WEBVTT

00:00.420 --> 00:06.300
There are all kinds of naughty things that can take place for individual homes within our infrastructure.

00:06.300 --> 00:13.020
So in this episode what I want to do is kind of talk about all of the different types of threats that

00:13.020 --> 00:15.070
take place to our individual homes.

00:15.120 --> 00:19.740
Now in other episodes we're going to talk about how to deal with it right now in this episode.

00:19.740 --> 00:21.550
I want to go through these very quickly.

00:21.630 --> 00:23.280
Make sure you recognize them now.

00:23.280 --> 00:27.190
Hopefully some of these are going to be really obvious to you and well known spam.

00:27.220 --> 00:31.710
And there's also a pretty good chance we're going to have a lot of stuff in here that you aren't aware

00:31.710 --> 00:32.050
of.

00:32.070 --> 00:35.010
So let's run through them all starting with Spam

00:39.490 --> 00:42.830
Spam is nothing more than unsolicited email.

00:42.850 --> 00:50.110
Now spam can be considered a threat but normally pure spam isn't anything more than an irritant.

00:50.110 --> 00:52.700
I've got to one of my many accounts up here.

00:52.750 --> 00:59.530
I say I've got a spam folder full of things like tinted ictus restore your site lose weight fix your

00:59.530 --> 01:04.230
vision and stop eating this and regrow my hair anyway.

01:04.630 --> 01:08.130
Spam usually comes from relatively legitimate sources.

01:08.170 --> 01:13.570
I probably joined some web site or something to lose a couple of pounds in that website then sold my

01:13.570 --> 01:19.090
email address to a third party and if I'd paid attention when I joined that Web site they probably clearly

01:19.090 --> 01:21.380
said it in their Terms of Service.

01:21.430 --> 01:28.030
So spam in and of itself other than filling up mailboxes can't really cause any damage but it can be

01:28.030 --> 01:29.150
a great irritant.

01:29.350 --> 01:32.910
There is another form of email though that I want to talk about that can be an issue.

01:32.950 --> 01:33.830
And that's phishing

01:38.720 --> 01:44.620
phishing is simply spam but it's trying to get some kind of information out of you.

01:44.620 --> 01:47.370
So take a look over here it by email.

01:47.420 --> 01:52.840
Here's an example of a classic phishing e-mail that's trying to get some information out of me.

01:53.120 --> 01:58.850
Now fishing in and of itself is still a huge problem even here as we get closer to 2020.

01:58.850 --> 02:00.590
It's that big of an issue.

02:00.770 --> 02:07.560
But even worse is something called spear fishing spear fishing is also fishing but the big difference

02:07.560 --> 02:14.360
is is that somehow they get my name or some kind of information or an account or something that tries

02:14.360 --> 02:16.320
to get personal information out of me.

02:16.430 --> 02:22.270
So here's an example of a much scarier spearfishing type email.

02:22.280 --> 02:30.740
Now phishing and spearfishing usually in plie that we're talking about email however it can be from

02:30.740 --> 02:33.060
other sources but at least for the exam.

02:33.170 --> 02:38.130
Make sure when we talk about phishing and spearfishing that we're simply within the realm of email.

02:38.270 --> 02:43.160
OK great let's take the technology up a little bit and let's talk about spem

02:48.370 --> 02:52.900
spin simply means to receive spam via instant messaging.

02:52.900 --> 02:58.610
Now I don't know about you but I use all kinds of instant messaging tools from Google to Facebook.

02:58.630 --> 03:00.780
I can't even keep track of them all.

03:00.940 --> 03:05.180
Hang on a minute I'm lonely.

03:05.610 --> 03:06.510
Meet me at lowlier.

03:06.570 --> 03:09.900
OK now there is a perfect example right there of spem.

03:09.900 --> 03:15.210
Somebody is using my Skype account to message me and that's actually my editor Scott Jernigan.

03:15.210 --> 03:18.830
He's not lonely but he gave me a great example of that.

03:19.140 --> 03:24.360
So spin is a bit of an issue but the problem is is spin like regular spam it doesn't really cause any

03:24.540 --> 03:30.630
pain other than taking up your time however the next thing I want to talk about is very dangerous and

03:30.630 --> 03:31.790
that is phishing

03:36.370 --> 03:42.760
Vishy means the unsolicited use of voice to try to get information out of you.

03:42.760 --> 03:47.830
This is a big problem today and it's something that we hang on a minute I've got a message here let

03:47.830 --> 03:51.230
me get this real quick.

03:51.270 --> 03:54.030
This is Jim Smith at Wells Fargo lost control.

03:54.030 --> 03:55.240
Could you call us immediately.

03:55.260 --> 03:58.290
800 5 5 5 1 2 1 2.

03:58.350 --> 04:02.560
This is in regards to potentially unauthorized purchases on your account.

04:02.580 --> 04:03.410
Thank you.

04:03.750 --> 04:04.440
All right.

04:04.560 --> 04:07.620
Sorry guys I got to take this one give me just a second here.

04:12.590 --> 04:13.380
Lost control.

04:13.430 --> 04:15.500
May I ask to whom I'm speaking with.

04:15.650 --> 04:17.980
This is Mike Meyers you guys called me.

04:18.170 --> 04:18.510
Yes.

04:18.530 --> 04:19.890
Thank you Mr. Meyers.

04:19.940 --> 04:22.130
Could you confirm the following three purchases.

