Social Engineering = Theft Of Kids Hockey Funds

Here's a copy of an article just published in the Calgary Herald this past weekend, written by Anna Brooks. 

If you read my post dated Sept 12 2016 titled "Ripped Off: Social Engineering", the article will give you further proof that this is not only an ever increasing crime but can result in some huge losses. The worst part about this particular crime is that the scumbags actually stole money from a bunch of kids, taking away funds that were to go toward ice times and other hockey programs.

Ensuring you have a quality IT team will go a long way in helping defend against cyber crime but there are plenty of pro-active steps you can take to prevent becoming a victim in the first place.

6 Steps To Protect Against Cyber Scams

1. Don't plug in or allow others to plug in external flash drives and devices that may give access to your computers. Believe it or not but one of the most tried and true ways that thieves use to do this is the "accidentally" dropped flash drive in a company parking lot. Unsuspecting employees pick it up and plug it in while attempting to find out who owns it, thus allowing some form of malware to enter.


2. Be wary of e-mails that ask you to click on a link or request personal or confidential information. Everyone has received or heard of someone receiving that silly e-mail claiming to be from the treasurer of the Republic of Congo, needing help to transfer money for which you will be highly paid. Typically, these types of phishing scams are poorly written and ludicrous, but not always. Some are quite sophisticated and some come from what appears to be a friend, business associate or legitimate entity ( spear Phishing). Never supply personal info and never click on a URL! Even if you think it's legit, type the URL into your browser bar instead.


3. Beware of phone callers that ask a lot of questions. Chatty hackers can get info, or confirm things they've surmised from your web page etc., that they can use to hack into your account. Play it safe, write down their phone number and offer to call them back. And, never divulge personal info over the phone! 


4. Guard your e-mail accounts. Ensure you and your family members and employees use highly rated password combo's and frequently change them. And, stick with a service provider that has a good security track record.


5. Small companies aren't totally immune from this but larger ones have more weaknesses when it comes to thieves gaining physical access to one's computers. They may walk into a building wearing a company shirt or other such fake uniform, or they may 'tailgate' into a back door behind someone out for a smoke, but once they're in, they can plug in or plant malicious software on workstation computers. All employees need to be wary of who's getting into the building and should not be afraid to ask to see credentials, i.d. or official paperwork for access. 


6. Watch out for fake phone calls or e-mails purporting to be from IT departments or firms. This type of business simply isn't conducted this way and one should never allow access, or give information that would allow access to, your company's computers.