St Mary’s IT Training – How to Spot Internet Scams & Fake Emails

St Mary’s IT Training – How to Spot Internet Scams & Fake Emails


we’re going to try a bit of an experiment and just record this so we can put it online that’s why we’re taking it bit more seriously right okeydoke, so we want to do a few of these sort of sessions and we thought the one that we start off with would be data security because lots of people seem to have problems with not understanding links and what-have-you so what I’m going to do is just run through a couple of slides and then we’ll go on to more of a sort of demo stuff explaining sort of things to be aware of so a few interesting facts that sometimes people are not aware of ninety percent of all the data in the world has only been created in the last two years so that gives you an idea of what’s actually out there I mean it is a whole a whole new whole new thing really and the other interesting thing is that there is no such thing as a 100% secure system so despite what anybody may say there is always going to be the possibility that you or someone else is going to steal data from something that you use and it’s probably worth mentioning that actually the highest attack area is actually user behavior more than actually a technical things like leaving laptops open using poor passwords and things like that it’s a lot of this stuff that you’re aware of but it’s worth sort of reinforcing it and also insecure devices and dare I say a lot of this is beyond the control of any sort of ICT wizardry you know it really is a matter of users actually just being a little bit more aware of it a couple of very very quick suggestions obviously make sure that your ways PIN protect every device that you have you know in many ways your life is on these devices now when you actually take into account your your emails and any sort of files that you have on there and social media and it’s quite surprising how many people don’t even have them PIN protected you know don’t obviously leave them unattended and unlocked and you know be aware of what is on there because in a lot of cases people just have them in their pocket and they don’t think about actually I’ve got a lot of personal things on this device and maybe more importantly a lot of things to do with work in some instances passwords were always going to be the achilles heel in security because people either re-use them or they choose poor passwords the industry is trying to come up with different solutions I mean I do you actually use a password manager and I wouldn’t recommend it for everybody it’s a little bit of a hassle but you know it’s an option the main thing if you’re not using a password manager is to obviously use complicated passwords use complex passwords and I’ll show you a statistic in a minute that will explain why that’s a good reason and obviously from our point of view try and keep that divide between home and work even if it’s just a mental model that recognition that actually if I’m doing something at home and there’s also work aspects on there as well you know just be aware of that data breaches happen we all know that more and more I think the biggest one one of recent times was the yahoo I think a billion records were stolen a billion that’s quite a lot and and this is this is a problem that gets a lot of people where you use your password in multiple places and we all to a large extent do it be honest until I started using a password manager I confess I did as well but when you do your shared password is now exposed when one of the places get hacked so it doesn’t matter how secure Amazon is or how secure Marks & Spencer is or what-have-you if you’ve used the same password as you used on another site that wasn’t secure and that’s now just been breached well actually you know it doesn’t really matter your Amazon you’re Amazon has gone as well and this is why you want to think about complicated passwords a modern PC but to be fair albeit be probably a gaming PC so they’re probably £1,000 £1,500 PC but still one that would potentially sit in a home it can actually make up to a trillion with the right software it can make up to a trillion password attempts per second so it doesn’t matter how big or complex you sort of think your password if it exists anywhere in a dictionary and when I mean a dictionary I don’t just mean the Oxford Dictionary I mean a hackers dictionary and a hackers dictionary are words that have been made up from of these ones that been breached so where someone you know a shop or what-have-you have had their data breached they often end up in these hackers dictionaries well it’s not gonna take that long for it to enumerate through a dictionary if it can do a trillion per second you know and then obviously the statistics as to what actually a trillion is I think you said on there trillion seconds goes back to prehistoric times you know it’s it’s it’s big so a realistic goal is probably just to keep you know that divide between home and work think about who has access to devices again lot of things that we don’t think about they just have the phone lying around or what-have-you ensure their locked when they’re when they’re unattended and as we’ve said practice good password management so that’s just a brief sort of light throw of fact at you things that probably to a large extent you’re aware of anyway but is a good reminder and I think the one thing to make clear is there is no silver bullet with this if there was we would have done it you know it’s always been and will always be a game of cat-and-mouse you know as the baddies bring up things the goodies resolve it and the baddies think of another way it always ongoing and some of them are really really clever nowadays I mean to a point when you do actually think actually how can you expect people to recognize that and I’ll show you one of those in the second actually but if I go on to our just going to log onto our google page if I show you this takes me through to but actually it’s not google and actually to be honest I created that in under 30 minutes and that was an example of how