Old habits die hard
Has this happened to you? My credit card was compromised twice in a year and each time the issuer reversed the charges, canceled the card and overnighted me a new card.
Currently the media is ablaze with reports on the recent personal information heist from Anthem. The health insurer launched a website, anthemfacts.com, to help impacted customers, including fraud protection tips and sign-up information for complimentary credit monitoring. Unlike a compromised credit card we can't simply issue a new birth date or Social Security number, so this Anthem compromise, to me, was a watershed moment that made me cringe.
It reminds me of the '90s movie “Sneakers” where Cosmo, the antagonist played by Ben Kingsley, proclaims to Robert Redford’s character Martin Bishop: “It's about who controls the information. What we see and hear, how we work, what we think ... it's all about the information!”
The reality is, a staggering value is put on information – your information – and it is the currency of the digital world. We may still carry greenbacks in our wallets but they have been steadfastly replaced by plastic, aka credit cards; which themselves may be on their way out as digital wallets in our smartphones and smartwatches are poised to be the next big payment method.
Many times we’ve learned that negligence/mistakes while using technology can enable the nefarious to pierce through the digital defenses. Some of the colossal breaches we've been hearing about were traced back to such mistakes that enabled the bad guys to further their attack to reach the loot. Attackers are indiscriminate as there can be valuable information on home or work computer.
One of these tactics is to send an email posing as a legitimate business or personal contact in an effort to elicit sensitive information. These emails include a link to a website where the recipient is asked to enter information the nefarious is seeking such as passwords.
Additionally, through the link or an attachment, they install malware that can remain stealth while stealing information on your computer. If your are victimized while using your work computer, the stealthy malware can explore the company's network to collect information and hunt for the treasure trove they can steal.
Above schemes are known as “phishing,” or in some cases “spear phishing” if a specific recipient is targeted. Individuals can be targeted when the bad guys get a customer's information from a security breach (like the Anthem case) and use it to pose as a reputable company with whom the recipient does business. A vicious cycle indeed!
So what can you do? Build good habits such as not clicking on links or opening messages that you didn’t solicit. Further, even if the sender of your message is someone you know, use common sense to ascertain if it is something pertinent to how you know this person/entity. If in doubt, call the sender before taking any action. Company representatives can tell you if the message you received is legitimate.
The advice to not open unsolicited email is “older than dirt” but the trick continues to snag victims because habits are difficult to change.
Business and technology strategist/consultant with 25 years of experience. Holds Bachelor of Science in Computer Information Science and MBA from Cleveland State University.
As founder of geek with a heart consulting, "Hand-holding You in the Digital World", Tak helps Individuals, Seniors, Families, Small Businesses, Schools, and Non-Profits utilize appropriate technology in their personal and professional lives.