Final Blog

Time to finish up your blog. This last assignment should be a retrospective look at your postings over the last 9 weeks. Time for a little analysis. Write up an entry that provides a summary of what you chose to write about.

My weekly blogs were all under the subject matter of Social Media Security:  Do’s and Don’ts.  I gave tips on how to keep your identity safe while on the internet, in Social Network websites and in your email.  I enforced how important strong passwords are and give tips on how to create an efficient password.  I also talked about phishing and clicking on unfamiliar sites and giving vital personal info.

First, you need to categorize your topics of choice. Did you write primarily on operating system issues? User errors? Viruses? Or did you write about a variety of topics? Why did you choose those topics?

Social Media Security: Do’s and Don’ts.  I chose this subject matter because it is very interesting and we can make it harder for the cyber criminals to invade us if we are informed. We can control our cyber experience by making it safer and securer.  Security is something we can do to better safe guard us and our info.

Next, you need to include an analysis of where you got your material. Did you use the same source each week? A variety each week?

My material came from articles that I searched for on the web.  I used a variety of material found in different places.  I found some articles by looking at TV and then searching the web for the event.  Some material I saw on the internet as I was doing other things.  I also used to Information Security Resource List that our instructor gave us in our Blogging instructions.

As the last part of this entry, include whether or not you thought this type of blog might be useful to an information security professional and provide a few lessons learned for the next group of students.

Yes, blogs like this can help everyone.  The Information Security Professional might learn something from other people’s experience.  As far as the next group of students, they would be lucky to have these blogs to inform them of the variety of subjects and examples that blogs like this can uncover.

False news about Olympic scandal used to spread malware

http://www.decryptedtech.com/news/false-news-about-olympic-scandal-used-to-spread-malware

Cybercriminals can and do take advantage of any event/thing that would target a large group of people.  They have done just that with the 2012 Olympics in London, England.  They have targeted a young woman olympian named Gabrielle Douglas.  She has already won a gold medal in Women's Gymnastics.

The email states that the gold medal winner has tested positive for a particular drug and suggests that you click on their link to youtube to see the actual story.  Here is an example of the circulating email:

Recent Olympic gold medal winner, USA Women's Gymnastics winner Gabrielle Douglas, faces a lifetime ban after reportedly testing positive to banned diuretic furosemide. With details of the case still emerging, British Olympics Committee has ordered a suspension of the athlete until final results arrive.
View the video on youtube now.

Just remember, never, ever, click on any uninvited link no matter what it says.  Again, you must remember when you are on the internet, you will have to use your common sense and not open any emails that just show up in your inbox out of the clear blue sky. 

Social media websites, as well as youtube, are popular and cybercriminals are using them to spread their malware.  They count on people to be careless and curious.  To better ensure that you will not become a victim, make sure your anti-virus software and malware protection is up-to-date and efficient.  It can save you from becoming the next victim of the cybercriminals.

Social Breach: Four ways to help recover compromised social media accounts

http://www.lansingstatejournal.com/article/20120728/LIFE/307280029/Social-Breach-Four-ways-help-recover-compromised-social-media-accounts?odyssey=tab%7Ctopnews%7Ctext%7CFRONTPAGE

So you have been a SMART social media user.  You have followed the regulations for creating SMART passwords, you have avoided those links that want you to click here and provide your credit card number...

Now somehow your personal space has been invaded.  Your name is showing up all over the internet saying you said this, or that you are the person tagged in a photo and on and on and on.

Well, there are ways to fight back.  Ways to revamp, regroup  and recover. 

1.  Change your password.  Go to the site of the account that was invaded and immediately change your password.  If that account cannot be accessed then research that social media to find out how to recover/change/restore your account. 

2.  Next, once you have gotten back into your account, temporarily revoke all apps and add-ons with that account.  Also, remove any app you do not need or you no longer use.

3.  Clean up your computer.  Scan your computer with a good, up-to-date anti-virus software.

4.  Delete anything that came from that account during the compromise.  Send messages to your "friends" and associates connected with that account to say that your account had been infected and security has been restored.  To be on the safe side, edit your profile to remove any spam sites that you may have gotten.