easy it is to create a login page which looks authentic and actually it’s not I could quite easily have been a baddie who was now taking not only your username and your your password you just popped in but also further information should you fill in anymore so what can we spot what can we look to see whether something looks alright it is not good enough just to say it looked professional I mean few years ago the hackers weren’t great at making neat stuff but actually they make quite neat stuff now so you’ve sort of really good almost put that to one side and you’ve got a think ok what other things are there well this is the biggest area that people just don’t seem to look at anymore I mean to me I find it quite odd that people don’t but I fully accept it’s because I’m coming at it from a different angle people seem to have forgotten about the address bar when it comes to websites the address bar tells you where you’re going and obviously clearly this isn’t google.co.uk it’s actually on our own servers because I’m running it on the machine next door so that’s the first thing to actually do to to just get into the habit of looking at where the link actually is taking you to the next thing is that if this was a site that was asking you to enter anything in especially of username and password that’s like without a question has to be encrypted and if it’s not encrypted you just don’t want to know about it anyway I mean there are legitimate sites that are also not encrypted but that’s just very poor practice you don’t want to go near them any main site will definitely be encrypted now in order for this site to be encrypted it has to have a certificate and all bar extreme circumstances which I won’t go into here nobody can buy a certificate other than the owner of that site so for example if we actually go to go to the real google you see you’ve got the green padlock now different browsers to be fair do it in different ways but the one thing that is consistent is it’s a padlock some of them not green now for some reason they’d change the styling but there’s a padlock that’s up in the address bar so not only are you checking that the address is actually who it is google.co.uk don’t worry about the stuff on the end it’s the bit at the beginning that you interested in but actually maybe more well maybe not more importantly but as important is that it’s got the green padlock and if we haven’t got the green padlock then you really want to get out of there because it won’t be where you’re where you’re going to I came up with this little thing I don’t know just makes you think about it really called last LAP I just thought of it it’s LINK ADDRESS PADLOCK so if you ever click on a link the first thing you want to do is look at the address that is taking you to and if it’s something that’s actually asking you to enter any information look for the padlock if any of those things are not making sense or feel wrong then you’re probably in a bad place so LAP link address padlock and as I said it up apart from very very extreme circumstances nobody other than google can actually buy a certificate that actually says that is them on that domain make sure it’s a very good very good area okay um how do we end up going to these dodgy sites want to be honest with you don’t normally will you can but it’s not normal that you google it it’s normally that you that it’s come off the back of an email that takes you somewhere so someone sent you a link in messenger or something it’s not that you’re your stroll across because to be honest if you want to go to google or the BBC the chances are Google that you will get the right one but more often than not people sent you a dodgy email or something and it has something in it and I’ve actually got a couple here that are real in fact this one actually came through yesterday to me you got the same did you yeah so let’s have another look at this I mean first of all I immediately knew it wasn’t real because the Apple account that it purports to be in is not what my Apple account is anyway but that aside what we basically want to do is we want to start looking at things like links rather than clicking on them we need to see where they’re really going because it’s really really not difficult to write the hyperlink that says one thing but goes somewhere else I mean we can all do that you know as you can see here report a problem well actually this isn’t going to Apple not in in any way shape or form all of these sort of ones you know if you click on here so hover over the links before you click them and just see is what’s popping up actually where I’m expecting that to go and I’ve got some others that are sort of made up of different ones verifying now again now that ones a little bit clever because it tries to get you to because you go oh it is Apple but no it’s not it’s Apple dot id dot app web dot mobi that not Apple it’s someone that’s registered something that tries to look a little bit like Apple they can’t register Apple because as we say you can’t do that unless your Apple so this is how they do it they get around it like that another one that we’ve got these are good ones click to open a dispute often people say things that are a bit scary and you think no I haven’t bought that click to open a dispute yeah and they click on the open a dispute and actually that’s where they’re getting you and here is a good example if we hover on it this is a really weird one xfiles two dot ru you know and a lot of them are Russia and sort of Eastern Bloc and things like that because that’s were a lot the Wild West is of hackers it’s quite it’s quite renowned so what else have we got there we got again things here click here well this one is quite interesting because it looks like it’s Facebook but it’s not it’s facebook wala dot-com so it’s just being aware of the links it’s the links that are going to get you there is something in a second that you need to be aware of as well but the links are going to be probably the main thing so you get a general idea you just hover over the link to the before before you come across them now the other