This article originally appeared in the February 2022 issue of Security Business magazine. When sharing, don’t forget to mention Security Business magazine on LinkedIn and @SecBusinessMag on Twitter.
A few weeks ago, I noticed that my mom had been busy on Facebook, honestly answering those annoying posts that read something like: Marriages last an average of 8 years, how long has yours lasted?
Those of us in our industry know all too well that these types of posts are simply social engineering exercises designed to glean more information about the respondent, so AI algorithms will have a better chance to guess a password or the answer to a “secret question.”
I texted her: Mom- This is social engineering. Don’t reply to posts like this.
Her answer: OK, but what does that mean?
A Problem That Won’t Go Away
One of my favorite pastimes lately is watching some very IT savvy individuals reverse scam the people who cast wide nets to try and dupe our parents (elderly are often the victims and targets) out of their savings. These are the types of IT service scams that always end with a request for gift cards.
The YouTubers use virtual computers to protect themselves, create duplicated, fake Bank of America sites with accounts full of money, and then allow the scammer to install remote desktop control software. The YouTubers use technology to make them sound like an older person (man OR woman), and they call and proceed to play games with the scammers, wasting hours of their time and generally making them very angry. It is highly entertaining and often amusing. Check out Kitboga or Scammer Payback on YouTube if you want to dive into the rabbit hole.
Unfortunately, watching these videos makes you realize how vulnerable those who are less than IT savvy can be when it comes to phishing, scam baiting, and other common ploys that those of us who are cyber-aware would never fall for. And believe me, these scammers go to the well continuously and without any shame.
Protect Your Parents
Just about everyone reading this is cyber-savvy enough to be able to protect their parents and others close to us from these threats; in fact, Robert Siciliano, a Security Awareness Trainer at ProtectNowLLC.com who you may have seen on television and on LinkedIn, has plenty of advice to do just that.
“If you are like many, you are more technically inclined than your parents, so they might want to rely on you when they have computer issues,” Siciliano wrote in a recent blog post, available at https://safr.me/blog. “But you can alleviate many of these issues by keeping their device running smoothly, and you can do this all remotely.”
Siciliano recommends installing the same remote desktop control software (AnyDesk, TeamViewer, etc.) that you would scream at them to NEVER install when a stranger asks them to. This way, you can keep the computer updated and safe from your home without the agonizing work of trying to direct them over the phone.
He further recommends creating two cloud-based backups and one hard backup on an external hard drive. Ensure your parents’ computer is up to date by scheduling automatic operating system updates to happen late at night when they (hopefully) are not using it, and that every device has anti-virus software that should also be updated regularly.
He offers other recommendations to keep the computer’s speed acceptable – check out the blog post to read them all.
In the end, having someone there (you) to make sure your parents don’t misstep and stay protected is, of course, a micro-example of the role and potential that IT and cyber-protection services can play as part of an overall security services offering.
Being a guardian for your parents could be the first step to being a guardian for all your customers. The technology and the ability is there – it is just a matter of tapping into it.
Paul Rothman is Editor-in-Chief of Security Business magazine. Email him your comments and questions at [email protected]. Access the current issue, full archives and apply for a free subscription at www.securitybusinessmag.com.