OUCH! Security Awareness Newsletter

Transcript

1 OUCH! | January, 2019 The Monthly Security Awareness Newsletter for You Search Yourself Online Overview You most likely have heard how important it is to protect your privacy and the information you share online. To demonstrate this, we are going to try something new; we are going to show you how to research yourself and discover what information is publicly known about you. The process is called OSINT, a fancy way of saying Open Source Intelligence. This means researching public resources online to see how much information you can learn about a computer IP address, a company, or even a person like yourself. Keep in mind, cyber attackers are using these very same tools and techniques. The more attackers can learn about you, the better they can create a targeted attack. This concept has existed for years, but the latest online tools make it so much simpler to accomplish. How to Find Information You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject. A good place to start is with search engines such as Google, Bing, or DuckDuckGo. Each of these have indexed different information about you, so start your search with more than one search engine. Start by typing your name in quotes, but after that expand your search based on what are called operators. Operators are special symbols or text you add to your search that better define what you are looking for. This is especially important if you have a common name; you may have to add more information such as your email address or the town you live in. Learn more about operators and advanced search techniques in the Resources section at the end. Examples include: “FirstName LastName” > What information can I find online about this person • • “Firstname [email protected]” > Find possible email addresses associated with this person • “Firstname lastname” filetype:doc > Any word documents that contain this person’s name There are also sites dedicated to learning about people. Try one of these sites to see what is publicly known about you. Keep in mind these sites are not always accurate or may be country specific. You may have to search several sites to verify the information you find. www.sans.org/security-awareness

2 OUCH! | February, 2018 • https://pipl.com https://cubib.com • • https://familytreenow.com Finally, there are numerous other sites you can search to learn more, such as Google Images, Google Maps, social media sites, and many others. For an interactive list of all the different websites you can use to learn about yourself, we recommend the OSINT Framework at . https://osintframework.com How to Find Information 1. Learn what other people or organizations have collected, posted, or shared about you online (churches, schools, sports clubs, or other local community sites). 2. Understand that these same resources are available to anyone else, including cyber criminals who can use that information to target you. Be suspicious. For example, if you get an urgent phone call from someone claiming to be your bank, just because they know some basic information about you does not prove it is your bank. Instead, politely hang up, then call your bank back on a known, trusted number to confirm it is them. It is the same with email, just because an email has some known facts about you does not mean it is legitimate. 3. Consider what you share publicly and the impact that information could have on you, your family, or your employer. Subscribe to OUCH! and receive the latest security tips in your email every month - . www.sans.org/security-awareness/ouch-newsletter Guest Editor Nico Dekens ( @dutch_osintguy ) specializes in OSINT. He eats, sleeps, and lives everything which has to do with cyber intelligence gathering and analysis. Nico is an international lecturer on subjects like OSINT, IoT, and Operations Security at Fortune 500 companies and governments. Resources Social Engineering: https://www.sans.org/u/LW6 https://www.sans.org/u/LWb Top Tips for Social Media: https://support.google.com/websearch/answer/2466433 Search Engine Operators: OSINT Framework: https://osintframework.com/ https://www.sans.org/u/LWZ SANS OSINT Course SEC487: . Creative Commons BY-NC-ND 4.0 license You are free to share OUCH! is published by SANS Security Awareness and is distributed under the or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walt Scrivens, Phil Hoffman, Alan Waggoner, Cheryl Conley www.sans.org/security-awareness © SANS Institute 2019

Related documents

Publication 557 (Rev. January 2019)

Publication 557 (Rev. January 2019)

Leadpct: 100% Pt. size: 8 Userid: CPM Schema: tipx Ok to Print Draft Fileid: ... ons/P557/201901/A/XML/Cycle05/source (Init. & Date) _______ AH XSL/XML 15:00 - 20-Feb-2019 Page 1 of 75 The type and ru...

More info »
Instructions for Form 1040X (Rev. January 2019)

Instructions for Form 1040X (Rev. January 2019)

Userid: CPM Pt. size: 9 Leadpct: 100% Schema: instrx Draft Ok to Print (Init. & Date) _______ Fileid: ... s/I1040X/201901/A/XML/Cycle04/source AH XSL/XML 12:37 - 22-Feb-2019 Page 1 of 19 The type and ...

More info »
Publication 555 (Rev. January 2019)

Publication 555 (Rev. January 2019)

Schema: tipx Userid: CPM Pt. size: 10 Leadpct: 100% Ok to Print Draft Fileid: ... ons/P555/201901/A/XML/Cycle02/source (Init. & Date) _______ AH XSL/XML Page 1 of 13 14:00 - 25-Jan-2019 The type and r...

