October 11, 2022
Good morning, everyone!
This week’s critical vulnerabilities:
Patch All the Things!
Consult Only Original Sources of Information
Recent articles about online scams got me thinking once again about the importance of consulting only “original sources of information." What are some good examples?
Your bank account has been compromised
Or you need to confirm your information because they have updated their system, or suspicious activity has been reported … you get these emails and texts all the time, right? What do you do? Two options:
- Go to the bookmark (or favorite) you have saved in your browser, and log into your account where you know it is safe to do so. (If you haven’t bookmarked the login pages for important sites you visit, do that right now!) If there is a problem, as soon as you log in, you’ll get a notification on the page.
- Go old school – pull out your bank card, flip it over, and call the number on the back. If there really is a problem, you will immediately be transferred to the fraud department.
Tech support help
If you are working in a software application and get stuck and need help, what do you do? Go to Google and type “tech support help” in the search box? NOOOOOOOOO!!!!! Look at the top of the screen, the menu bar, almost certainly has a menu item titled “Help” – guess what? The clue is in the name. That’s where you get help! 😁 It may link to a knowledgebase or it may have a phone number, whatever, that is where you get legitimate tech support for that application, not a scammer trying to steal your money.
Spammy phone calls
If you get a phone call claiming to be with your bank or your doctor’s office, but they start asking you questions (“Can you please confirm your date of birth?”) or they say there is a problem with your computer and they need remote access to fix it … ask for their name, trouble ticket number, callback number, then HANG UP! Call the number in your contacts (NOT the number they gave you) for whoever they said they were.
Develop your natural skepticism!!
Stay safe online this week!
Upcoming Virtual Workshop
Eight years after its release, many organizations still find themselves struggling with how to
implement the NIST CSF. In this virtual workshop, we will break it down into a simple, 7-step process that
anyone can follow.
Have a great week!
Security Awareness Training Available Here, There, Everywhere!
Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.
Contact me to schedule your employee training sessions. They're fun! ☺