Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
2018. 11. 9.
1
©"Women’s"Legal"Service"NSW"2013
DV#&#TechnologyStaying#Safe#in#an#Online#World
Charissa"Sun,"Solicitor,"WLS"NSW3"September"2013
©"Women’s"Legal"Service"NSW"2013
Introduction
©"Women’s"Legal"Service"NSW"2013
Objectives
To"flag"that"perpetrators"can"and"do"use"technology"to"perpetrate"abuse.
To"cultivate"a"basic"understanding"of"how"technology"can"be"used"to"perpetrate"abuse.! Terminology! Mechanisms
To#equip#you#with#sufficient#knowledge#so#that#you#can#go#out#and#use#the#tools#available#to#help#your#clients#keep#themselves#safe.
2018. 11. 9.
2
©"Women’s"Legal"Service"NSW"2013
Overview
This"webinar"will"look"at:
1. Cyber"safety
2. Digital"footprint
3. Account"access"/"takeovers
4. Social"engineering
5. Spyware
6. Mobile"phones"&"Computers
©"Women’s"Legal"Service"NSW"2013
Cyber"Safety
Perpetrators"can"and"do"use"technology"to"perpetrate"abuse
• Cyberbullyingo writing"nasty"comments,"posting"embarrassing"pictures,"spreading"false"or"
misleading"information"about"the"victim"on"the"Internet
• Cyberstalkingo using"technology"to"harass,"threaten"or"frighten
©"Women’s"Legal"Service"NSW"2013
An#example#of#cyberstalking:
A female victim was being cyberstalked. She had no idea who could be theperpetrator. They could be male, female, friend, colleague or a stranger.
The stalker told her the route she took to work. They threatened to stand besideher on the tube one day and throw her in front of it.
She never knew if the person she was standing next to was her stalker. Eventuallyshe had to quit her job because she did not feel safe getting to work.
Digital#Stalking:#A#guide#to#technology#risks#for#victims#(version#2),#Jennifer#Perry
2018. 11. 9.
3
©"Women’s"Legal"Service"NSW"2013
Cyber"Safety
Perpetrators"can"and"do"use"technology"to"perpetrate"abuse• Cyberbullying
o writing"nasty"comments,"posting"embarrassing"pictures,"spreading"false"or"misleading"information"about"the"victim"on"the"Internet
• Cyberstalkingo using"technology"to"harass,"threaten"or"frighten
• Digitally0Assisted0Stalkingo stalking"activity"which"is"enhanced"or"accelerated"by"the"use"of"technology"
(such"as"mobile"phones,"computers"and"Internet)o spyware
©"Women’s"Legal"Service"NSW"2013
MobilePhones
Computers Tablets
Digital'Footprint• pieces"of"information"that"people"leave"behind"about"themselves"online
• forums,"emails"and"attachments,"uploading"videos"or"pictures,"and"any"other"form"of"transmission"of"information
Digital"Footprint
©"Women’s"Legal"Service"NSW"2013
2018. 11. 9.
4
©"Women’s"Legal"Service"NSW"2013
Digital"FootprintDangers
• Information"you"leave"behind"– everything"you"do"online"leaves"a"trace"• Information"other"people"leave"behind"about"you
Dangers• Gives"stalkers"the"information"that"feeds"their"obsession• Information"used"by"perpetrators"to"help"them"intimidate,"humiliate,"or"
harass
E.g.$Online$information$can$be$used$to$establish$a$pattern$of$where$we$go,$who$we$know,$how$we$are$feeling,$our$specific$location,$etc$…
©"Women’s"Legal"Service"NSW"2013
Digital"FootprintWhat%can%we%do?
Technology%Safety%Planning%(I)• Assess%what%online%information%exists%about%you
Do"a"Google"search"of"yourself"to"see"what"information"is"available"online"so"you"know"what"precautions"to"take.
• Online%accounts%with%profiles%or%an%online%presenceo Change"your"email"and"passwords
o Delete"existing"online"accounts,"particularly"it"they"contain"large"amounts"of"information"or"photos"(eg Facebook,"Instagram,"etc)
o Delete"entries"and"photos
o Review"who"can"access"your"information
©"Women’s"Legal"Service"NSW"2013
Digital"FootprintWhat%can%we%do?
Technology%Safety%Planning%(II)• Review%all%the%privacy%and security%settings
o Highest"possible"privacy"settings"and"security"settings
• Avoid%public%forumso Perpetrator"can"see"your"postso Avenue"of"bullying"and"harassment
Minimise disclosure of personal information
2018. 11. 9.
