I want to give you a super easy quick security win that you can setup right now.

A small practical exercise before we dig in to the theory.

So you have an immediate security capability to detect malware and hackers that you can setup in about 10 minutes and you don't even have to install anything.

This way if you forget to do the rest of the course at least you've got some security capability out of it.

So here it goes.

Wouldn't it be called if we could setup security tripwires to tell us if someone or something was poking around in our files on our laptop, on our phone, tablet in our email and our online accounts, basically everywhere.

Wouldn't it good to have some tripwires that alerted us when somebody was doing things we don't want them to do.

Well, we can set those things up.

Let me show you how to set these security tripwires using a service called CanaryTokens that is make available just for you guys on this course.

So you can have some quick and easy security wins.

If you make your way to www.stationx.net/canarytokens/ you can follow along with what I am doing and create your own tokens at the same time.

Here we have our little canary friend and his token.

You see a rather obvious red button here and this is what we need to click on to take us to the domain that will provide us with the tokens.

Here we are.

This is the domain here that will rotate so don't worry what that is at the moment.

Here we are. This is the main thing you need to interact with and I am going to show you 5 different ways of setting up traps.

These traps are also called tokens or canary tokens.

We are going to keep is simple at the early stages of this course.

First thing we need to do is we need to put in an email address.

Now, this is the email address which you want to get sent alerts to.

This needs to be an email address you monitor.

i.e. it's like the email address you have on your phone or something like that so you get notified immediately when there is a security problem.

You don't want to setup secondary email address that you never look at.

That is pointless.

It has to be an email address you monitor.

Even if you setup a new email address as long as it it the one you monitor.

Let me put in one in here.

So that's the email address I want to get sent alerts to and than I need to put in here some sort of comment that let's me know which token, which trap, has been triggered.

I'm gonna put Word document in password folder on laptop.

That is going to make more sense in a second.

Ignore all this for now.

Just have it at DNS and HTTPS and Generate Token.

If we go down here the first one I want you to have a look at is MS Word token or trap.

What this is done is this is generated a unique Word document for you that we can download. I will give you a demo of it.

Go download that now.

And if you see this here this is the Word document that we've just downloaded.

Now, if I click on that and that just opened up there.

You can see a little timer is going on there in the background.

You see there.

We've been alerted.

Now, anytime anyone opens this document you're gonna get alerted.

It's a little trap.

And this little trap should work on most operating systems, most versions of Word.

There is no 100% guarantee that it's going to work on every system and with every version of Word.

So if it doesn't work for you than try one of the other tokens I am going to show you in a second Let me close that.

I've created another example here You can change the file name of this document, by the way to anything that you like, making it enticing for someone to click on.

If I open this one in a second.

Just open this fully.

Now in this one I've put valuable and juicy information in it that hacker or other type of threat would be interested in finding.

PayPal, usernames and passwords, stock trading information social media accounts, etc., etc.

Those are the sort of things that a threat is going to be searching for If it's on your laptop, your device, your phone, within your email is going to be searching for key words.

If you want an idea of the sort of things that you want to put in these traps than I've put some examples here.

You can see personal information, financial information, file hosting accounts, and if we go further down here I've provided an example file.

Then we just copy this but you can use it as just an example of the sort of information You can see social security numbers, credit card details.

I've put the in the right sort of format.

Bitcoin wallet ID You get the idea.

So, we can imagine now hacker was snooping around in an area we specifically put aside just for the hacker to find and we’ve put in that Word document And he's now clicked on it.

And this is the alert we get, so we know he's snooping around And not only do we know he's snooping around

We know what he's doing because we setup that comment there and if we click here we can look to see where he's come from.

We can track him down and this provides further information on how he triggered the alert but what is important is that you react to the alert.

And later on in the course we are gonna talk more about response and recovery strategies as you get through the more advanced sections.

And if we look at the second type of token we can create or trap PDF, so we can download this PDF version.

And it work's pretty much exactly the same as the Word document we open this PDF document.

