Unit 7: Securing Your iOS Device, SECTION 7, Exercises.
- True or False, The majority of hackers are high school kids who spend most of their day on the computer in their bedroom.
FALSE, Many hackers are well funded by corporations and/or governments. Hacking has become a very sophisticated big business. Take hackers seriously.
- True or False, There are no viruses that can affect iOS Devices.
FALSE, Viruses can be written for any computer system. They may currently be less common than PC viruses, butthey exist.
- True or False, When hackers or criminals try to trick you into doing something harmful, this is called Social Engineering.
TRUE, One common form of Social Engineering attack is to ask you for information such as account numbers, user IDs and passwords. Some social engineering attacks try to get you to follow a link, while others threaten dire consequences if you don't do something. Still others promise great things if you do something. Remember, if it sounds too good to be true, it usually is.
- Name three of the rules for choosing strong passwords.
Your password or passcode is an important line of defense against unscrupulous people. Weak passwords which are easily guessed or cracked provide little to no protection. You should always use strong passwords.
What should you do if you get a call from someone claiming to be a representative of a bank or other company asking for your account information? What is the name for this type of attack?
- Whenever possible passwords should have at least 8 characters.
- Passwords should contain a mixture of upper case letters, lower case letters, digits and at least one special character like an underscore, ampersand, percent sign, number sign, at sign or exclamation point.
- VoiceOverEasy.net recommends that your passwords should NOT contain spaces, slashes, back slashes, apostrophies, periods, or stars.
- Passwords should be difficult for someone else to guess, but easy for you to remember. DO NOT choose passwords that are easy to guess based on information about you. Examples: Avoid your birthday, Anniversary, address, telephone number, family members’ names, combinations of family members’ initials, pets names, and things like “ABCDE” or “123ABC.”
- If you use the four digit PIN, stay away from codes that make shapes like “1 3 9 7,” four corners, or “5 6 9 8” which make squares.
- Try not to use the same password for everything. Having a mix of two or three spread among your accounts is best. If one is guessed, at least some of your data is still secure.
This could be a Phishing attack. Don't give the caller any information. Instead, if the caller says they are from a company you do business with, hang up and call the company's customer service numbr and verify the status of your account.
What are some signs of Phishing attacks? What are some ways to protect yourself against them?
Signs of a Phishing attack include:
- The email or caller claims to be from your employer, Bank or other plausible location and asks for information they should already have.
- The caller or email is non-specific.
- A link in an email directs you to a website that looks real, but often has a subtle flaw in the address. For example www.MahsterCard.com. Your screen reader probably didn't pronounce it, but there was an extra "h" between the letter A, and the letter s in MasterCard. It's a good idea to check the spelling on these links a character at a time at least up through the .com, .net, or .org extension.
- An email or caller claims that you must update or validate information and threatens dire consequences if you don't act.
- Often fraudulent emails have bad grammar or spelling.
- Remember, no reputable company will ever ask for your password via email or over the phone.
Here are some ways to protect yourself from Phishing attacks.
What types of information should you avoid posting on social networking sites?
- Don't open links from email. Retype them or use bookmarks.
- Contact your bank, employer or other organization using a number you know to be legitimate. It's the best way to find out if the email or call you received is valid, and its a good way to help the company find out if someone is sending fraudulent emails or making phone calls pretending to be them.
- Delete suspicious or unexpected emails. If the subject looks suspicious, don’t even open them. Remember the HTML we talked about earlier? The email could contain hidden code that activates when you open the message.
- Never give out organization, personal or financial info to anyone via email or to an unsolicited phone caller.
Avoid posting SSNs, Telephone Numbers, exact birth dates, full street addresses, and times you will be away from home.
What are the steps to set a complex passcode on your iOS Device?
You must Activate the Touch ID and Passcode options button from the main menu of the Settings Screen. If prompted to enter a password, please do so. If you did not get prompted for a passcode, then Passcode is Off. Turn it on and create a new passcode. Now turn off Simple Passcode and create or change your passcode.
What is the purpose of the AutoLock setting?
The AutoLock setting controls how much time your iOS Device will remain inactive before the Lock Screen engages.
What must you do before you lose your iOS Device in order for "Find My iOS Device to work?
You must go into the iCloud settings from the Settings main menu and ensure that Find My iOS Device is set to On.
What is the advantage of using a low tech label on your iOS Device?
Many people who find your phone will not be able to view a message on the screen if the Screen Curtain or VoiceOver is on. Also, a lable can still be read after the battery dies.
How do you set your iOS Device to back up to your iCloud account?
The settings for this can be found in the iCloud Settings. Your device must be plugged in, connected to a WiFi network, and locked in order for automatic backups to take place.
What are some reasons you might want to restrict access to the Control Center, Siri, and your schedule from the Locked Screen?
If your iOS Device is lost or stolen, an unscrupulous person can turn on Airplane mode from the Control Center and block Find My iOS Device. If Siri is available from the locked screen, then that same person will be able to place phone calls, turn off VoiceOver, and control many other features of your iOS Device without having to unlock it. If someone can see your schedule from the locked screen, then it could make you or your home vulnerable to attack.
BONUS QUESTION: What does Triskaidekaphobia mean?
Triskaidekaphobia is the fear of the number 13. So we've added a question 14 just in case.