things that and these are actually quite well arguably can be scarier are attachment links ultimately aren’t going to really do a lot unless you click on it an attachment is sort of almost it’s almost invaded you it’s there it actually now on your computer you know the attachment is there and that always feels a little bit a little bit more sinister you know attachments can’t really do a lot unless you enable it to do it computers now are quite good at stopping things from happening sometimes it’s a bit annoying because you go to open something and then you have to enable something it all it took start editing or something but that’s all done for a reason now in Microsoft Office so when when I say that we’re talking Word Excel things like that there’s a programming language it’s been around since the beginning it’s very very powerful programming language in the in the Office Suite but nowadays you can’t run those little program unless you are enabling them they used to just run and then and that was in the sort of like 90’s where you know worms and all sorts got out now if something detects that there is a program of sorts that is wanting to run when you open this document it will ask you so if you open up one of these attachments and you suddenly get something at the top looks like that or like that unless you actually know what is what I don’t want you to say is never ever click on them because there might be someone and they say I’ve got a macro in it you’re going to have to enable it and then you’ll know that but you know so don’t want to save never ever enable it but don’t ever enable it if you’re not expecting it because I’ll tell you now as soon as you enable that you could be running a program that does anything from wiping your c drive (i.e. your computer) to throwing viruses out across the network the terrible one that’s going around it’s been happening for about the last couple of years and they’ve not really got not really got a hold on it is this thing called of ransomware lots of hospitals and schools are getting hit by it and what it does it’s nasty nasty stuff it actually encrypts all the data and then says right now give us £10,000 to decrypt it so it’s not the old days where you just destroyed it for fun it’s a business now and actually there are some companies and the FBI have issued guidance saying don’t pay it because actually there are some companies that are saying £5,000 £10,000 is cheaper than recovering all of our data so actually as a business decision we’ll pay and people are paying and it does work they do decrypt it I mean it’s odd odd world we’re living in and that often comes off the back of people enabling I won’t name them because we’re filming but there are schools around here that this happen to one school in particular it’s happened to twice from the bursary department because I know the people that work there and it’s all been based on people opening things up up and saying oh yeah enable and then bang and it’s encrpting and worse in those particular instances they didn’t tell anybody so actually it was two days for people because it was in the holidays and it was two days before anybody realized something wasn’t right it caused it caused a lot of stress so that attachments so with emails you’ve got your links and you’ve got attachment and they’re the things that really from an email point of you are probably going to be you know the areas that that you need to be mindful of I think it’s also worth while just that the risk of not wanting to make you all cynics I think you just have to have a slightly suspicious view of almost everything you do really when it comes to emails and then I think you just have to have that that that level of caution that questioning nature things like the Inland Revenue are never going to send you an email saying you have a rebate but I tell you what in this school I will there are many people that send me emails saying is this genuine you know and that’s fine I don’t mind that but it but it shows you the mentality because it’s almost like someone dangles a little bit I’ve got £500 rebate come in you know it’s social engineering it’s making people do things they probably wouldn’t normally have done but it is it’s very very clever so I think just be slightly suspicious of all emails not to the level of petrification you know but obviously just just just think a little bit about it you know ok so let’s move around ok this this is again a little bit a little bit of a I just want to quickly show you something that might demonstrate the point this so we’ve already seen our have already seen out google page this is the BBC’s this is we can tell because this BBC it isn’t on a padlock one because to be fair the BBC doesn’t need to be on the padlock one because you’re not logging into it if I went to log in it would but you know this sort of thing can be done so really easily and really really quickly we’ve altered appeared to alter the front page of the BBC website I haven’t obviously but I’ve altered the representation of it that my computer is viewing because that’s how websites work what they go somewhere and they bring it down to your machine so once it’s on your machine you can mess with it so you know here’s another one we do this sometimes when we’re trying to Kirsten asks me to demonstrate to the girls what you know what can you do with code because sometimes it’s a bit of an odd industry and you know has a reputation for being a bit boring and we sort of do these things just right tada they are all 99p I’ve just changed the price of all the jeans every pair of jeans 99p easily done you know with a little bit of knowledge so the point is that you only need to be pointed to a site that’s had that sort of code put in it all sorts of ways of or go to a site has been infected with code that you know I’m not sort of saying there’s a lot you can do about that but it’s just a demonstration that you don’t need to be some seriously advance hacker that’s had years of computer science training to sort of do a lot of this stuff and in fact a lot of the more high-profile ones that