Thursday, December 04, 2008

Shopping Safely Online: Cyber Security Tip ST07-001

Cyber Security Tip ST07-001
Shopping Safely Online

Online shopping has become a popular way to purchase items without the
hassles of traffic and crowds. However, the Internet has unique risks,
so it is important to take steps to protect yourself when shopping

Why do online shoppers have to take special precautions?

The Internet offers a convenience that is not available from any other
shopping outlet. From the comfort of your home, you can search for
items from countless vendors, compare prices with a few simple mouse
clicks, and make purchases without waiting in line. However, the
Internet is also convenient for attackers, giving them multiple ways
to access the personal and financial information of unsuspecting
shoppers. Attackers who are able to obtain this information may use it
for their own financial gain, either by making purchases themselves or
by selling the information to someone else.

How do attackers target online shoppers?

There are three common ways that attackers can take advantage of
online shoppers:
* Targeting vulnerable computers - If you do not take steps to
protect your computer from viruses or other malicious code, an
attacker may be able to gain access to your computer and all of
the information on it. It is also important for vendors to protect
their computers to prevent attackers from accessing customer
* Creating fraudulent sites and email messages - Unlike traditional
shopping, where you know that a store is actually the store it
claims to be, attackers can create malicious web sites that mimic
legitimate ones or create email messages that appear to have been
sent from a legitimate source. Charities may also be
misrepresented in this way, especially after natural disasters or
during holiday seasons. Attackers create these malicious sites and
email messages to try to convince you to supply personal and
financial information.
* Intercepting insecure transactions - If a vendor does not use
encryption, an attacker may be able to intercept your information
as it is being transmitted.

How can you protect yourself?

* Use and maintain anti-virus software, a firewall, and anti-spyware
software - Protect yourself against viruses and Trojan horses that
may steal or modify the data on your own computer and leave you
vulnerable by using anti-virus software and a firewall (see
Understanding Anti-Virus Software and Understanding Firewalls for
more information). Make sure to keep your virus definitions up to
date. Spyware or adware hidden in software programs may also give
attackers access to your data, so use a legitimate anti-spyware
program to scan your computer and remove any of these files (see
Recognizing and Avoiding Spyware for more information).
* Keep software, particularly your web browser, up to date - Install
software patches so that attackers cannot take advantage of known
problems or vulnerabilities (see Understanding Patches for more
information). Many operating systems offer automatic updates. If
this option is available, you should enable it.
* Evaluate your software's settings - The default settings of most
software enable all available functionality. However, attackers
may be able to take advantage of this functionality to access your
computer (see Evaluating Your Web Browser's Security Settings for
more information). It is especially important to check the
settings for software that connects to the Internet (browsers,
email clients, etc.). Apply the highest level of security
available that still gives you the functionality you need.
* Do business with reputable vendors - Before providing any personal
or financial information, make sure that you are interacting with
a reputable, established vendor. Some attackers may try to trick
you by creating malicious web sites that appear to be legitimate,
so you should verify the legitimacy before supplying any
information (see Avoiding Social Engineering and Phishing Attacks
and Understanding Web Site Certificates for more information).
Locate and note phone numbers and physical addresses of vendors in
case there is a problem with your transaction or your bill.
* Take advantage of security features - Passwords and other security
features add layers of protection if used appropriately (see
Choosing and Protecting Passwords and Supplementing Passwords for
more information).
* Be wary of emails requesting information - Attackers may attempt
to gather information by sending emails requesting that you
confirm purchase or account information (see Avoiding Social
Engineering and Phishing Attacks for more information). Legitimate
businesses will not solicit this type of information through
* Check privacy policies - Before providing personal or financial
information, check the web site's privacy policy. Make sure you
understand how your information will be stored and used (see
Protecting Your Privacy for more information).
* Make sure your information is being encrypted - Many sites use
SSL, or secure sockets layer, to encrypt information. Indications
that your information will be encrypted include a URL that begins
with "https:" instead of "http:" and a lock icon in the bottom
right corner of the window.
* Use a credit card - Unlike debit cards, credit cards may have a
limit on the monetary amount you will be responsible for paying if
your information is stolen and used by someone else. You can
further minimize damage by using a single credit card with a low
credit line for all of your online purchases.
* Check your statements - Keep a record of your purchases and copies
of confirmation pages, and compare them to your bank statements.
If there is a discrepancy, report it immediately (see Preventing
and Responding to Identity Theft for more information).


