Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,144 --> 00:00:02,204 I want to give you a super easy 2 00:00:02,244 --> 00:00:03,744 quick security win 3 00:00:03,778 --> 00:00:05,198 that you can setup right now. 4 00:00:05,326 --> 00:00:07,486 A small practical exercise 5 00:00:07,599 --> 00:00:09,299 before we dig in to the theory. 6 00:00:09,366 --> 00:00:11,933 So you have an immediate 7 00:00:09,366 --> 00:00:11,933 security capability 8 00:00:11,993 --> 00:00:13,746 to detect malware and hackers 9 00:00:13,824 --> 00:00:15,791 that you can setup in about 10 minutes 10 00:00:15,884 --> 00:00:17,804 and you don't even 11 00:00:15,884 --> 00:00:17,804 have to install anything. 12 00:00:18,003 --> 00:00:20,250 This way if you forget to do 13 00:00:18,003 --> 00:00:20,250 the rest of the course 14 00:00:20,416 --> 00:00:22,243 at least you've got some security 15 00:00:22,270 --> 00:00:23,663 capability out of it. 16 00:00:23,786 --> 00:00:24,813 So here it goes. 17 00:00:24,977 --> 00:00:26,070 Wouldn't it be cool 18 00:00:26,196 --> 00:00:29,656 if we could setup security tripwires 19 00:00:26,196 --> 00:00:29,656 to tell us 20 00:00:29,877 --> 00:00:32,050 if someone or something 21 00:00:32,075 --> 00:00:34,191 was poking around in our files 22 00:00:34,218 --> 00:00:36,751 on our laptop, on our phone, tablet 23 00:00:36,998 --> 00:00:39,058 in our email and our online accounts, 24 00:00:39,085 --> 00:00:40,205 basically everywhere. 25 00:00:40,231 --> 00:00:42,065 Wouldn't it good to have some tripwires 26 00:00:42,304 --> 00:00:44,169 that alerted us when somebody 27 00:00:44,202 --> 00:00:45,989 was doing things we don't want them to do. 28 00:00:46,210 --> 00:00:47,790 Well, we can set those things up. 29 00:00:47,943 --> 00:00:49,377 Let me show you how to set 30 00:00:49,403 --> 00:00:50,963 these security tripwires 31 00:00:51,203 --> 00:00:53,717 using a service called 32 00:00:51,203 --> 00:00:53,717 CanaryTokens 33 00:00:53,789 --> 00:00:55,149 that is make available 34 00:00:55,247 --> 00:00:57,128 just for you guys on this course. 35 00:00:57,380 --> 00:01:00,307 So you can have some quick and easy 36 00:00:57,380 --> 00:01:00,307 security wins. 37 00:01:01,033 --> 00:01:02,406 If you make your way to 38 00:01:02,431 --> 00:01:06,873 www.stationx.net/canarytokens/ 39 00:01:07,022 --> 00:01:08,716 you can follow along with what I am doing 40 00:01:08,741 --> 00:01:11,055 and create your own 41 00:01:08,741 --> 00:01:11,055 tokens at the same time. 42 00:01:11,549 --> 00:01:14,162 Here we have our little canary friend 43 00:01:11,549 --> 00:01:14,162 and his token. 44 00:01:14,356 --> 00:01:16,883 You see a rather obvious red button here 45 00:01:17,086 --> 00:01:18,566 and this is what we need to click on 46 00:01:18,680 --> 00:01:20,293 to take us to the domain 47 00:01:20,333 --> 00:01:22,626 that will provide us with 48 00:01:20,333 --> 00:01:22,626 the tokens. 49 00:01:22,846 --> 00:01:25,620 Here we are. 50 00:01:22,846 --> 00:01:25,620 This is the domain here that will rotate 51 00:01:25,645 --> 00:01:28,026 so don't worry what that is at the moment. 