are that have been in the news you know where they sort of cite a teenager or something 99% of the time they’re not not clever for want of a word works they’re using tools that are freely available they’re not actually doing anything they’re just going out on the dark web getting these tools pointing them to a website and pressing go the one that did the TalkTalk which was a big famous one last year he just pointed at tool at it and just said go in effect and it hacked their site you know so it’s just that demonstration of something just to be just to be aware of really ok so what sort of things are out there that we can do to help us this is a fantastic site actually run by a very respected security chap who I listen to his podcast and follow him a lot and what-have-you this site has actually just I believe this week has just had a million people subscribe to it is a very very popular site it’s recommended by the BBC and what-have-you it’s called have I been pwned this is this new word pwned which means owned if you like by phishing it is hacked in effect and what it is it’s a database of not all it’s not an exhaustive exhaustive databases it’s a database of a lot of the data breaches and you can check whether you’re in there and in fact I think maybe not I think you may have been in there actually and you can just put your address in here I can put all these links on the VLE or something yeah it was the old one that was in there I’ll tell you what I’ll do mine actually just just reload that page can you see as well it’s a secure site it can slow down when there’s been a recent breach and everyone starts hitting it but it was fine earlier if he doesn’t come up soon Oh no I’ve never seen that ok that’s interesting I wonder whether something’s happening because he can end up being yeah okay that site when it’s not under a lot of stress which I’m now thinking it might be you put your email address in and it tells you whether you’re in any of the breaches I will be surprised if you’re not you’ll be surprised how many people are in them whether they’re DropBox ones the LinkedIn ones you know the Adobe one is a big one it doesn’t mean that in fact there is nothing you can do you can’t take yourself off it you can’t say well I want to to remove myself from that breach it’s just telling you you’re in a breach what is probably a good time to change your password if you haven’t changed it since that breach happened so yeah it’s clearly under a lot of a lot of stress so we’ll move on from that one right this this one is actually this is where you do start to lose the will a little bit because you think oh my goodness well how can you get around that this happened I found out about this last last week you know I said that you that you that only you can register the name you know if you’re if you have an internet name so well it came out that there was a chap that actually registered google.com but with what they describe as a latin g now a latin g is really really difficult to spot because it looks like a capital G but it’s a capital G that’s like the same size as a small letter and he registered it and google are fighting it now to get it back so that meant that he could legitimately go and host a google.com with this little G and have a certificate and be legitimate and everything because he owns it and make people and you know ok what they get caught he started doing something sinister with it but the point is it’s not as obvious is just checking the address this was really hard now I’m not expecting you to sort of say oh I’ll do this but in fact that is it there yeah that’s the link I put in that’s not google.com I don’t know if you can spot that g is that is an odd it’s wierd you just have to take my word for it I’ll go to the real google in a minute and you’ll see what I mean but there is a site well not a site a service called WHOIS now WHOIS you can google it anyone can google it and what WHOIS does is it shows you everything about people that have registered a domain name and it is a little bit I agree it’s a little bit more of an advanced sort of tip but it’s something to be aware of right a WHOIS look up so all you need to do is google WHOIS incidentally just going back to that demonstration of changing the BBC and that there’s nothing on this computer other than a browser that I did that with there wasn’t a special piece of software that you know when I brought up that little window up at the bottom you’ve all got that that’s part of a browser so don’t think oh he had something on that changed the BBC no I can do on your computer you know it really is fine and on that same note this is also available to everybody it’s the WHOIS record whenever somebody ever registers a domain name on the internet it gets registered with the internet authority and you can see all sorts of stuff and you will see things to watch out for so if you ever have a there we go that’s a clue this google.com was created on the 23 March 2016 doesn’t sort of feel quite right does it I think google has been around longer than that so this is agreed a little bit more of an advance tip but if you ever sort of did see a domain name put it into WHOIS and it tells you all sorts about it and if I do the same with the real google.com well for a start can you see it’s a different google is a lower g that they use for a start so that’s a bit wierd is that right oh actually it’s got it at the top there’s me looking for it down here it’s up here that’s a bit more like it google.com was registered on the 15 September 1997 so that’s just again sort of slightly more advanced little tips that you ever wanted to see you know who actually does own a domain name the WHOIS database freely available to everybody so we’ve had links we’ve had attachments we’ve had that sort of just being aware of things being aware of devices and what-have-you the one thing that it’s probably just worth really leaving you with is this is sort of not going away I mean you know we don’t know what world we’re going to be in

Leave a Reply

Your email address will not be published. Required fields are marked *