Articulate Engage Word Output



James Madison University IT TrainingIntroductionIn a world filled with constant noise. Where you are flooded with email from work, home, friends, and merchants. On multiple devices including your desktop, tablet, laptop, phone etc. It is now more difficult than ever to protect yourself and the University. How do you know which are real and which are the scams, viruses, and phishing attempts you so often hear about?This training will assist you in discovering Is It Real? Let’s begin!Module 1Defensive Internet Browsing This module will discuss:how to tell if a link is realhow to tell if a website is realHave you ever wondered how to tell if a link is real? We use the Internet to check email, search websites, download information, etc. We hear about threats but what can we do? Did you know that 86% of the emails received by JMU servers are unwanted spam or fraud?And Google finds over 9,500 new malicious websites every day1 infected computer could potentially cost JMU millions in damages So, how can you protect yourself? I'm glad you asked.Prior to clicking on a link in an email you should always hover the link to view the destination.Pay special attention to the domain name.The same trick can be used in a web browser as well.Prior to clicking on a link hover over the link to see the destination at the bottom of the browser window.Fraudsters can be tricky though. Often times they will try to make the domain name look legitimate.One way to do this is to add information to the domain name. Real domain name: jmu.edu/events/2013Fraud Domain name: jmu.edu.googledocs%1892%.com/events/2013A simple way to check a domain name is to find the first forward slash and count back the first two periods to the left and that is your domain name.jmu.edu/jmu.edu would be the domain name.Here is an example of what a fraudulent domain name may look likejmu.edu.The domain name is which is a known fraudulent site in ChinaWhat if there is no forward slash?If there is no forward slash go to the end of the link and count the first to periods to the left.What about the forward slash in is referred to as the URL protocol and will show up as http https ftp or mail toMost modern web browsers do not show the protocol anymoreWhen determining the domain name you do not need to look at the URL protocolJust find the first forward slash after the protocol and count back the first two periods to the leftThese are all great tips you can use to protect yourself before you click on a link but there are also precautions you can take after you click on a link.Checking email in a web browserWhat if I check my email in a web browser?If you check your email online using Microsoft Exchange Outlook web app or your Duke's email account you will need to pay extra attention to links prior to clicking on themWhen you hover over a link in the outlook web app known as OWA the first part of the URL will always be the same. It will say exchange.jmu.eduThis is not the site that you are being directed to. To find the site you are being directed to you must first locate where it says ampersand URL equals and then you will find the domain that the link is sending you to.When you hover over a link in the outlook web app the first part of the link will not show you where you are headed. It may say exchange.jmu or something.. This is not the site you are being directed to To find the site you are being directed to you must first locate where it says ampersand url =Verify Domain after you arriveOnce you arrive at a page after clicking a link you will need to verify it is where you were expecting to go. To do this you will look at the address bar at the top of the web browser window.It is not uncommon for a fraudster to make their phishing site look identical to a legitimate site in an attempt to trick youOnce you arrive at a page after clicking a link you will need to verify it is where you were expecting to go. To do this you will look at the address bar at the top of the web browser window.It is not uncommon for a fraudster to make their phishing site look identical to a legitimate site in an attempt to trick youModule 1 Final TipsNever respond to an email with your passwordAlways verify the domain prior to clicking on a linkIf you’re not sure stop and do not click the link. Ask someone or forward the link to abuse@jmu.edu for guidanceModule II TrainingDefensive Internet Browsing Part 2This module will discuss Phishing vs. Spear PhishingTiny URL'sComplex Practice TestsOk, so now we have an understanding of what it takes to avoid fraud. However, fraudsters are always changing. One trick that is growing in popularity is called Spear Phishing.Spear PhishingSpear Phishing is when a fraudster targets a particular company or organization with legitimate looking emails or websites. These threats are much more difficult to detect.In spear phishing you are not the primary target. The fraudster want to use you to get access to your entire organization. They will often use social media or JMU’s staff webpages to gather personal information about you.They will then use that information to send emails that look legitimate and will typically ask you to click on a link and then enter your username and password.Once your computer is compromised they will try to compromise others via the networkSo how can you protect yourself and JMU from spear fishing?The same way you protect yourself from regular phishing but the stakes are higherBe cautious of emails that play on emotion or require immediate actionAlways check a link prior to clicking on itDo not trust the from field in an email this can be easily manipulatedTiny URLAnother tool that fraudsters can use is a tiny URL. Any URL can easily be turned into a tiny URL. A URL is just entered into one of many free online programs and a tiny URL is created.One problem with a tiny URL is that when you hover over it you cannot tell what your final destination will be. It could be a legitimate site or it could be a fraudster’s phishing site.The only way to know would be to enter the tiny URL into a website designed to expand tiny URL’s or to use a web browser add-in designed to do the same thing.Module 2 Final TipsAlways be cautions of links in emails and on the webJMU will never ask for your password via email. Never provide it regardless of the circumstances.If you’re not sure stop and do not click the link. Ask someone or forward the link to abuse@jmu.edu for guidance ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download