52 00:01:28,771 --> 00:01:31,891 Here we are. This is the main 53 00:01:28,771 --> 00:01:31,891 thing you need to interact with 54 00:01:32,051 --> 00:01:33,091 and I am going to show you 55 00:01:33,305 --> 00:01:35,838 5 different ways of 56 00:01:33,305 --> 00:01:35,838 setting up traps. 57 00:01:35,930 --> 00:01:39,023 These traps are also called 58 00:01:35,930 --> 00:01:39,023 tokens or canary tokens. 59 00:01:39,430 --> 00:01:40,856 We are going to keep is simple 60 00:01:41,117 --> 00:01:42,904 at the early stages of this course. 61 00:01:43,327 --> 00:01:45,767 First thing we need to do is 62 00:01:43,327 --> 00:01:45,767 we need to put in an email address. 63 00:01:45,792 --> 00:01:47,640 Now, this is the email address 64 00:01:47,714 --> 00:01:50,333 which you want to get sent alerts to. 65 00:01:50,690 --> 00:01:53,023 This needs to be an email address 66 00:01:50,690 --> 00:01:53,023 you monitor. 67 00:01:53,183 --> 00:01:54,955 i.e. it's like the email address you have 68 00:01:54,981 --> 00:01:56,339 on your phone or something like that 69 00:01:56,363 --> 00:01:58,352 so you get notified immediately 70 00:01:58,377 --> 00:01:59,553 when there is a security problem. 71 00:01:59,577 --> 00:02:02,257 You don't want to setup secondary 72 00:01:59,577 --> 00:02:02,257 email address that you never look at. 73 00:02:02,295 --> 00:02:03,295 That is pointless. 74 00:02:03,325 --> 00:02:05,025 It has to be an email address 75 00:02:03,325 --> 00:02:05,025 you monitor. 76 00:02:05,065 --> 00:02:06,811 Even if you setup a new 77 00:02:05,065 --> 00:02:06,811 email address 78 00:02:06,918 --> 00:02:08,398 as long as it it the one you monitor. 79 00:02:08,579 --> 00:02:09,866 Let me put in one in here. 80 00:02:12,355 --> 00:02:14,895 That is the email address 81 00:02:12,355 --> 00:02:14,895 I want to get sent alerts to 82 00:02:15,115 --> 00:02:16,595 and than I need to put in here 83 00:02:16,702 --> 00:02:17,955 some sort of comment 84 00:02:18,035 --> 00:02:19,188 that let's me know 85 00:02:19,247 --> 00:02:21,213 which token, which trap, 86 00:02:21,260 --> 00:02:22,287 has been triggered. 87 00:02:22,323 --> 00:02:23,966 I'm gonna put Word 88 00:02:24,004 --> 00:02:27,187 document in password folder on laptop. 89 00:02:27,268 --> 00:02:29,387 That is going to make more 90 00:02:27,268 --> 00:02:29,387 sense in a second. 91 00:02:29,760 --> 00:02:31,013 Ignore all this for now. 92 00:02:31,053 --> 00:02:33,021 Just have it at DNS and HTTPS 93 00:02:33,069 --> 00:02:34,847 and Generate Token. 94 00:02:35,988 --> 00:02:38,392 If we go down here 95 00:02:38,698 --> 00:02:40,389 the first one I want 96 00:02:38,698 --> 00:02:40,389 you to have a look at 97 00:02:40,595 --> 00:02:43,777 is MS Word token or trap. 98 00:02:44,076 --> 00:02:45,370 What this is done is this is 99 00:02:45,402 --> 00:02:48,632 generated a unique Word document 100 00:02:45,402 --> 00:02:48,632 for you 101 00:02:48,866 --> 00:02:51,255 that we can download. 102 00:02:48,866 --> 00:02:51,255 I will give you a demo of it. 103 00:02:51,501 --> 00:02:53,032 Go download that now. 104 00:02:53,992 --> 00:02:55,429 And if you see this here 105 00:02:55,788 --> 00:02:58,264 this is the Word document 106 00:02:55,788 --> 00:02:58,264 that we've just downloaded. 