5
©"Women’s"Legal"Service"NSW"2013
Account"access"|"takeover
Account'access |"when"someone"gains"access"to"another"person’s"account"without"their"permission
Account'takeover |"when"someone"accesses"another"person’s"account"and"then"changes"the"username"or"password"so"that"the"original"account"holder"can"no"longer"access"their"own"account
A perpetrator"either"knows"or"can"guess"the"victim’s"username"and"password
A change"passwords"and"update"email"addresses"on"all"accounts
©"Women’s"Legal"Service"NSW"2013
Account"access"|"takeoverRisks
Risks• physical"harm• financial"loss"(through"accessing"online"bank"accounts)• harassment,"humiliation,"abuse"of"victim• damage"or"destruction"of"victim’s"relationships"by"accessing"victim’s"email"
account"to"send"family,"friends,"work"colleagues"or"clients"abusive"messages"or"messages"telling"them"to"never"contact"the"victim
• perpetrator"can"use"the"victim’s"account"to"send"themselves"abusive"messages"in"order"to"incriminate"the"victim
©"Women’s"Legal"Service"NSW"2013
Social"engineering
When%a%perpetrator%manipulates%someone%to%divulge%confidential%information%about%the%victim
Stalkers"often"use"social"engineering"to"gather"information"about"the"victims"– finding"out"where"they"are,"their"new"phone"number,"email,"address,"where"they"work,"if"they"are"seeing"someone"new
Stalkers"use"information"available"online"(digital"footprint)"to"manipulate"others"into"providing"further"information"about"the"victim.
Article:)Hacking)the)Mind:)How)&)Why)Social)Engineering)Workshttp://www.veracode.com/blog/2013/03/hackingDtheDmindDhowDwhyDsocialDengineeringDworks/
2018. 11. 9.
6
©"Women’s"Legal"Service"NSW"2013
An#example#of#social'engineering:
A domestic violence survivor’s ex4partner was monitoring her eBay account.When she purchased an item, he waited a few days and contacted the sellerclaiming the item hadn’t arrived. He asked the seller to verify the address.The seller inadvertently gave the perpetrator the victim’s new address.
The perpetrator then found the victim; beating her so severely she was leftblinded in her left eye.
(Digital#Stalking:#A#guide#to#technology#risks#for#victims#(version#2),#Jennifer#Perry)
©"Women’s"Legal"Service"NSW"2013
Social"engineeringRisks
Risks• physical"danger"/"access"to"victim• data"gathering• harassment,"humiliation,"abuse"of"victim• installing"spyware• account"access"/"takeover• identity"theft
©"Women’s"Legal"Service"NSW"2013
Social"engineeringRecommendations! Clean"up"the"computer"– remove"spyware! Change"all"passwords"and"PIN"numbers! Limit"what"you"share"online! Educate"family,"friends"and"work"colleagues
2018. 11. 9.
7
©"Women’s"Legal"Service"NSW"2013
Spyware
• Apps"or"software"that"can"be"download"onto"a"person’s"mobile"phone"or"
computer"to"collect"information"about"them
• Monitors"their"movements,"phone"calls,"text"messages,"etc.
• Tracks"everything"that"the"person"does"without"their"knowledge"and"
sends"the"information"to"a"third"party
Mobile"phones
• mSpy – smartphone monitoring"software
- ‘Listens’"to"and"records"conversations"between"
people"who"are"not"on"the"phone"– ‘remote"listening"
device"that"will"spy"on"its"owner’"– records"sounds"
within"4"½"metres"of"the"phone
- Completely"invisible"on"the"target"phone
©"Women’s"Legal"Service"NSW"2013
SpywareOn#Computers
How#does#computer#spyware#get#uploaded?• The"perpetrator"sends"a"victim"an"email"that"has"a"file"attached"– picture,"PDF"or"other"
document,"etc.• When"the"victim"opens"the"file"the"spyware"is"downloaded"in"the"background"without"
the"victim"knowing.
What#computer#spyware#can#do:• logs"key"strokes• captures"all"IM"chat"conversations• shows"all"websites"visited• monitors"what"is"written"online"and"in"social"networks• reads"your"email• shows"your"usernames"and"passwords• captures"screenshots"of"what"you"are"doing"on"your"computer• allows"third"party"to"control"your"computer"– e.g."launch"programmes,"upload"or"
download"files,"turn"on"the"computer’s"webcam"and"microphone
©"Women’s"Legal"Service"NSW"2013
SpywareOn#Computers
ComputerSniperSpy – remote"monitoring"software- Can"be"remotely"installed"on"a"computer
- Records"user"activities"and"sends"it"to"an"online"account
- View"live"screenshots"and"live"keystrokes
- Check"Facebook and"other"social"media"activities
- Launch"applications- Remote"shutdown- Remote"uninstall
2018. 11. 9.