04:22.870 --> 04:26.680
$356 from balloons galore I don't think so.

04:27.290 --> 04:30.130
Fourteen dollars from Coppermine.

04:30.550 --> 04:31.890
Definitely not me.

04:32.080 --> 04:35.370
Twenty seven hundred dollars an honor.

04:35.530 --> 04:38.920
Oh no I didn't authorize any of this stuff and I didn't do this.

04:38.920 --> 04:40.640
What do we do.

04:40.670 --> 04:43.280
I see what could possibly prompt action quickly.

04:43.330 --> 04:43.930
Yeah.

04:44.170 --> 04:45.550
Can I have the last one.

04:45.790 --> 04:49.420
So security number and collapsed into the American code.

04:49.870 --> 04:50.900
Absolutely.

04:50.920 --> 04:57.810
For the social it's 9 4 1 6 and for my pin code it is no way I am going to tell you guys on this video.

04:57.910 --> 05:00.120
Even a part of my PIN code.

05:00.280 --> 05:02.560
This is a huge problem today.

05:02.740 --> 05:09.140
Any organization is not going to ask for these types of bits of information.

05:09.220 --> 05:14.470
Hopefully we think all of us are well-trained in these types of issues but we've all got horror stories

05:14.470 --> 05:20.230
about these and I'm sure you probably yourself received these types of phishing calls so they're a big

05:20.230 --> 05:22.850
problem and a serious threat out there.

05:23.160 --> 05:23.720
OK.

05:23.920 --> 05:26.360
The next day I want to talk about is a classic.

05:26.470 --> 05:28.030
And that's clicked Jacki

05:32.930 --> 05:39.320
cook jacking is when you go onto a Web site and you're trying to click on something and it does something

05:39.320 --> 05:42.080
tricky to you to make you click someplace else.

05:42.080 --> 05:47.920
Now I'm sure all of us have been on click bait type sites where you're trying to see something.

05:47.920 --> 05:53.210
And number 15 will drive you crazy and you try to click on something that keeps moving the ads and all

05:53.210 --> 05:53.840
that.

05:53.840 --> 05:58.460
Now these types of click bait sites there's no real evil they're just trying to get you to click an

05:58.550 --> 06:00.590
ad in those types of situations.

06:00.590 --> 06:05.770
Usually though when we're talking about click jacking is that we're making you do something really bad.

06:05.930 --> 06:12.640
Authorizing something downloading a piece of malware something really ugly like that.

06:12.650 --> 06:15.950
So that's what we concentrate on when we say click Jackky.

06:16.260 --> 06:16.750
OK.

06:16.790 --> 06:19.560
Let's go ahead and talk about my next favorite type of squatty

06:24.010 --> 06:31.120
typo squatting simply means to take advantage of the fact that people mis type you are Elle's when they're

06:31.120 --> 06:32.650
typing stuff in.

06:32.650 --> 06:38.280
So if somebody typed in w w w dot G O O G L E dot com.

06:38.290 --> 06:43.330
But what if they typed accidentally w w w that G O G L E dot com.

06:43.330 --> 06:44.800
I hope that's not a scary site.

06:44.800 --> 06:50.020
Guys I'm pulling that one off the top of my head so simply what they're doing as other people are buying

06:50.020 --> 06:55.630
up domains and loading up Web sites in the hopes that somebody is going to make a typo and then they

06:55.630 --> 07:02.020
can go ahead and have them come to their website similar to this but not at all identical is what we

07:02.020 --> 07:03.800
called Domain hijacking.

07:04.030 --> 07:06.500
I've personally been a victim of this.

07:06.520 --> 07:12.610
I have lots of domains that I use for all kinds of stuff mainly experimental things so I throw up a

07:12.610 --> 07:17.760
website or something and be honest with you I forget about a lot of them I probably got 14:15 websites

07:18.100 --> 07:25.720
and I have my own registered domains on those and a couple of times I've left a domain slip and when

07:25.720 --> 07:30.560
people see this they will grab it real quick and they'll often put something really offensive in there.

07:30.600 --> 07:34.450
The idea being that you will then pay them a lot of money to get your domain back.

07:34.450 --> 07:37.180
So both of these can be very big issues.

07:37.180 --> 07:42.250
Make sure you're comfortable with the idea of typo squatting and domain hijacking.

07:42.250 --> 07:52.090
All right so we've gone through a lot of these Let's go through one more and that is privilege elevation.

07:52.170 --> 07:58.440
So the last one I want to talk about is privilege elevation privilege escalation it's the same word

07:58.830 --> 08:03.870
and really to me this isn't a threat but the test says it is so we'll go with that.

08:04.110 --> 08:10.230
The whole goal of a lot of situations where we're trying to get into a system is to get enough power

08:10.230 --> 08:15.200
to get enough privilege within that system to do whatever naughtiness it is that we want to do.

08:15.210 --> 08:24.240
So while escalation elevation whatever you want to call it of privilege is a problem it's not really

08:24.240 --> 08:27.450
the threat the threat is the evil that people do as a result of it.

08:27.450 --> 08:31.620
So you know make it easy and call that one a threat is all.

08:31.620 --> 08:35.300
Now folks we've just gone through a bunch of host threats.

08:35.340 --> 08:39.600
You need to take some time and make sure you've got these memorized cause you're going to see it on

08:39.600 --> 08:50.920
the exam.