107 00:02:58,669 --> 00:03:00,407 Now, if I click on that 108 00:03:02,586 --> 00:03:04,252 and that just opened up there. 109 00:03:04,396 --> 00:03:06,920 You can see a little timer is going on 110 00:03:04,396 --> 00:03:06,920 there in the background. 111 00:03:08,133 --> 00:03:09,133 You see there. 112 00:03:09,394 --> 00:03:10,672 We've been alerted. 113 00:03:10,977 --> 00:03:14,349 Now, anytime anyone opens 114 00:03:10,977 --> 00:03:14,349 this document 115 00:03:14,461 --> 00:03:15,652 you're gonna get alerted. 116 00:03:15,728 --> 00:03:17,069 It's a little trap. 117 00:03:17,382 --> 00:03:19,990 And this little trap should work 118 00:03:17,382 --> 00:03:19,990 on most operating systems, 119 00:03:20,015 --> 00:03:21,410 most versions of Word. 120 00:03:21,569 --> 00:03:23,934 There is no 100% guarantee 121 00:03:21,569 --> 00:03:23,934 that it's going to work 122 00:03:23,959 --> 00:03:26,355 on every system and 123 00:03:23,959 --> 00:03:26,355 with every version of Word. 124 00:03:26,545 --> 00:03:27,669 So if it doesn't work 125 00:03:26,545 --> 00:03:27,669 for you 126 00:03:27,796 --> 00:03:30,465 than try one of the other tokens 127 00:03:27,796 --> 00:03:30,465 I am going to show you in a second 128 00:03:30,696 --> 00:03:31,863 Let me close that. 129 00:03:31,942 --> 00:03:33,760 I've created another 130 00:03:31,942 --> 00:03:33,760 example here 131 00:03:33,950 --> 00:03:36,331 You can change the file name of this 132 00:03:33,950 --> 00:03:36,331 document, by the way 133 00:03:36,356 --> 00:03:39,402 to anything that you like, making it 134 00:03:36,356 --> 00:03:39,402 enticing for someone to click on. 135 00:03:40,380 --> 00:03:41,902 If I open this one in a second. 136 00:03:44,339 --> 00:03:46,886 Just open this fully. 137 00:03:44,339 --> 00:03:46,886 Now in this one 138 00:03:46,982 --> 00:03:49,847 I've put valuable and juicy 139 00:03:46,982 --> 00:03:49,847 information in it 140 00:03:50,021 --> 00:03:52,807 that hacker or other 141 00:03:50,021 --> 00:03:52,807 type of threat would be 142 00:03:52,832 --> 00:03:54,616 interested in finding. 143 00:03:54,855 --> 00:03:59,339 PayPal, usernames and passwords, 144 00:03:54,855 --> 00:03:59,339 stock trading information 145 00:03:59,477 --> 00:04:02,307 social media accounts, 146 00:03:59,477 --> 00:04:02,307 etc., etc. 147 00:04:02,521 --> 00:04:03,847 Those are the sort of things 148 00:04:03,934 --> 00:04:06,323 that a threat is going 149 00:04:03,934 --> 00:04:06,323 to be searching for 150 00:04:06,482 --> 00:04:08,528 If it's on your laptop, your device, 151 00:04:08,553 --> 00:04:09,971 your phone, within your email 152 00:04:10,054 --> 00:04:12,104 is going to be searching 153 00:04:10,054 --> 00:04:12,104 for key words. 154 00:04:12,933 --> 00:04:14,598 If you want an idea 155 00:04:12,933 --> 00:04:14,598 of the sort of 156 00:04:14,623 --> 00:04:16,584 things that you want to put in 157 00:04:14,623 --> 00:04:16,584 these traps 158 00:04:16,749 --> 00:04:18,640 than I've put some examples here. 159 00:04:18,665 --> 00:04:20,269 You can see personal information, 160 00:04:20,294 --> 00:04:21,697 financial information, 161 00:04:21,750 --> 00:04:23,033 file hosting accounts, 162 00:04:23,173 --> 00:04:24,568 and if we go further 163 00:04:23,173 --> 00:04:24,568 down here 164 00:04:24,731 --> 00:04:27,545 I've provided an example file. 165 00:04:24,731 --> 00:04:27,545 I don't want you to just copy this 166 00:04:27,628 --> 00:04:29,334 but you can use it as just 167 00:04:27,628 --> 00:04:29,334 an example 168 00:04:29,359 --> 00:04:30,961 of the sort of information 169 00:04:30,986 --> 00:04:32,559 You can see social security numbers, 170 00:04:32,870 --> 00:04:34,305 credit card details. 