Defense against phishing



Attempt of phishing account access data, i.e. Phishing:


The vast majority of phishing e-mails are delivered via e-mail or social networking sites.

  1. Usually, websites do not send e-mails asking you to visit and log in to the site.

    Such a request should keep one attentive, it is always worth then to confirm the authenticity of the letter by contacting the site administrators.

    Banks and financial institutions never send letters asking to disclose (enter in the form) any data (login, password, card number), attempts to impersonate should be reported to persons responsible for security.

  2. Do not open hyperlinks directly from the received e-mail. It is relatively easy to modify their content so that it seemingly points to an authentic website but directs to an unauthorized, spoofing site.

  3. Regularly update the system and software, in particular the e-mail client and web browser.

  4. No personal data, such as passwords, credit card numbers, etc. may be sent via e-mail. Requests for providing a password and login in the e-mail should be ignored and reported to the appropriate persons.

  5. Banks and financial institutions use the HTTPS protocol where it is necessary to log into the system. If the login page does not contain the HTTPS protocol in the address, it should be reported to persons from the bank and no data should be provided there.

  6. It is not recommended to use older Internet browsers (e.g. Internet Explorer 6), which are often prone to various errors. Alternatively, one may use other programs, such as Mozilla Firefox or Opera or Internet Explorer 9 and 10 (whose latest versions are equipped with anti-phishing filters) or third-party software to protect against phishing.

How to configure eduroam network for Linux – Ubuntu?


Download
DigiCert Assured ID Root CA


    Save the downloaded file to disk.

    Click on the wireless network icon and choose the eduroam network.

    Fill in the available fields with the following data:

      Authentication: Protectes EAP (PEAP)
      Anonymous identity: —-
      CA certificate: choose the downloaded file (with crt extension)
      PEAP version: Automatic
      Inner authentication: MSCHAPv2
      Username: enter the username together with @eduroam.ue.katowice.pl or the one you use to log in to the Google Apps service (e.g. @edu.uekat.pl). If you have a WLAN_AE access account, enter your current login details.
      Password: enter the password for accessing the account

      If you do not have a password for the WI-FI network, create one by clicking HERE choosing the right domain.

    Ubuntu in the versions earlier than 14.04 LTS may require Wireless security. You must choose WPA2 Enterprise

    Following completing the above steps, click Connect. Connection to the eduroam network should be established

How do I connect to the eduroam network with Windows XP?


The software manufacturer – Microsoft – has ceased support for Windows XP. Therefore, and due to the fact this system does not support modern encryption algorithms, it is not possible to connect to the eduroam network.
Using an outdated operating system without the manufacturer’s support exposes a user to many threats, among others to data loss.

EDUROAM wireless network configuration for Android OS

Download
DigiCert Assured ID Root CA

Depending on the version of the system, the installation steps may slightly differ.


    Save the downloaded file to the phone’s memory.

    Go to the phone settings, choose Security and then Install from device memory.

    Choose the saved file with the certificate and install it. The data warehouse password or setting it may be required during installation. This is the password set on the phone and is not related to the credentials for e-mail, network, etc.

    If the Security use option exists, set it to Wi-Fi.

    Following installation, the certificate should be visible on the list. To present the installed certificates, choose Trusted credentials.

    Turn on Wi-Fi and choose the eduroam network.

    FILL IN THE AVAILABLE FIELDS WITH THE FOLLOWING DATA:

      EAP method: PEAP
      PHASE 2 authentication: MSCHAPV2
      Identity: enter the username together with @eduroam.ue.katowice.pl or the one you use to log in to the Google Apps service (e.g. first name.surname@edu.uekat.pl).

      If you do not have a password for the WI-FI network, create one by clicking HERE choosing the right domain.

        • Password: enter the password for accessing
          CA Certificate account: DigiCert Assured ID Root CA;
          Anonymous identity:

      Following completing the above steps, click Connect. Connection to the eduroam network should be established.

EDUROAM wireless network configuration for Windows OS

DigiCert Assured ID Root CA

Depending on the version of the system, the installation steps may slightly differ.


    Choose Current user and click next.

    Choose Place all certificates in the following store and click Browse.

    Search for the store Main certification authorities of third parties, click OK, and then continue.

    A window with the information ‘The certificate will be imported after clicking Finish will appear’ – thus click Finish. Import has been successfully completed.


    Open Control Panel / Network and Sharing Centre / Manage wireless networks and choose Add.

    THE PARAMETERS FOR MANUAL CREATING A NETWORK PROFILE ARE QUOTED BELOW:

      Network name: eduroam
      Security type: WPA2-Enterprise
      Encryption type: AES

    Choose Change connection settings and then the Security tab.

    Set network authentication Microsoft: Protected EAP (PEAP) and click Settings. Check Verify server certificate and then choose our DigiCert Assured ID Root CA certificate.

    When using the Secure Password (EAP-MSCHAP2 v2) authentication method, click Configure and OFF Automatically use my login name….

    Save all the configuration, and then again in the Security tab choose Advanced settings.

    Check Specify authentication mode, choose User authentication. Save credentials.

    Enter login details here, i.e. the username together with @eduroam.ue.katowice.pl or the one you use to log in to the Google Apps service (e.g. first name.surname@edu.uekat.pl).

    If you do not have a password for the WI-FI network, create one by clicking HERE choosing the right domain.

    Following saving all configurations, you have been connected to the eduroam network.