Authors: Mindi McDowell, Monica Maher

Produced 2007 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Thursday, November 20, 2008

Dealing with Cyberbullies

Cyber Security Tip ST06-005
Dealing with Cyberbullies

Bullies are now taking advantage of technology to intimidate and harass
their victims. Dealing with cyberbullying can be difficult, but there are
steps you can take.

What is cyberbullying?

Cyberbullying refers to the new, and growing, practice of using technology
to harass, or bully, someone else. Bullies used to be restricted to methods
such as physical intimidation, postal mail, or the telephone. Now,
developments in electronic media offer forums such as email, instant
messaging, web pages, and digital photos to add to the arsenal. Computers,
cell phones, and PDAs are new tools that can be applied to an old practice.

Forms of cyberbullying can range in severity from cruel or embarrassing
rumors to threats, harassment, or stalking. It can affect any age group;
however, teenagers and young adults are common victims, and cyberbullying is
a growing problem in schools.

Why has cyberbullying become such a problem?

The relative anonymity of the internet is appealing for bullies because it
enhances the intimidation and makes tracing the activity more difficult.
Some bullies also find it easier to be more vicious because there is no
personal contact. Unfortunately, the internet and email can also increase
the visibility of the activity. Information or pictures posted online or
forwarded in mass emails can reach a larger audience faster than more
traditional methods, causing more damage to the victims. And because of the
amount of personal information available online, bullies may be able to
arbitrarily choose their victims.

Cyberbullying may also indicate a tendency toward more serious behavior.
While bullying has always been an unfortunate reality, most bullies grow out
of it. Cyberbullying has not existed long enough to have solid research, but
there is evidence that it may be an early warning for more violent behavior.

How can you protect yourself?

* Be careful where you post personal information - By limiting the number
of people who have access to your contact information or details about
your interests, habits, or employment, you reduce your exposure to
bullies that you do not know. This may limit your risk of becoming a
victim and may make it easier to identify the bully if you are
* Avoid escalating the situation - Responding with hostility is likely to
provoke a bully and escalate the situation. Depending on the
circumstances, consider ignoring the issue. Often, bullies thrive on the
reaction of their victims. Other options include subtle actions. For
example, if you are receiving unwanted email messages, consider changing
your email address. If the bully does not have access to the new
address, the problem may stop. If you continue to get messages at your
new account, you may have a stronger case for legal action.
* Document the activity - Keep a record of any online activity (emails,
web pages, instant messages, etc.), including relevant dates and times.
In addition to archiving an electronic version, consider printing a
* Report cyberbullying to the appropriate authorities - If you are being
harassed or threatened, report the activity to the local authorities.
Law enforcement agencies have different policies, but your local police
department or FBI branch are good starting points. Unfortunately, there
is a distinction between free speech and punishable offenses, but the
legal implications should be decided by the law enforcement officials
and the prosecutors. Depending on the activity, it may also be
appropriate to report it to school officials who may have separate
policies for dealing with activity that involves students.

Protect your children by teaching them good online habits (see Keeping
Children Safe Online for more information). Keep lines of communication open
with your children so that they feel comfortable telling you if they are
being victimized online. Reduce their risk of becoming cyberbullies by
setting guidelines for and monitoring their use of the internet and other
electronic media (cell phones, PDAs, etc.).


Author: Mindi McDowell

Produced 2006 by US-CERT, a government organization.

Note: This tip was previously published and is being re-distributed
to increase awareness.

Saturday, November 08, 2008

Power Point 2007 Practice

Power Point 2007 “Boot Camp”

Links for lessons and quick reference cards must be opened in Internet Explorer.

Printable links require Adobe Reader. Download for free at

Create Your First Presentation

Lesson 1
Practice Steps (printable)

Lesson 2
Practice Steps (printable)

Lesson 3
Practice Steps (printable)

Quick reference Card

Personalize Your Slide Design

Lesson 1
Practice Steps (printable)

Quick reference card

Get Visual with SmartArt Graphics

Lesson 1 (none)

Lesson 2
Practice Steps (printable)

Lesson 3
Practice Steps (printable)

Quick reference Card

Adding Sound Effects

Lesson 1
Practice Steps (printable)

Lesson 2
Practice Steps (printable)

Quick Reference Card

Monday, June 30, 2008

Firefox Demo & Tips

Here's a screencast (with audio) explaining some of the new features and functionality in Firefox 3.0

Here's a video tour (with audio) also about new features.

Here's a list of how do to tasks.

New features explained.

Tips & tricks

Firefox Field Guide

Monday, June 16, 2008

Firefox Download Day!

Firefox 3 arrives.
Be a part of the attempt at a Guinness world record for downloads on Tuesday!
Download Day - English