171 00:04:34,366 --> 00:04:36,167 I've put the in the right soft of format. 172 00:04:36,405 --> 00:04:38,246 Bitcoin wallet ID 173 00:04:38,412 --> 00:04:39,364 You get the idea. 174 00:04:40,625 --> 00:04:42,259 So, we can imagine now 175 00:04:42,398 --> 00:04:43,853 hacker was snooping around 176 00:04:43,985 --> 00:04:46,651 in an area we specifically 177 00:04:43,985 --> 00:04:46,651 put aside 178 00:04:46,820 --> 00:04:48,328 just for the hacker to find 179 00:04:48,374 --> 00:04:50,219 and weve put in that 180 00:04:48,374 --> 00:04:50,219 Word document 181 00:04:50,677 --> 00:04:52,298 And he's now clicked on it. 182 00:04:52,571 --> 00:04:55,309 And this is the alert we get, 183 00:04:52,571 --> 00:04:55,309 so we know he's snooping around 184 00:04:55,672 --> 00:04:57,027 And not only do we know 185 00:04:55,672 --> 00:04:57,027 he's snooping around 186 00:04:57,052 --> 00:05:00,374 We know what he's doing 187 00:04:57,052 --> 00:05:00,374 because we setup that comment there 188 00:05:00,579 --> 00:05:01,730 and if we click here 189 00:05:02,413 --> 00:05:04,853 we can look to see 190 00:05:02,413 --> 00:05:04,853 where he's come from. 191 00:05:04,880 --> 00:05:06,626 We can track him down. 192 00:05:08,166 --> 00:05:10,143 and this provides further information 193 00:05:10,170 --> 00:05:11,704 on how he triggered 194 00:05:10,170 --> 00:05:11,704 the alert 195 00:05:11,756 --> 00:05:14,666 but what is important is that 196 00:05:11,756 --> 00:05:14,666 you react to the alert. 197 00:05:14,964 --> 00:05:16,227 And later on in the course 198 00:05:16,307 --> 00:05:17,471 we are gonna talk more 199 00:05:17,519 --> 00:05:19,681 about response and recovery strategies 200 00:05:19,743 --> 00:05:21,979 as you get through the more 201 00:05:19,743 --> 00:05:21,979 advanced sections. 202 00:05:22,503 --> 00:05:23,812 And if we look at the second type 203 00:05:23,839 --> 00:05:25,916 of token we can create 204 00:05:23,839 --> 00:05:25,916 or trap 205 00:05:26,162 --> 00:05:27,948 a PDF, so we can 206 00:05:28,100 --> 00:05:29,998 download this PDF version. 207 00:05:30,255 --> 00:05:33,013 and it work's pretty much exactly the same 208 00:05:30,255 --> 00:05:33,013 as the Word document 209 00:05:33,198 --> 00:05:35,037 We open this PDF document. 210 00:05:36,401 --> 00:05:38,028 And we will get alerted 211 00:05:38,233 --> 00:05:40,217 that someone has opened it. 212 00:05:41,566 --> 00:05:42,968 and BOOM, there we go. 213 00:05:43,702 --> 00:05:45,759 Another alert. 