Cybersecurity Awareness Month Tip #3
This is a quick and simple one that hopefully we all know but needs to be said.
Whether email, text(sms) or telephone message think before responding.
Use the 20 second rule. Read, Examine, decide. <<<<< Read about it there
Hackers know you. There should be no doubt about that. Everyone is on social media and that is where they will begin. By using information that is publicly available about you, your family and your activities they build profiles. It is too easy and all to common. The scary part is you will never even know they are building a profile. You can see how easy and common it is here – How Safe is Your Personal Onformation
They use this info to hit your buttons. They will even use misinformation to get their desired response.
in an article the other day I gave an example of social engineering that was quite funny because it shows the technique is very effective regardless of species. check it out – My Cat is a Hacker.
So we have established that there is a very high probability someone has build a profile on you. Once you accept that you will be much more aware of how you interact with technology. Here are a few things you can do to safeguard against falling victim to social engineering.
- NEVER reply or respond to or click on links in SMS, email or DM messages unless you are absolutely sure they are safe. IF you think it may be a set up you are probably right. If you think it may be legit, contact the sender via a different source of communication to confirm. If you get a text message, send email to their address already in your contact list.
- NEVER give information over the phone to someone calling you that you are not positive who they are. If you need to converse with them look them up online and call them back. They should not have a problem with that. Just tell them to make a note in your file that you are returning the call. Never call back on the number on caller ID or one that they tell you.
- NEVER answer security questions or give a pin or account number to someone who contacts you. If they instist it is likely a scam. Otherwise they should be able to notate your file and allow you to initiate a call back to a number or email that you already have or look it up.
Be safe and mindful. No legit company, business or gov. entity will press you for personal information to be disclosed via a contact initiated by them. They should actually insist that in order to provide such information you contact them back at your earliest convenience and not attempt to give you instruction to use a particular phone number, address or email. They should request you research the appropriate contact information yourself.
Hope this little tip helps keep security awareness top of mind for you. Please inform others as well. You never know whose identity or livelihood you may save.
Book a call to learn how I can help you spread the word to your employees and family.Contact Us