Risk is always present.  Security measures can lessen the threat but risk cannot be eliminated.  Using  SMART actions while on the internet can save you time and money but it cannot remove every risk.  But without any security, it would be like leaving the front door of your home open for all to come in.

Skout Overhauls Security, Reopens Social Network For Teens

Skout is a social media website whose motto is:  THE GLOBAL NETWORK FOR MEETING NEW PEOPLE...life is short, you are busy and people are having fun without you right now. So start Skouting and find your party, anytime, anywhere.

Seems that 3 teens were raped and/or assaulted by adults they met on the Skout website.  Skout shut down their teen portion  for 1 month to revamp their security.  They have now linked themselves with Facebook Connect which will verify their identity before hand.  They also removed the part in the teen section that shows where the teen lives. 

Social media networks have become very popular to the young and the old.  People are using these websites for business and pleasure.  When interacting with others online you must be aware of the risks that are associated with it. 

Protect your privacy.  Here are a few guidelines that will help you stay safe where you can enjoy your time online...

Don't let friends talk you into doing things online that you are not comfortable with (posting your cell number or your birthday, etc.).

Be aware of phishing scams.  Don't let scammers trick you into getting your financial information, personal information, etc..

Choose a username that doesn't have any of your personal information in it.

Associate these sites with an email separate than your personal email for your privacy.

Create strong passwords at these sites.

Only let your "friends" view your profile on social networking sites.

Learn how to use the sites privacy features.  They are there to use at your own discretion.

Be careful what you say online.  You can never erase it.  Once said it stays available to all for ever.  Be smart and safe with what you post.  Don't post pictures that you wouldn't share with your own family members.  What you post online, stays online, available to everybody online.

Fraud Alert: BBB Issues Nationwide Warning

Scams are popping up all over in all kinds of schemes.  Today I was checking my checking account balance at my local credit union.  I logged in and low and behold, there was an article about a new scam that hit nationwide.

The warning is about a scam that is sent to people thru emails, telephone calls, social media websites and various other means.  The scam says that the President of the United State, Barack Obama, has set up a federal assistance program that helps you with your utility bills.  To get the assistance the scam asks for your SS#, your bank account routing # and your bank account #.  Then the scammer gives you a fake bank routing # for you to use to pay your utility bill via a fake automated telephone service.

The telephone service accepts the payment but in a few days you will get a notice of a declined payment  because of an invalid account information.  So now your utility bill didn't get paid and someone has stolen your account information.

NEVER give your personal information (SS#, Financial Institution info, credit card #) to anyone that calls you.  If someone calls you about paying a utility bill, or if you are getting pressured to pay a bill over the phone, hang up and contact that utility company via their customer service line.  You can make your payment there if you need to.  If someone comes to your home inquiring or insisting on payment or checking your home, ask for their company ID and call the company and check on the individual.

These scams to steal your personal, financial and credit card information have become more advanced.  Use your common sense and don't let anyone pressure you to give them money or information.

Just last week a co-worker got a letter from a lawyer in Germany saying his distant relative, 78 yrs old, died 6 years ago.  It took them this long to find my co-worker who stands to inherit $118,000,000.  Of course my co-worker had a strange german name which is why he got the letter.  All my co-worker had to do was give the lawyer his bank account # and they would deposit the money into his account.  My co-worker doesn't actually remember the dead mans name ever coming up in his family circle.  He actually was thinking about giving his account # to this lawyer in Germany. 

What would you do or say?  Would you investigate the letter.  By the way, the envelope had no return address on it and the postmark was somewhere in Portugal.  Sound phishy to you?

Cyber criminals may use Olympics for phishing

Phising is the act of trying to obtain money or information like userids, passwords and credit card specific by disguising themselves as a  honorable entity in an electronic communication.

Apparently, there has been a warning to all that the scammers and phishers out there will be trying to use the 2012 Olympics, this summer in London, to get over on the people.  They are warning everyone to be really careful when purchasing Olympic apparel, items of interest, tickets, etc., from the internet.  There are fake sites that can and will draw people.  These sites, will attempt to sell you Olympic merchandise and when you give them your financial info they will take it and run.  Also, when you are preparing for your trip, beware of what connections you use to move your money.