214 00:05:43,702 --> 00:05:45,759 PDF trap. 215 00:05:46,210 --> 00:05:48,331 So I think you're getting the idea now, 216 00:05:46,210 --> 00:05:48,331 so you want to 217 00:05:48,427 --> 00:05:51,475 sprinkle as many of these tokens, 218 00:05:48,427 --> 00:05:51,475 these traps 219 00:05:51,804 --> 00:05:53,851 through you laptop, 220 00:05:51,804 --> 00:05:53,851 your phone, 221 00:05:53,931 --> 00:05:55,740 your tablet, 222 00:05:53,931 --> 00:05:55,740 in your email, 223 00:05:55,967 --> 00:05:57,507 on your online accounts. 224 00:05:57,891 --> 00:05:59,970 So for example, 225 00:05:57,891 --> 00:05:59,970 you can put it in your Dropbox 226 00:06:00,161 --> 00:06:01,939 and maybe the staff at Dropbox 227 00:06:02,086 --> 00:06:03,935 are looking throughout 228 00:06:02,086 --> 00:06:03,935 your documents 229 00:06:04,183 --> 00:06:07,468 they open the Word document, 230 00:06:04,183 --> 00:06:07,468 boom, you know someone is snooping in there. 231 00:06:07,774 --> 00:06:09,790 And as I said, they need to be 232 00:06:07,774 --> 00:06:09,790 interesting 233 00:06:09,815 --> 00:06:11,912 enticing and valuable. 234 00:06:11,960 --> 00:06:14,238 and you can get that soft of information 235 00:06:11,960 --> 00:06:14,238 from here. 236 00:06:14,695 --> 00:06:16,242 Now let me show you 237 00:06:14,695 --> 00:06:16,242 another sneaky 238 00:06:16,267 --> 00:06:18,020 way of setting up a trap. 239 00:06:18,730 --> 00:06:21,452 Fake email of passwords number 1 240 00:06:22,424 --> 00:06:24,233 Oh, by the way, 241 00:06:22,424 --> 00:06:24,233 if you put it on that one 242 00:06:24,554 --> 00:06:26,958 You'll get more information 243 00:06:24,554 --> 00:06:26,958 in the alert 244 00:06:27,085 --> 00:06:28,482 about who the hacker was 245 00:06:28,549 --> 00:06:31,057 with this type of tracking 246 00:06:28,549 --> 00:06:31,057 we are about to setup now. 247 00:06:31,291 --> 00:06:34,109 So, chose that one, 248 00:06:31,291 --> 00:06:34,109 chose generate 249 00:06:35,343 --> 00:06:38,081 and if you pop down here, 250 00:06:35,343 --> 00:06:38,081 we're going to go to web bugs 251 00:06:38,393 --> 00:06:40,218 and we are going to use two 252 00:06:38,393 --> 00:06:40,218 web bugs here 253 00:06:40,754 --> 00:06:43,437 let's just grab that URL 254 00:06:43,566 --> 00:06:45,201 so that is a clickable link 255 00:06:45,258 --> 00:06:48,155 that if a hacker clicks on 256 00:06:45,258 --> 00:06:48,155 you're going to be alerted. 257 00:06:49,286 --> 00:06:51,421 Let's open up an email here 258 00:06:51,828 --> 00:06:54,384 Right, let's just 259 00:06:51,828 --> 00:06:54,384 pop that in there now. 260 00:06:55,197 --> 00:06:57,729 Than we're going to send 261 00:06:55,197 --> 00:06:57,729 this to ourselves. 262 00:06:58,344 --> 00:07:00,209 We could send it from a 263 00:06:58,344 --> 00:07:00,209 different account 264 00:07:00,457 --> 00:07:01,719 but all that matters is that 265 00:07:01,743 --> 00:07:03,640 the two emails address 266 00:07:03,665 --> 00:07:05,513 the account that you wanting 267 00:07:03,665 --> 00:07:05,513 to be monitored 268 00:07:05,541 --> 00:07:07,575 you're wanting to know 269 00:07:05,541 --> 00:07:07,575 if a hacker is in there. 270 00:07:07,912 --> 00:07:10,705 We need to create 271 00:07:07,912 --> 00:07:10,705 an enticing subject. 272 00:07:13,393 --> 00:07:16,027 And than just as an example, 273 00:07:13,393 --> 00:07:16,027 this one 274 00:07:16,665 --> 00:07:18,318 we're going to go here, 275 00:07:16,665 --> 00:07:18,318 I'm gonna copy 276 00:07:18,343 --> 00:07:19,797 all of this stuff here 277 00:07:19,861 --> 00:07:21,073 into this email. 