And we will get alerted that someone has opened it and BOOM, there we go.

Another alert PDF trap.

So I think you're getting the idea now, so you want to sprinkle as many of these tokens, these traps through you laptop, your phone, your tablet, in your email, on your online accounts.

So for example, you can put it in your Dropbox and maybe the staff at Dropbox are looking throughout your documents they open the Word document, boom, you know someone is snooping in there.

And as I said, they need to be interesting enticing and valuable.

And you can get that soft of information from here.

Now let me show you another sneaky way of setting up a trap.

Fake email of passwords number 1.

Oh, by the way, if you put it on that one You'll get more information in the alert about who the hacker was with this type of tracking we are about to setup now.

So, chose that one, chose generate and if you pop down here, we're going to go to web bugs and we are going to use two web bugs here let's just grab that URL so that is a clickable link that if a hacker clicks on you're going to be alerted.

Let's open up an email here Right, let's just pop that in there now.

Than we're going to send this to ourselves.

We could send it from a different account but all that matters is that the two emails address the account that you wanting to be monitored you're wanting to know if a hacker is in there.

We need to create an enticing subject.

And than just as an example, this one we're going to go here, I'm gonna copy all of this stuff here into this email.

Obviously you are gonna to put your own sort of information in here, things related to you so you've noticed I have just taken that link there.

Now I am putting that link here.

I can actually change this to anything that I want.

After this here you can change this to what ever I want.

So I can put login if I want .html you can see what I'm doing I am creating an enticement here by private file store - Backup of everything username and password.

So if a person opens this email and than clicks on this link it will trigger the alert.

We're going to do something even more tricky here cause we wanna definitely catch this hacker.

So within Thunderbird there is a feature by which you can insert a link to an image.

Now, we don't want to attack an image we want to insert a link to an image so if we go Insert and Image and we unclick this so we don't want it to attach we go on there and than we can put image.gif and you see we are already alerted.

That's how quick this service is and we do not want to use any alternative text.

Add that there and you'll see you can't see that image cause that is one by one pixel invisible gif.

Let me show you how this works.

We're going to send this to ourselves.

So there we go that's our little trap there and we can chose to open it leave it as an open email or we can leave it as unopened email but no matter what if someone is in our email and they are searching for whatever is that they wanna be searching for.

Maybe they are interested in PayPal accounts.

There we go, that comes up.

If they are searching for bank information, credit card information, that's gonna come up and all they need to do is just open it they don't need to click on a link.

Boom.

Caught the know they are poking around in there.

But let's say that doesn't work for whatever reason It should.

Than there are still things like that to entice them.

Click on that, boom, caught them again.

Now, in order for us to insert that image I went on this Insert Image, now you may not have this functionality available in the email client that you use.

It may not even be available to do this but it doesn't matter you can still download Thunderbird if you like.

It's free and just send an email or emails using Thunderbird just for this one task if you cant work out how to embed that invisible web bug into your email.

So, as I said you want to sprinkle these tokens thorough you laptop on your laptop, phone, tablet in your email, in your accounts, make them enticing make them valuable and then when you get an alert respond to that alert and respond in a ways I recommend thought this course.

Changing your password and other such sort of things disconnecting from the network so there you go, that is your security quick win.

Go ahead and set those right now.

You will have, after you set this up, better security detection capabilities than most companies do.

You might not believe that if you are not in the security industry but that is a sad and true analysis of the state of most organisations detection capabilities.

Just think of Eduard Snowden, he was poking around in NSA for months as an insider threat and nothing like this alerted the NSA.

Pretty crazy.

Later on in the course we will discuss canary tokens at a more advanced level when you get there you will understand more about how they work and will understand about importance of detection controls which these are vs preventative controls which are used to stop the hacker from getting in in the first place.

Preventative controls are very important.

We use defence in depth approach.

All of which we're go going into.

So, hope that was fun.

So now let's dig into theory and the basics and start our journey into cyber security.