Archive for the ‘Member Education’ Category

Facebook ID Probe

August 30, 2007

A good read here, “Sophos Facebook ID probe shows 41% of users happy to reveal all to potential identity thieves“.

Sophos Facebook ID Probe findings:

 

  • 87 of the 200 Facebook users contacted responded to Freddi, with 82 leaking personal information (41% of those approached)
  • 72% of respondents divulged one or more email address
  • 84% of respondents listed their full date of birth
  • 87% of respondents provided details about their education or workplace
  • 78% of respondents listed their current address or location
  • 23% of respondents listed their current phone number
  • 26% of respondents provided their instant messaging screenname

Talk about an opportunity to educate our members. This type of information could also be used in Spear Phishing attacks.

 

Posted in Member Education, Misc, Phishing, Staff Education | 1 Comment »

In the eyes of a Phiser

May 21, 2007

In a post recently from RSnake at ha.ckers.org, he had a chance to discuss items from a Phishers perspective. The phisher he spoke to calls himself “lithium”.

In the post there were two questions asked that caught my eye:

“Are there any anti-phishing deterrents (tools or technology) that make life as a phisher harder?

Oh sure, There are many things that make pishing harder. But since Internet Explorer 7 and firefox 2 have implemented an antiphishing protection, Those two cause the most irritation.”

and

“Do you forsee any changes to the phishing industry that are worthy of note?

No.”

With those thoughts in mind what will a .bank TLD do to help the Anti-Phishing efforts. I still believe that education of members and staff are the best way’s to combat Phishing.

Posted in Member Education, Phishing, Staff Education | 2 Comments »

End User and Member Education

May 18, 2007

I read an article today called People will click on anything and it got me thinking about education.

It seems that Didier Stevens from Contraste Europe created aGoogle Adwords Campaign called Drive-By Download, get you PC infected here. During the six month period that he had the ad up the ad was viewed 259,753 and clicked on 409 times.

What does this have to do with Education. It seems we stress so much on email, phishing, virus, and other threats, that when it comes to the daily habits of users we do not stress enough about security. People are so used to just “Browsing” the web that they do not care about what the site could or could not do to their PC’s.

Another article on MSNBC’s Red Tape Chronicles New Net threat: Infectious Web pages shows that insecurities in web based applications could cause your PC to become infected with Malware. It could even come from the site you visit every day.

Education on the threats that are out there and how to keep yoursel, members, and staff is extremely important. The tricky part of this is not to scare them, but to educate them.

Posted in Member Education, Staff Education | Leave a Comment »