278 00:07:26,256 --> 00:07:28,622 Obviously you are gonna to put 279 00:07:26,256 --> 00:07:28,622 your own sort of information 280 00:07:28,658 --> 00:07:30,924 in here, 281 00:07:28,658 --> 00:07:30,924 things related to you 282 00:07:31,239 --> 00:07:34,255 So you've noticed I have just 283 00:07:31,239 --> 00:07:34,255 taken that link there. 284 00:07:35,199 --> 00:07:36,772 Now I am putting that link 285 00:07:37,442 --> 00:07:38,171 here. 286 00:07:40,860 --> 00:07:42,851 I can actually change this 287 00:07:40,860 --> 00:07:42,851 to anything that I want. 288 00:07:42,876 --> 00:07:43,882 After this 289 00:07:44,120 --> 00:07:44,849 here 290 00:07:45,043 --> 00:07:46,038 you can change this 291 00:07:46,063 --> 00:07:47,099 to what ever I want. 292 00:07:47,127 --> 00:07:48,181 So I can put login 293 00:07:48,728 --> 00:07:50,438 if I want 294 00:07:48,728 --> 00:07:50,438 .html 295 00:07:50,926 --> 00:07:52,348 You can see what I'm doing 296 00:07:50,926 --> 00:07:52,348 I am creating 297 00:07:52,373 --> 00:07:53,943 an enticement here by 298 00:07:54,201 --> 00:07:56,337 Private file store - 299 00:07:54,201 --> 00:07:56,337 Backup of everything 300 00:07:57,018 --> 00:07:58,302 username and password. 301 00:07:58,705 --> 00:07:59,737 So if a person 302 00:07:59,762 --> 00:08:00,942 opens this email 303 00:08:00,967 --> 00:08:01,988 and than clicks on this link 304 00:08:02,183 --> 00:08:03,250 it will trigger the alert. 305 00:08:03,493 --> 00:08:04,619 We're going to do something 306 00:08:04,677 --> 00:08:06,026 even more tricky here 307 00:08:06,675 --> 00:08:09,228 cause we wanna definitely 308 00:08:06,675 --> 00:08:09,228 catch this hacker. 309 00:08:09,631 --> 00:08:10,923 So within Thunderbird 310 00:08:10,948 --> 00:08:12,762 there is a feature by 311 00:08:10,948 --> 00:08:12,762 which you can 312 00:08:12,787 --> 00:08:15,711 insert a link to an image. 313 00:08:15,746 --> 00:08:17,449 Now, we don't want to 314 00:08:15,746 --> 00:08:17,449 attach an image 315 00:08:17,477 --> 00:08:19,808 we want to insert a link to an image 316 00:08:20,038 --> 00:08:21,950 so if we go 317 00:08:20,038 --> 00:08:21,950 Insert and Image 318 00:08:24,040 --> 00:08:25,483 and we unclick this 319 00:08:25,508 --> 00:08:26,926 so we don't want it to attach 320 00:08:27,517 --> 00:08:28,967 we go on there 321 00:08:29,514 --> 00:08:32,608 and than we can put 322 00:08:29,514 --> 00:08:32,608 image.gif 323 00:08:34,395 --> 00:08:35,830 and you see 324 00:08:34,395 --> 00:08:35,830 we are already alerted. 325 00:08:35,866 --> 00:08:37,468 That's how quick 326 00:08:35,866 --> 00:08:37,468 this service is. 327 00:08:38,045 --> 00:08:40,635 and we do not want to use 328 00:08:38,045 --> 00:08:40,635 any alternative text. 329 00:08:40,973 --> 00:08:41,983 Add that there 330 00:08:42,465 --> 00:08:43,518 and you'll see 331 00:08:43,886 --> 00:08:44,982 you can't see that image 332 00:08:45,112 --> 00:08:48,589 cause that is one by 333 00:08:45,112 --> 00:08:48,589 one pixel invisible gif. 334 00:08:48,768 --> 00:08:50,370 Let me show you how 335 00:08:48,768 --> 00:08:50,370 this works. 