Social Engineering
Social Engineering:
A hacker’s use of psychological tricks on legitimate users of
a computer system, in order to obtain information (for example, a password)
he needs to gain access to the system.
Social Engineering is one of the largest preventable
threats. Hackers can call or email members pretending to be from legitimate
institutions and ask the member to verify personal information or passwords.
Hacker may also visit public access places (public libraries, computer
labs, etc.) and look for saved passwords on these PCs.
How to protect yourself from social engineers:
- Be careful not to disclose information to someone
you don’t know over the phone, through email, or when using
the Internet.
- Don’t share personal information though Internet
chat rooms.
- Understand how information will be used before sharing
it with merchants.
- Know if you have a choice in how your information
is used and shared.
- Have checks printed by reputable check vendors (like
the credit union’s preferred provider)
- Don’t include your Social Security Number,
driver’s license or other information on requests for printing
checks.
- Limit the number of items with personal information
and account numbers in your wallet when you travel.
Phishing or Brand Spoofing
Phishing: Pronounced
“fishing,” the act of sending an email to a user falsely
claiming to be an established legitimate business in an attempt to scam
the user into surrendering private information that will be used for
identity theft.
Ways you can protect your self from phishing:
- BE SUSPICIOUS.
- Be wary of providing any personal information in
any transaction that you did not start contact.
- Contact the company cited in the email using a telephone
number or Web site address you know to be genuine.
- For more information please visit
the Anti-Phishing
Working Group.
Viruses, Worms & Trojans
- Virus: a small, infectious program
designed to alter the way a computer operates without the knowledge
or consent of the user. They are not usually self-replicating and
require the assistance of a user to propagate. Viruses can be spread
via floppy disks, e-mail, and in some office software documents (Word,
Power Point, Word Perfect, etc.).
- Worm: a form of virus that does
not require user intervention to replicate over a network. Working
"behind the scenes" without the user knowledge, a single
worm may initiate connections to hundreds of machines in minutes.
As a result time is a critical factor when dealing with a worm.
- Trojan: A virus is one that is concealed
within a "normal" program. When executed the program may
release the Trojan code and possibly allow an attacker administrative
control of the PC.
Ways
you
can
protect
yourself
from
viruses,
worms
and
trojans:
- Purchase and install Anti-Virus software and update
it daily before checking your email.
- Obtain all Microsoft security updates.
- Be SUSPICIOUS.
- Do not open ANY unexpected email attachments.
- Do not download or install unauthorized software.
- Do not leave a floppy disk in the floppy disk drive
when you shut down or restart the computer. Write-protect your floppy
disks after you have finished writing to them.
- Verify that the author of the email has sent the
attachments. Newer viruses can send email messages that appear to
be from people you know or sites you routinely visit.
- For more information on viruses and anti-virus
software visit Symantec or McAfee