Wow!  Can't even get ready for a trip to the Olympics because dishonest people are watching and waiting to take advantage of you.  What a wonderful world we live in.

How Identity Theft Might Happen Thru Social Networking Sites

I am sure we all know what it takes to sign up on one of the social networking sites.  They ask for too much information.  The more information out there, the more at risk you are of getting your identity stolen.

Here are some reasons that can make you more susceptible to the enemy:

*  Low or no privacy settings
*  Connecting with any or everyone (hard to figure out the good guy from the bad guy)
*  Downloading free apps to use on your profile
*  Sharing your password or profile information (TMI)
*  Participating in quizzes, divulging more information (questions like "How do you know me")
*  Clicking on links that others send you (doesn't matter if you know them or not...don't click)
*  Falling for a phishing scam (example-you get an email that says to please update your social networking profile) (that's a no no)
*  Not keeping your anti-virus and security software up to date (or even not having any at all)

Don't take the chance.  One mans unintended is another mans fortune.  They are out there everywhere just waiting for the opportunity to steal your identity.  Don't hand them the opportunity on a silver platter.  Be smarter than that.

More Facebook, Twitter Scams to Avoid

From get-rich-quick schemes to pornographic robots, the latest social networking scams reveal just how much more sophisticated the crooks are getting

It has been proven that even though social network users are concerned with their security, they don't take the proper precautions to protect themselves.  They will suffer from malware, phishing, weak passwords and scams.  Scams, from year to year, have become more sophisticated and tricky. 

Tweet for cash - Can you imagine getting paid for tweeting?  Remember the email scam where you could work from home emailing and make money?  Now it's twitter.  Those who fall for the scheme will be asked to pay $1.95 for a Twitter for Cash Starter Kit.  They are asked to put in their credit card for payment.  Now this person/company has your credit card to use and do with what they want to.  Of course you get the kit usually with a free trial period.  But by the time you get your credit card bill, you have charges on your bill that you didn't authorize.

Ur Cute-Msg Me on MSN - Again this is another scam that was used with email.  This one is where you get a tweet that features a sexy woman instead of the 140 word tweet.  Embedded in the picture is a msg asking you to contact them on MSN.  The conversation in the chat room isn't even with a real person. This bot is programmed to get you to an adult website and the rest is history.

Social networking is the now crave to keep in touch with family and friends.  Unfortunately, scammers see it as an opportunity to take advantage of users.  They have gotten very innovative too. User will need to be more careful.  Awareness is the name of the game.  Using common sense, most of the time, will suffice. 

Being on guard every time you twitter or write in Facebook tires me out.  I would rather leave it alone and write a letter or go visit someone to communicate with them.  I know twitter and Facebook span over millions and millions of miles.  Their messages that are sent are instantaneously received saving time and money.  Call me ole skool...I value my safety.

Remember:  If it sounds too good to be true...it is.  If it looks like a duck, walks like a duck, and quacks like a duck...it's a duck. 

Facebook Wants Your Phone Number for Security Purposes

Have you entered your phone number into Facebook yet?  They say it is for SECURITY reasons.  Then they have a link on their website to click that gives you tips about Facebook security... https://www.facebook.com/about/security.  When you click on this link this is what they tell you about the phone number...

Confirm your mobile number:

If you forget your password, we'll be able to text you a new one. To make sure we can reach you, confirm your mobile number.

 

That's why they want your phone number.  Well, I don't trust Facebook.  I don't use it that much.  For that reason I will not be complying to their request.  I know that my phone number would only be in my profile and only those who have the need-to-know will see it.  But I can't get to the point to register my cell number with that website.

My name is Deborah D. Dryver.  I am working on my CIS degree at Bellevue University, Bellevue, NE.  The assignment is to open a blog and weekly research the course topic 'Information Security Management' and post to this blog what I have found.

I welcome your feedback, comments and opinions.

Thank You,
Debbi D.