More info »
Instructions for Form 8379 (Rev. January 2019)

Instructions for Form 8379 (Rev. January 2019)

Userid: CPM Pt. size: 8.5 Leadpct: 100% Schema: instrx Draft Ok to Print Fileid: ... ns/I8379/201901/A/XML/Cycle03/source (Init. & Date) _______ AH XSL/XML Page 1 of 4 16:05 - 25-Sep-2018 The type and...

More info »
YourNewIKEAKitchen NOV2018

YourNewIKEAKitchen NOV2018

YOUR NEW IKEA KITCHEN from start to finish This guide will help you through all the steps you need to take along the way, including everything from finding your style and measuring your IKEA kitchen t...

More info »
add 201901 update.pdf

add 201901 update.pdf

Add and Override Approval Student Service Center Lobby Drop Off: Welcome Center 42 W. Warren Detroit, MI 48202 2100 (313) 577 Phone: - OR Email: [email protected] , you may need prior approval. I...

More info »
June2018CUR

June2018CUR

CHANCELLOR'S UNIVERSITY REPORT JUNE 25 2018

More info »
City 2018 2019

City 2018 2019

2018–2019 CATALOG Fall 2018, Spring 2019, Summer 2019 1313 Park Blvd., San Diego, CA 92101 619-388-3400 www.sdcity.edu Ricky Shabazz, Ed.D. President San Diego City College is accredited by the Accred...

More info »
Experimental and Theoretical Statics of Liquids Subject to Molecular Forces Only

Experimental and Theoretical Statics of Liquids Subject to Molecular Forces Only

EXPERIMENTAL AND THEORETICAL STATICS OF LIQUIDS SUBJECT TO MOLECULAR FORCES ONLY, BY J. PLATEAU Professor of the University of Ghent, Member of the Academy of Belgium, Correspondent of the Institute o...

More info »
DEC CUR

DEC CUR

CHANCELLOR'S UNIVERSITY REPORT DECEMBER 10, 2018

More info »
MCO 1200.17E MILITARY OCCUPATIONAL SPECIALTIES MANUAL (SHORT TITLE: MOS MANUAL)

MCO 1200.17E MILITARY OCCUPATIONAL SPECIALTIES MANUAL (SHORT TITLE: MOS MANUAL)

DEPAR T MENT THE NAVY OF ADQ UARTE UNI T ED ST ATE S MAR INE CORPS HE RS RINE COR N PS PENT 3000 MA AGO 20350-3000 NGTON, HI D.C. W AS 7E 00 .1 12 MCO 465 c AUG 0 8 013 2 ORDER 1200.17E MARINE CORPS C...

More info »
Microsoft Word   Teacher Shortage Areas Report 2017 18.docx

Microsoft Word Teacher Shortage Areas Report 2017 18.docx

Teacher Shortage Areas Nationwide Listing 1990–1991 through 2017–2018 June 2017 U.S. Department of Education Office of Postsecondary Education Freddie Cross Senior Statistician U.S. Dept. of Education...

More info »
OctoberCUR2018

OctoberCUR2018

CHANCELLOR'S UNIVERSITY REPORT OCTOBER 29 2018

More info »
ELD Standards Publication   Title III (CA Dept of Education)

ELD Standards Publication Title III (CA Dept of Education)

California English Language Development Standards (Electronic Edition) Kindergarten Through Grade 12 Adopted by the California State Board of Education November 2012

More info »
HS Full Reduced

HS Full Reduced

State(s) of Head Start

More info »
Dual Language Education Programs: Current State Policies and Practices

Dual Language Education Programs: Current State Policies and Practices

Dual Language Education Program s: Current State Policies and Practices U.S. Department of Education Office of English Language Acquisition

More info »
The ACT® Technical Manual

The ACT® Technical Manual

Technical Manual ® The ACT Technical Manual

More info »
Capital Volume I

Capital Volume I

Capital A Critique of Political Economy Volume I Book One: The Process of Production of Capital First published: in German in 1867, English edition first published in 1887; Source: First English editi...

More info »
Students' Perspectives on the Use of L1 in English Classrooms

Students' Perspectives on the Use of L1 in English Classrooms

ses and Iowa State University Capstones, The Graduate The ssertations ses and Di Dissertations 2012 Stude erspec tives on the U se of L1 in E ngli sh nts' P Classrooms bdo A hmed A l S haraeai W afa A...

More info »
cover.wps

cover.wps

englishbanana.com’s big grammar book by Matt Purland 101 worksheets for English lessons featuring Essential English worksheets Entry Level

More info »