Time
1 hour 31 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
welcome back to the final cyber episode on how to do a live identity hack.
00:05
This episode is entitled Protecting Yourself.
00:09
The goal off this part of the presentation is to help educate the audience. You've provided some shock and awe tactics and done alive identity. Hack with a willing volunteer. Now you want to be able to show them how they can stay safe for online.
00:26
I will never sigh. Stay safe online because
00:30
there will always be a risk whenever you post or do anything online. Hence a reason why I say state safer online.
00:38
So the first section that I go into is about protecting yourself. 1st 1 is thinking before you post
00:47
now this could be on any form of social media, whether it be Snapchat, instagram, Facebook, Twitter, et cetera. And if you use the think acronym, it really helps when you're posting
00:58
T. Is it true? H is that helpful? I is inspired in Is it necessary? And Kay is a cont.
01:07
There is another analogy that I use in Australia, which is
01:10
does this past the grandma or the non attest I. If I'm about to post something, will my grandma or Nano be really upset with that particular post. If the answer is yes, then maybe I shouldn't post it.
01:25
The next area to look at is ask yourself. Do they really need to know this information about May I Anything that you post will be there forever? Does the website really need to know that information about me,
01:38
or am I posting something just for the sake of posting it? And I like to think of doing what I like to call is a bit of an idiot check what I mean by that is, sometimes people are really, really silly, and we'll post information that they really shouldn't post. I'll give you three examples here.
01:56
Here is an Australian driver's license
02:00
and American driver's license
02:01
and a UK driver's license.
02:04
I was able to find this information by going online, doing a quick Google search on driver's license and then that particular country. Once I got past the example, version's real versions came out, and as you can see with the Australian driver's license, I've got the person's name, their address, their date of birth
02:23
and even a signature.
02:24
And the same is true with the American one and the UK want.
02:30
The next area to look at is to remove exit data exit stands for exchangeable image file information and is essentially the metadata that is associated with every single digital photograph that has been taken with a smart device.
02:46
Remember this photograph that our place is at the start of this presentation off my dog, Archie.
02:52
Well, this photograph has, except tighter on it. If you grab a copy off the euro off the photograph or the digital photograph itself, you can paste the information on to an exit viewer. These viewers are freely available online, and you can get some pretty interesting information.
03:12
So here I can see the type of phone that was used in this particular case. In I find seven,
03:19
I can see the lens that was used and, in fact, that I used the back camera and not the forward camera. I can see the type of exposure, whether a flash was used, the date, the time as well as the GPS location.
03:32
Now, some extra viewers will also include things like the operating system. So, for example, if it's on an android device, I might have an older version off the android operating system, there might be some vulnerabilities associated with that. So again, if the hacker knows this information about them,
03:52
they could use that to send an email to the victim with a virus
03:57
or something similar that they can then use to exploit the weaknesses in that phone.
04:03
One key bit of advice that I give everybody is to give yourself a second birthday.
04:09
Most websites have asked for your date of birth, as I've stated before, will ask for one of three main reasons. One for age verification to to be up to send out freebies to you on your birthday and three to do a password reset.
04:26
If it is easy to get access to a person's riel birthday, it becomes a lot easier to then do password resets on those websites. So by giving yourself as second date of birth something that only you remember and is not publicly known,
04:44
you significantly reduce the chance off somebody gaining access to those websites and therefore gaining access to accounts etcetera.
04:54
One of the things I've noticed that when I talk about this to various people and it doesn't matter wherever they are in the world, most females will go for a data burst that is 5 to 10 years younger than their true date of birth. I haven't quite figured out why that is, but it is a common occurrence.
05:11
You can change your date of birth. If you've provided your original date of birth on Facebook,
05:16
you simply log in,
05:18
go down to the edit your contact on basic information section
05:23
and then changed the date of birth. This is not my true date of birth here.
05:29
The next thing that you need to look at is protecting your devices that years.
05:33
A lot of people think that arm A k I don't need anti virus software. I don't need a firewall. I don't need a VPN. It is a good idea and safe practice to protect yourself and to protect your devices.
05:47
Next up, you want to be out to check your social profiles regularly.
05:53
Different websites will update their settings on a regular basis. Facebook tend to update their settings about every 2 to 3 months, and this can include making changes to security settings. So you'll want to go in and check to make sure that any changes that have been made to any of the settings
06:13
don't compromise your security settings.
06:15
One of the easiest ways to do that is to simply log out off your social media account and then do a search for yourself to see what information is publicly available.
06:27
You can also deal within Facebook by going to the logging credential settings here.
06:32
You can also go on to Facebook and implement things like two factor authentication again. A lot of people have not turned on two factor authentication. What this will do is, once you've provided a mobile phone,
06:47
it will send a one time unique code to your phone when you try and log in from any device that is not known.
06:55
Another trick that you can do is when you create a new account with a website is to include the name of the website as part of your first night. So, for example, here if I'm creating an Amazon account, I put my first name as Tom hyphen Amazon and then my last night.
07:15
What this allows you to do here is if you start to receive unsolicited email or direct mail from somebody, you can quickly and easily identify where it's come from. because it has that as part of your first night,
07:31
we're now at the end part off the course, and we'll go through a final quick assessment question.
07:38
So what is Except Arte?
07:41
Is it a the end part of the entry data? Is it be the metadata captured on smartphone photos? Is it see the log in credentials for a bank's website? Where is a D and encryption protocol?
07:55
The correct answer is the metadata captured on smartphone photos. It's not just smart phones and is any smart Tobias. It can be a tablet PC, et cetera.
08:07
So the key takeaways in today's election iris follows. We've shown people how they can stay safe online, but understanding what information shouldn't be posted online
08:16
by utilizing things like a secondary birthday, as well as implementing security software on their devices
08:24
and understanding what exit daughter is, and the importance off that

Up Next

How to Do a Live Identity Hack

This course has been specifically designed to successfully deliver a live identity hack presentation to an Australian, American or British audience.

Instructed By

Instructor Profile Image
Tom Mason
Senior Partner Development Manager at AWS
Instructor