Security is the enemy of convenience. I went to a seminar this week and this was the big idea I came away with. I also realized that I am the worst offender of this in all of humankind. I hate going through the extra steps of whatever it is in order to be “safe.” I learned a lot though – about what things that you really don’t need to worry about as much as what you do.
I will refer to “they” when speaking about the bad guys, even though I don’t really know who “they” are. William Prohn from Dopkins and Company gave a presentation that was quite informative. He ran out of time because of all our questions so it was a much-needed topic.
When they are searching for our social security numbers, the numbers themselves are meaningless to them unless there is a way to use it for money. One of the most surprising things, is that credit card numbers are not a hot commodity anymore. They just aren’t useful because they can be canceled so quickly. Most of us go to great lengths to make sure no one can see them and it turns out that are not appealing in the least anymore.
Interestingly, health information files are very appealing, however. The reason is because of all that stuff you have to fill out when you go to a new doc or dentist. It has information about your family history as well. A lot of that becomes useful when answering security questions later.
The hottest new thing right now is ransomware. This is when your computer gets held hostage until you pay the ransom. It is more lucrative because they don’t have to steal your products and try to sell them without getting caught. It’s a one and done situation. But honestly, the small amounts that you and I have to pay a ransom isn’t really the incentive. They could mostly care less about our information. What they want is to use your computer to hit bigger targets. And yes, they can hold the cloud for ransom too. They seldom (if ever) get caught because they are not here in the states. The largest population is from Russia but they are literally all over the world. (It occurred to me that our American thieves probably are targeting people in other countries then.)
Fun fact: there are 60,000 attempts per SECOND to try to log in to someone’s information. Can’t even fathom that one.
Tax fraud was popular for a while. They file your taxes and claim your refund before you get to it. Luckily, the IRS figured out how they were doing it and changed their system. Not so popular now. Now they have targeted intercepting credit cards in the mail from the company before they get to the bank. They swap out the chip and then forward it to the bank. By the time you get the card from the bank, the chip has been compromised.
It’s not all gloom and doom. There are some things you can do. It usually costs more money to hire someone to recover your stuff than what your stuff is worth. The best medicine is preventive, of course. The easiest way is to block all internet traffic on your computer from other countries. The problem with that, is Google is set up internationally. Your email could be initiated from West Africa and you wouldn’t even know it. Let’s face it. No matter how safe you want to be, you aren’t going to give up Google. It would be a death knell for your company or business if you weren’t trying to get higher rates on the Google search.
Fun fact: Viruses are not much of a concern anymore. (Thanks to ransomware.)
William recommended getting a password vault. It’s an app that you come up with one very strong password for, and then it manages the literally dozens of passwords that you use for the zillions of accounts you have on the internet. I always thought that didn’t make sense because what if someone hacks your password for the vault? He explained though that while no one can guarantee complete safety, these programs are set up so that the various data is spread out over several vaults. The probability of being hacked is almost zero. He mentioned Lastpass and Dashlane but I know there are others. I will be working on that massive project sometime today.
One more fun idea. He suggests always using false answers on security questions. You have to be consistent with your answers every time, but don’t use the real information. It makes it difficult for them to build a realistic picture of you. I was thinking about how much fun that could be. You could build a story of your life that is what you always wanted it to be. My first car could have been a porsche and I went to Harvard, that kind of thing.
I didn’t walk away from the seminar being scared. I really didn’t. But I did walk away knowing that I have to stop being lazy and a slave to what is convenient. The extra steps to take to be secure are worth it. Convenience can’t be the end goal all the time, even in this society that encourages me to think it is my American right.
Now go vault your passwords!