[IS&T Security-FYI] Newsletter, September 7, 2007
Monique Yeaton
myeaton at MIT.EDU
Fri Sep 7 08:58:54 EDT 2007
In this issue:
1. Back to School Tips from Tony Bradley
2. Schools In the News: Johns Hopkins University
3. Tip of the Week: Beware Domain Renewal Fraud
-----------------------------------------------------
1. Back to School Tips from Tony Bradley
-----------------------------------------------------
Summer is over and schools are back in session. Now is a good time
for students, parents, teachers, and school administrators to learn
(or refresh their memory on) some basic computer security concepts to
make sure everyone's computer usage is safe and secure. Some of the
things to keep in mind:
- Using the Internet Safely
Whether it's MySpace or FaceBook, these social networking sites are
so popular that they are often the target of hackers, predators, and
other people with bad intentions. Kids often share too much
information online and are gullible when it comes to clicking on
interesting-looking links. A 2005 study shows that one in three
children ages 6 to 17 reported being bullied online; 17% had been
harassed; 8% had been threatened; 6% had been stalked; another 6% had
been victims of identity theft. (These numbers are just from those
who reported. Who knows how many have kept silent.) Adults should
talk with young people about the threats and how they can prevent
becoming victims. It is the best way to make sure they understand
what they are doing when they surf the Web.
<http://netsecurity.about.com/od/newsandeditorial1/p/myspace.htm>
- Peer-to-Peer Networks
The popular activity of downloading, uploading and sharing files
through a peer-to-peer (P2P) network can get people into more hot
water than they anticipate. The concept of sharing seems benign
enough, but it comes with risks. Not only can you be held accountable
for infringement if the files you are sharing are copyright
protected, but sharing files on your computer goes against many of
the basic principles of securing your computer.
<http://netsecurity.about.com/od/newsandeditorial1/a/p2psecurity.htm>
- Protect Yourself from Spyware
In addition to protecting your computer from viruses and the like
caused by malware, you should also control the onslaught of spyware
and adware. These programs can track and monitor what you do on the
Web or in the worst-case scenario actually monitor keystrokes and
capture passwords. Five tips on protecting against these threats are
listed at the following site:
<http://netsecurity.about.com/cs/generalsecurity/a/aa050204.htm>
- Identity Theft
Social engineering and computer theft can often lead to data breaches
that put people's personal information and identities at risk. When
your password or personal identifiable information is stolen,
criminals can use it to gain access to your money or to commit crimes
in your name. It is up to each individual to monitor and protect
their personal information and credit. View ten tips on identity
theft here:
<http://netsecurity.about.com/od/newsandeditorial1/a/aaidenttheft.htm>
- Using Wi-Fi
Wi-Fi (wireless) networks are another modern day computer risk. As
more people set up wireless home networks, hackers find ways to get
their personal information. Using other people's wireless networks
can also be risky. Find out more here:
<http://netsecurity.about.com/od/hackertools/a/aa072004b.htm>
---------------------------------------------------------------
2. Schools In the News: Johns Hopkins University
---------------------------------------------------------------
Johns Hopkins University waited five weeks before notifying patients
and their families about the theft of a desktop computer containing
patient information. The computer, taken from an "administrative
area" of Johns Hopkins University Hospital contained patient names,
Social Security numbers, dates of birth, medical history and other
personal information. According to University officials, the computer
was secured to the desk by a steel cable and it was password-
protected. However, the computer did not contain an encryption
software to protect the data nor was a the data password-protected.
Read the full story in the Baltimore Sun: <http://
www.baltimoresun.com/news/health/bal-te.theft01sep01,0,1208422.story>
-----------------------------------------------------------------
3. Tip of the Week: Beware Domain Renewal Fraud
-----------------------------------------------------------------
If you registered a Web site you may receive a letter or email from
Domain Registry of America, Domain Renewal, or others, suggesting
that since the renewal of the domain's registration is coming up, you
should renew the domain with them. I received one of these letters in
the mail just about a month ago from Domain Registry of America. The
letter stated that paying $30 would guarantee that my site would
remain registered and not fall into the hands of anyone else.
Lucky for me, I learned that this is a ploy used by some companies to
"steal" your domain name, your money, and to lure customers away from
legitimate Web hosts. Anyone can look up a domain name and see if it
is registered. They can then find your contact information and
attempt to trick you into "registering" the domain with them. Don't
fall for this trap, as I almost did. To learn more see these articles:
E-Week: <http://www.eweek.com/article2/0,1759,2159134,00.asp>
Domain Name Wire: <http://domainnamewire.com/2007/07/16/new-domain-
name-renewal-scam-hits-inoxes/>
------------------------------------
Let us know how we're doing
------------------------------------
Do you find this communication helpful? Are there other items of
interest you would like to see included as well? Please take a
moment to let us know. <ist-security-fyi-owner at mit.edu>
Thank you,
Monique
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
More information about the ist-security-fyi
mailing list