The Art of Deception

In spite of the effort put into protecting your network... the human element is the weakest link in the chain.  Technology alone cannot protect us.

Social Engineering is an "outside hackers use of psychological tricks on legitimate users of a computer system, in order to obtain information he needs to gain access to a system".

This lesson will introduce you to the dangers that may come your way through Social Engineering.  It includes comments from a notorious social engineer... Kevin Mitnick.

How to Protect Yourself

This lesson provides an dramatic example of a social engineer using his ability and the lack of in-place policies to bypass security.  And then we see how we might prevent such a breach with protective measures.

Administrators need to:

• Establish Policies'
• Train Employees
• Run Drills

Office users need to:

• Be aware of the tricks
• Follow the in-place policies

Protect Yourself from Phishing

Phishing is usually a combination between email and a website that is designed to obtain personal information from a user by posing as a legitimate contact... like the users bank.

Two things are needed to protect ourselves.... the first is the right technology that will assist us... the second is common sense.

In this lesson you will see a very real phishing scam and how we might be tricked by one.  You will also see how phishing filters can help to protect us.

Strong Passwords... How to Create Them

Passwords are the key to your information.  So... at work, at home, for your banking, for your email... wherever you use a password... you need to utilize stronger password strategy.

Here are some suggestions:

• Passwords should contain eight or more characters, combine uppercase and lowercase letters with numbers and symbols if possible.  Use a pass phrase if possible.
• Have different passwords for different locations.
• Use a password checker to verify strength.
• Try not to use obvious things in life like birth date, anniversary or names in passwords.
• Never store your passwords near the computer.

Simple Rules: Don't Click It... Plug It In... Say It... or Throw It Away...

This lesson includes a few rules to help you protect yourself or your organization from the dangers of social engineering like:

• Do not open unexpected e-mail attachments.
• Do not plug in or use USB drive, CD or DVD that you do not know where it came from.
• Do not ever give away your password even to someone claiming to be your Network Administrator.
• Do not throw away anything with personal information unless you shred it.