Computer User Vulnerability Education
To improve understanding of potential computer vulnerabilities, CNS offers the following articles for learning about best practices and safe computing behavior. As newer security practices and vulnerabilities emerge, we will place articles and links in this location. Most of these articles are from two (2) excellent organizations involved in threat identification and education. IT Security offers a range of security and threat education resources from the end user to the computer and network professional. The Computer Emergency Respopnse Team (US-CERT), located at Carnegie Mellon University's Software Engineering Institute, studies internet security vulnerabilities and develops information and training to help sites improve their security.
The Carnegie Mellon US-CERT web site provides timely information about current security issues, vulnerabilities, and exploits as well as tips and advice about common security issues for non-technical computer users. The even offer an email alert subscription service if you want to know about emerging vulnerabilty threats.
Before You Connect a New Computer to the Internet
This Tech Tip provides guidance for users connecting a new (or newly upgraded) computer to the Internet for the first time. It is intended for home users, students, small businesses, or any site with broadband (cable modem, DSL) or dial-up connectivity and limited Information Technology (IT) support. Read full article...
Securing Your Web Browser
By Will Dormann and Jason Rafail, US-CERT
This paper will help you configure your web browser for safer internet surfing. It is written for home computer users, students, small business workers, and any other person who works with limited Information Technology (IT) support and broadband (cable modem, DSL) or dial-up connectivity.Read full article...
Gone Phishing: CNS Video Clip
Dead giveaways that an email is bogus — or phishing to steal your identity.
By John Edwards on September 6, 2007
Bad news. The email says your bank account will be suspended unless you visit the bank's Web site and immediately re-enter your Social Security number, phone number, several credit card numbers, library card number and maybe even the name of the presidential candidate you voted for in the 2004 election.
Hey, wait a minute. Do you think that message could be part of a scam to steal your cash and identity? Quite probably, yes. The Anti-Phishing Working Group, an association of retailers and financial institutions focused on eliminating Web-based fraud, reports that it finds about 20,000 to 30,000 unique "phishing" Web sites each month. Read full article...
Is It Real or Is It Spam?
Learn to spot the differences between genuine and junk email. By John Edwards
Most businesses rely on spam filters to determine the legitimacy of incoming email. Yet filtering technology remains far from perfect, and a good deal of junk email still winds up in users' inboxes. This fact makes it important to be able to visually spot the differences between real email and the digital rubbish spammers generate. Being able to quickly tell the difference between real email and spam will help you save time, unclog your inbox and pay closer attention to the messages that you really want to read. Read full article...
The Essential Guide to Spam Control
What you need to know about managing junk messages.
By John Edwards on June 27, 2008
Spam now constitutes an overwhelming majority of email traffic. The never-ending onslaught of junk messages strains networks, erodes user productivity, propagates dangerous malware and costs business millions of dollars. Read full article...
The Essential Guide to Email Security
What you need to know about protecting incoming and outgoing email. By John Edwards
Over the past couple of decades, email has become one of the world's leading communications mediums, perhaps even outpacing the telephone and traditional mail service.
Unfortunately, over this same time span, email has proven itself to be highly vulnerable to outside influences, including individuals and organizations that seek to cause some form of technological damage or hope to make money in an illegal fashion. As a result, security has become an increasingly important issue for all email users. Read full article...
Understanding Hidden Threats: Corrupted Software Files
Malicious code is not always hidden in web page scripts or unusual file formats. Attackers may corrupt types of files that you would recognize and typically consider safe, so you should take precautions when opening files from other people. An attacker may be able to insert malicious code into any file, including common file types that you would normally consider safe. These files may include documents created with word processing software, spreadsheets, or image files. Read full article...