8
©"Women’s"Legal"Service"NSW"2013
SpywareRecommendations
Recommendations• requires"an"internet"connection"to"function"– disconnect"your"computer"
or"mobile"phone"from"the"internet• factory"reset"the"computer"or"mobile"phone• use"spyware"removal"software• install"antiCvirus"and"antiCspyware"software• be"extremely"careful"about"opening".exe"files• do"not"open"attachments,"pictures,"cartoons
Article:)How)to)detect)if)you)are)being)monitored)on)your)mobile)phone:http://acisni.com/is;there;spy;software;on;my;cell;phone;how;to;detect;being;monitored/
©"Women’s"Legal"Service"NSW"2013
Mobile"phones
Smartphones"can"increase"the"risk"for"DV"survivors"and"stalking"victims"because"they"contain"sensitive'information'and"have"apps'that'leak'data'about'us."Eg:"It"can"lead"people"to"our"exact"location.
User"information"stored"on"the"phone"is"also"stored"on"the"Internet"through"Google or"iCloud.
Important"for"victims"to"secure'both'their"mobile'phones'and"its"associated'online'content.
©"Women’s"Legal"Service"NSW"2013
Accessing"Google"or"iCloud
Accounts
User"information"and"data"stored"on"Android"phones"
or"iPhones"link"to"an"online"account.
The"online"account"stores"contacts,"calendars,"photos,"
documents,"apps,"etc.
Can"show"the"phone’s"location"– thereby"showing"the"
user’s"location.
E.g."The"iPhone"has"a"built"in"‘Find"your"phone’"app."
N go"to"your"online"iCloud account
N see"where"the"phone"is"located
N remotely"lock"the"phone"and"delete"data
2018. 11. 9.
9
©"Women’s"Legal"Service"NSW"2013
Mobile"phonesRisks
Risks• physical"danger"/"access"to"victim• financial"loss"A iCloud and"Google"allow"users"to"store"their"credit"card"details"
online"so"that"they"can"download"paid"content."A"perpetrator"can"maliciously"download"content"and"run"up"a"big"bill."Or"they"can"add"a"device"to"the"online"account"and"download"paid"content"for"their"own"use
• data"gathering"– invasion"of"privacy,"feeds"obsessive"behaviour• account"access"/"takeover
©"Women’s"Legal"Service"NSW"2013
Mobile"phonesRecommendations
Secure/your/Google/or/iCloud account• Immediately"change"your"login"details"for"your"mobile"phone"account"–
choose/a/secure/password/that/perpetrator/will/not/be/able/to/guess
• Delete"apps"that"you"do"not"use
• Review"apps"to"see"if"they"have"any"features"that"could"be"used"to"give"away"your"location"or"leak"information"about"you
©"Women’s"Legal"Service"NSW"2013
ComputersInternet&Browsers
Programme&that&is&used&to&access&the&internet&and&view&webpages
Browsing"history"– ‘private"browsing’
Synced"information"across"the"same"browser"on"different"devices.Article:)How)to)Sync)Your)Browser)Data)in)Any)Browser)and)Access)it)Anywherehttp://www.howtogeek.com/139179/howBtoBsyncByourBbrowserBdataBinBanyBbrowserBandBaccessBitBanywhere/
Firefox"browser"– all"saved"usernames"and"passwords"can&be&accessed&and&viewed
Do"not"save"your"password"and"user"information"in"the"browser."Do"not"tick"‘Remember"my"password"on"this"computer’.
2018. 11. 9.
10
©"Women’s"Legal"Service"NSW"2013
Using"Facebook"Safely
Infographic will.be.available.on.AskLOIS website
©"Women’s"Legal"Service"NSW"2013
Resources
Network for)Surviving)Stalkingwww.nssadvice.org
Digital3Stalking)|)Self%help to*stalkingwww.digital>stalking.com
! Victims"Advice"– Internet,"Social"Networks"&"Mobile
http://www.digital>stalking.com/digital/
! Publication:"Digital)stalking:)A)guide)to)technology)risks)for)victims)(version)2,)Nov)2012),)Jennifer)Perry
Cyber(smart:)Glossary:"http://www.cybersmart.gov.au/glossary.aspx#C