The video opens in a small, dimly lit room while a man with a Russian accent explains to his audience, “Hello. I’m Nikolai—president of Bank of Nikolai. Give me your money and I take care of it for you, no problem. It’s so easy with online. I do computer transfer from your bank to my bank of Nikolai, then I put in my pocket. Left side. Front pocket. Very safe. You can trust me. Look! I have pen.” At the end Norton presents you with a choice: accept or deny.
This is exactly the choice that the “Stop. Think. Connect.” seminar presented its participants with. Do we accept cyber criminals’ attempts to steal our personal information or do we stop them in their tracks? Granted, it’s not always as easy to see the Bank of Nikolai is an untrustworthy source when they proposition you via an e-mail instead of seeing them in person. However, this seminar focused on educating the USF community to better protect ourselves against social engineering so that we can make informed decisions when Nikolai comes lurking in the shadows of the cyber world.
Social Engineering is defined as the manipulation of people to reveal their personal and confidential information (like bank accounts or passwords) via your computer. The training contained three objectives: to redefine our perception of social engineering, how to detect it, and how to protect ourselves against it. This way you can make educated decisions when accepting or denying certain links, data, files, and websites lowering your risk of infecting your computer or personal accounts.
As one man testified in a short video we watched, we should never be so arrogant as to assume we’re not next. The scams that people use today are complex. Not too long ago the biggest security threat came from hackers. Hackers would break into a program or computer’s coding and steal information without the owner even knowing it was happening. However, with better spyware protection and stronger programming, recent trends show that it is easier for cyber criminals to exploit human nature rather than the machine itself.
Today’s cyber criminals take a bold approach when stealing your information; they feel no qualms about contacting you directly and tricking you into handing over personal information. In the commercial, there is no doubt that Nikolai is a shady character. However, in reality it is not always so clear; many people would be surprised to discover how easily they are tricked into giving Nikolai all the information he needs by clicking on one link.
Cyber crime removes the personal factor out of stealing. As Nick Recchia of the ITS Security Services department explained, if someone mugs you on Market Street, they run the risk of witnesses, police or cell phones capturing the whole thing for what may only give them $10. However cyber crime adds a sense of anonymity and also the potential for a large amount of cash. These payoffs encourage cyber criminals to target more people and constantly create new scams.
The most important tip to avoid victimization is to keep your personal information private. Once again, this may be obvious but it’s harder than one would think. Always think twice before clicking on links from foreign e-mails and even be weary of links sent from friends. It’s possible that their computer has been infected and a scam e-mail has been sent to everyone in their address book under their name. Think twice before inputting any personal information. Who is asking? Have you heard of them before? Are you sure this is really the company they say they are?
USF does it part to protect personal information. This is done through various avenues, one of which is awareness education like this training. There are also confidential bins in USF offices that are locked with a slit on top of them. Any documents put in these will be properly destroyed so no paper trail can be found to your personal information. USF wireless requires an authentication before logging on so that people who should not be using it are blocked from getting on the internet. Also, there are campus wide ID numbers, unique to each student, used to identify us limiting the use of social security numbers.
For more information on how to protect yourself, please read the Implications of Social Networking, How to avoid Identity Theft, and Simple tips to avoid a computer security nightmare blogs. You can watch a video of the entire training here.