336 00:08:50,536 --> 00:08:52,347 We're going to send this 337 00:08:50,536 --> 00:08:52,347 to ourselves. 338 00:08:56,275 --> 00:08:58,952 So there we go 339 00:08:56,275 --> 00:08:58,952 that's our little trap there 340 00:08:59,088 --> 00:09:01,649 and we can chose to open it 341 00:08:59,088 --> 00:09:01,649 leave it as an open email 342 00:09:01,742 --> 00:09:03,704 or we can leave it as 343 00:09:01,742 --> 00:09:03,704 unopened email 344 00:09:03,833 --> 00:09:04,915 but no matter what 345 00:09:04,973 --> 00:09:06,503 if someone is in our email 346 00:09:06,530 --> 00:09:07,619 and they are searching for 347 00:09:07,644 --> 00:09:09,460 whatever is that they 348 00:09:07,644 --> 00:09:09,460 wanna be searching for. 349 00:09:09,487 --> 00:09:11,818 Maybe they are interested 350 00:09:09,487 --> 00:09:11,818 in PayPal accounts. 351 00:09:12,177 --> 00:09:13,620 There we go, 352 00:09:12,177 --> 00:09:13,620 that comes up. 353 00:09:13,907 --> 00:09:16,685 If they are searching for bank information, 354 00:09:13,907 --> 00:09:16,685 credit card information, 355 00:09:16,922 --> 00:09:17,925 that's gonna come up 356 00:09:18,321 --> 00:09:19,454 and all they need to do is 357 00:09:19,727 --> 00:09:20,665 just open it 358 00:09:21,387 --> 00:09:22,765 they don't need to click 359 00:09:21,387 --> 00:09:22,765 on a link. 360 00:09:23,420 --> 00:09:24,156 Boom. 361 00:09:24,508 --> 00:09:26,637 Caught the. 362 00:09:24,508 --> 00:09:26,637 Know they are poking around in there. 363 00:09:27,040 --> 00:09:28,757 But let's say that doesn't work 364 00:09:28,782 --> 00:09:30,388 for whatever reason 365 00:09:28,782 --> 00:09:30,388 It should. 366 00:09:31,237 --> 00:09:33,466 Than there are still things like that 367 00:09:31,237 --> 00:09:33,466 to entice them. 368 00:09:33,491 --> 00:09:35,738 Click on that, boom, 369 00:09:33,491 --> 00:09:35,738 caught them again. 370 00:09:36,436 --> 00:09:38,861 Now, in order for us 371 00:09:36,436 --> 00:09:38,861 to insert that image 372 00:09:39,099 --> 00:09:40,967 I went on this 373 00:09:39,099 --> 00:09:40,967 Insert Image 374 00:09:41,247 --> 00:09:43,852 Now, you may not have this 375 00:09:41,247 --> 00:09:43,852 functionality available 376 00:09:43,880 --> 00:09:45,893 in the email client 377 00:09:43,880 --> 00:09:45,893 that you use. 378 00:09:45,986 --> 00:09:47,775 It may not even be available 379 00:09:45,986 --> 00:09:47,775 to do this 380 00:09:48,141 --> 00:09:49,627 but it doesn't matter 381 00:09:49,655 --> 00:09:52,576 you can still download 382 00:09:49,655 --> 00:09:52,576 Thunderbird if you like. 383 00:09:52,601 --> 00:09:53,521 It's free 384 00:09:53,549 --> 00:09:56,269 and just send an email 385 00:09:53,549 --> 00:09:56,269 or emails 386 00:09:56,383 --> 00:09:58,815 using Thunderbird just for this one task 387 00:09:58,843 --> 00:10:00,805 if you cant work out 388 00:09:58,843 --> 00:10:00,805 how to embed 389 00:10:00,830 --> 00:10:03,431 that invisible web bug 390 00:10:00,830 --> 00:10:03,431 into your email. 