can spend money, it's crazy. So if you ever lose your credit card or think you lost it, make sure that you let your bank know or your credit card company know that you might wanna put a hold on it or make sure at least that you monitor it until you locate it or something. It's always better to put it on hold and then find it later and then have them open it back up, then not saying anything at all and wait a few days because within a few days, your card might be maxed out literally. So you gotta be very cautious and aware of that. Also awareness of what to do when you suspect your identity has been stolen. That's something I just mentioned there. You can also check out the consumer FTC website to check out some of those features. Now we have some little practice links here for you that you guys can check. And basically here, there's a little online games that you basically go through that, actually ask you questions and take you through the process of what to do and so forth to see if you're aware of the different scenarios. So I've put a few different of the links out there, everything from auction. If you're doing any kind of online auctioning, if you know stuff about spyware or even using Friend Finder, ID theft face off, we have invasion wireless hackers I mentioned here a minute ago. If you're doing any kind of investment online, if you have any type of laptop that you just kind of have around, I was at the library not too long ago and there was a lady there that was sitting two tables down and she had her laptop up and running and everything and then she just leaves to go to the restroom and leaves her laptop right there, not even locked, not even locked. And just leaves it there and is literally gone for at least five minutes and comes back everything's course is fine but you could imagine just being gone for 20 seconds could be if nobody's looking, right? On how easily that laptop could have been stolen or compromised because she didn't lock the computer. So it made it vulnerable to lots of attacks but be aware that that definitely is doable. Of course you're doing any kind of peer to peer sharing, phishing scams, email spam scams and so forth, right? And things like that. So why don't we take you guys through some of these and then if you get an opportunity you can check out some of these other ones as well and go through it and kind of test yourself on that. So why don't we give that a shot and give it a go? All right, hopefully you had lots of fun going through some of those exercises there. And again, it seemed a little silly but it does come through and show you that there are definitely things out there that you're like, oh, I didn't know about that. And hopefully that was the case on some of those and hopefully it was also a little fun to go through and kind of get yourself a little bit more awareness. So let me show you guys some other types of identity theft resources that you can use, some different websites in particular and so forth that you can check out and take from there. So let's go ahead and take a look at a few of those. All right, so hopefully that helped you out a little bit with looking at some of those sites and keep in mind, you know, overall, don't panic. It's just a short introduction to some of the matters and simple fixes, of course, that we'll be discussing and defending against hackers is as easy as playing solitaire on your PC. Once you know what you're looking for, the rest is gonna be pretty easy, right? So it's just a matter of getting what you're looking for and finding it and knowing what to do, of course, about it and so forth. All right, awesome. Well, great, let's go ahead and take you on to the next section.