Protect YourselfPosted: August 31, 2020
While we are all taking precautions to protect ourselves from COVID-19, practicing appropriate hygiene such as wearing masks, washing hands and staying six feet apart, there is another area where we need to practice proper hygiene and that is around our personal computing devices.
I had a “fun” night a couple of days ago when someone in my extended family fell for one of many hacking schemes out there these days. This one was a pop up that took up the whole screen and appeared to say there was a serious problem with the computer. It conveniently gave the person a number to call at the computer vendor and when they called the number, the man answering the phone gave the person his name and vendor ID number. Of course, it was all fake. The worst part was that the person used the “fake attack” as an entry point and convinced the family member to open up their Amazon and one of their smaller bank accounts to see if they had been hacked as well. Meanwhile, the friendly and helpful person was watching every keystroke and now had IDs and passwords to both accounts.
Fortunately, someone else in the house realized this was going on and called me and I convinced the person to hang up and change their passwords immediately. They did do something right. The family member told the person on the line they had to go eat dinner and would call back. Thinking that he would get even better stuff, the hacker didn’t immediately use the IDs and passwords to withdraw money or make purchases. The bank account is in the process of being shut down and both accounts are being monitored daily for unusual activity for the time being.
While we can all shake our heads about these things, it is a reminder that we all need to be vigilant and constantly remind our co-workers, employees and loved ones to be careful with any message they get online. Obviously, one basic precaution is to make sure you have antivirus and internet protection software on all your devices, but that is not enough these days to stop all types of attacks. The key is to make sure you are vigilant every day all the time – assume the email, text or phone call is fake until you verify through some other means it is not. Here are a few tips to share:
- Don’t call the number or link to the websites on emails, texts or popups you get.
- Do a Google search, link from your already saved favorites or call a number you look up to check to see if the email, potential threat or request for help is legitimate.
- Do a search for the type of item you are seeing from a different device; there are often very good sites out there that list all sorts of malware, phishing and other types of attacks going on.
- If the alert came via email, see who the email is really from; most email programs allow you to hover over the email address and see if it is really from the person or organization it appears to be from.
- When it comes to any message, make sure everyone understands that it is not offensive to call someone to ask if they really sent you the email or text before you click on any links.
- Wherever possible, set up two-factor authentication on all your important accounts – especially those holding financial assets that are easily transferred.
- Finally, reinforce these points constantly at every few weeks.
Remember, good hygiene applies to the virtual world as much as the real world. Be safe out there!