391 00:10:04,295 --> 00:10:06,393 So, as I said 392 00:10:04,295 --> 00:10:06,393 you want to sprinkle these tokens 393 00:10:06,418 --> 00:10:07,523 thorough you laptop 394 00:10:07,548 --> 00:10:09,219 on your laptop, 395 00:10:07,548 --> 00:10:09,219 phone, tablet 396 00:10:09,244 --> 00:10:10,913 in your email, 397 00:10:09,244 --> 00:10:10,913 in your accounts, 398 00:10:10,938 --> 00:10:12,999 make them enticing 399 00:10:10,938 --> 00:10:12,999 make them valuable 400 00:10:13,024 --> 00:10:14,390 and then when you get an alert 401 00:10:14,498 --> 00:10:15,847 respond to that alert 402 00:10:16,221 --> 00:10:18,941 and respond in a ways I recommend 403 00:10:16,221 --> 00:10:18,941 thought this course. 404 00:10:19,228 --> 00:10:21,774 C hanging your password 405 00:10:19,228 --> 00:10:21,774 and other such sort of things 406 00:10:21,799 --> 00:10:23,773 disconnecting from the network 407 00:10:24,190 --> 00:10:26,802 so there you go, 408 00:10:24,190 --> 00:10:26,802 that is your security quick win. 409 00:10:26,974 --> 00:10:28,979 Go ahead and set those 410 00:10:26,974 --> 00:10:28,979 right now. 411 00:10:29,281 --> 00:10:31,395 You will have, 412 00:10:29,281 --> 00:10:31,395 after you set this up, 413 00:10:31,495 --> 00:10:33,977 better security detection capabilities 414 00:10:34,077 --> 00:10:35,303 than most companies do. 415 00:10:35,454 --> 00:10:36,601 You might not believe that 416 00:10:36,724 --> 00:10:38,246 if you are not in 417 00:10:36,724 --> 00:10:38,246 the security industry 418 00:10:38,273 --> 00:10:40,835 but that is a sad 419 00:10:38,273 --> 00:10:40,835 and true analysis 420 00:10:40,860 --> 00:10:44,181 of the state of most organisations' 421 00:10:40,860 --> 00:10:44,181 detection capabilities. 422 00:10:44,324 --> 00:10:45,608 Just think of Eduard Snowden, 423 00:10:45,633 --> 00:10:48,205 he was poking around in NSA for months 424 00:10:48,268 --> 00:10:49,488 as an insider threat 425 00:10:49,603 --> 00:10:52,229 and nothing like this 426 00:10:49,603 --> 00:10:52,229 alerted the NSA. 427 00:10:52,365 --> 00:10:53,281 Pretty crazy. 428 00:10:53,569 --> 00:10:56,261 Later on in the course 429 00:10:53,569 --> 00:10:56,261 we will discuss canary tokens 430 00:10:56,286 --> 00:10:57,768 at a more advanced level 431 00:10:57,875 --> 00:10:59,902 when you get there 432 00:10:57,875 --> 00:10:59,902 you will understand more about 433 00:10:59,927 --> 00:11:00,948 how they work 434 00:11:01,163 --> 00:11:04,013 and will understand about importance 435 00:11:01,163 --> 00:11:04,013 of detection controls 436 00:11:04,041 --> 00:11:05,210 which these are 437 00:11:05,360 --> 00:11:07,388 vs preventative controls 438 00:11:07,471 --> 00:11:10,155 which are used to stop the hacker from 439 00:11:07,471 --> 00:11:10,155 getting in in the first place. 440 00:11:10,341 --> 00:11:12,282 Preventative controls are very 441 00:11:10,341 --> 00:11:12,282 important. 442 00:11:12,310 --> 00:11:14,107 We use defence in depth approach. 443 00:11:14,132 --> 00:11:15,427 All of which we're 444 00:11:14,132 --> 00:11:15,427 go going into 445 00:11:15,454 --> 00:11:17,229 So, hope that was fun. 446 00:11:17,457 --> 00:11:19,658 So now let's dig into 447 00:11:17,457 --> 00:11:19,658 theory and the basics 448 00:11:19,683 --> 00:11:22,883 and start our journey 449 00:11:19,683 --> 00:11:22,883 into cyber security. 29892