If it doesn’t make sense, don’t click on it!

One way to stay safe from cybercrime is to watch out for things that don’t make sense. For example, I received an email notifying me that I owed back taxes. The sender was listed as “Internal Revenue Service.” Already we have a situation that doesn’t make sense.

If the IRS thinks you owe them past due taxes, they won’t communicate with you about that by email. In fact, they won’t text you about it, send a Facebook status update about it or Tweet it. Think hard copy, U.S. mail.

The hackers are using the IRS name to illicit an emotional reaction that might trump common sense. If you click on the attachment in an email like this, you might download malware on your computer.

The word “malware” is derived from two terms, malicious and software. If you download malicious software on your computer, it can do such things as intercept your keystrokes when you login to your various accounts, including bank, email and more. The hackers can then use the stolen credentials to hijack those accounts.

The only thing worse than having malware on your computer is having it on your computer and being unaware. That’s exactly what these programs are designed to do, hiding in the background and in many cases, they cannot be detected by antivirus programs.

To avoid this type of malware, don’t click on links or attachments in emails about subjects that don’t make sense.

It’s an easy point to forget, as many of us make are way through dozens of emails per day, often at a fast clip. So to help you remember the common sense rule, here is a short story about common sense.

The FBI had a wiretap on the phone of a mobster’s named Tony.  As agents listened, a call came from Joe.

Tony: Joe, I am really glad you called.

Joe:    Yeah, why?

Tony: I got a little problem. I think the FBI is tapping my phone.

Joe:    What are you going to do about it?

Tony: I already got a solution. I got a new number.

Joe:   OK good. Gimme the number.

Now for just a second, Tony gets some common sense.

Tony: I better not give it to you on the phone.

Joe:    Right…that’s smart.

Tony: I’ll meet you for lunch and give it to you then.

Joe:    I can’t meet you for lunch.

Tony: Okay, I’ll give it to you now.

Joe:   Alright.

Tony: But I will give it to you backwards.

Joe:  Good idea.

So Tony proceeded to give him the number in reverse order. So what did the FBI do? We got our best cryptologists on it.

Remember the Tony and Joe story and when you come across something online that doesn’t make sense. If it doesn’t, don’t proceed and keep yourself safe from possible fraud.

Credit Report Freezing is the Best Protection Against Identity Theft

I presented for a group of about 250 people last night in Rockford, Illinois. The audience was composed of clients and prospects of Savant Capital Management. Following the presentation, I learned from an audience member that his boss had been the victim of one of the most severe cases of identity theft.

The man’s identity had been used to purchase a tractor valued at $ 140,000, to open numerous credit card accounts, checking accounts, file fraudulent tax returns and more. In order to commit this type of fraud or identity theft in general, the crook needs the victim’s social security number. In most cases, of identity theft, the victim never knows how the thief obtained their personal information. That was the case here.

Even if you are careful protecting your social security number, that key identifier is in the hands of many people, some of whom, as history has shown, have not done a great job of protecting it.

Your best protection against financial identity theft, where the crook gets loans, opens checking accounts and credit cards in your name, is to freeze your credit reports.

This should be done at the three major credit reporting agencies, Experian, Equifax and Trans Union.

Freezing, as the word implies, is a near total lock down of your credit reports. To explain how it prevents identity theft, here is an example:

A crook obtains your name and social security number from a “dark website” that buys and sells personal information. That site may have purchased the information from hacker who breached a computer at a health care provider that had your social security number.

The crook uses your information to apply for a Visa credit card. Visa processes the application and requests a credit check at one or more of the credit reporting agencies. Since your credit reports are frozen, Visa cannot obtain your credit history and will reject the application for the credit card.

Credit report freezes are more effective than “fraud alerts” on your credit reports, because sometimes these alerts are ignored and unless you have already had your identity stolen, a fraud alert expires after 90 days, although it can be renewed.

The rules, costs and procedures for freezing your credit reports vary by the state of your residence. Go to the link below and click on your state to get more information about freezing your credit reports.


Consumers Union’s guide to security freeze protection

Ethics with a cyber security bonus

The topic of  my presentation for the New Jersey Association of Legal Administrators annual Managing Partner Night was “Leadership Ethics”. It was a great group and a receptive audience. My presentation was sponsored by a document solutions company whose main message was to encourage a robust computer back up protocol.

Before I began my presentation on ethics, I emphasized the importance of that message and how ransomware is one of the most significant threats facing small businesses today. If you have a backup, you will never have to pay a ransom to get your files back, even if you are victimized by cryptolocker.

Take the recent cases of two hospitals who were both attacked by cryptolocker. Hospital A had to pay a ransom to unlock their files, hospital B did not. The difference was that hospital B had a clean backup that was used to restore their files. A lesson for us all on the importance of backups.



Now for more on the main topic of my presentation to the New Jersey ALA, please see this link to my ethics handout:


Speaking Topics and Handouts

CNBC Appearance

At 2:40 pm Eastern Time today, I will appear on CNBC to discuss Microsoft’s lawsuit against the government regarding orders to obtain third party records from the company.