It doesn’t matter if I’m paranoid – “they’re still after me!” This might sound trite coming from a security professional, but I think we all need a good dose of paranoia when it comes to using “connected technology” (online/internet) and providing our information (email, credit card, etc.).
Who is it that is after you and what do they want?
Well – the reality is there are a LOT of people, companies, organizations, nation states, and bad guys that are trying to scam, collect info, rip off, cheat, steal, and/or infect your computer, phone, tablet, smart phone, connected washing machine, etc. They don’t care how big or small or rich or poor, you or your company are. They are running programs that connect with as many users or machines as possible. It’s a numbers game. For every diligent (slightly paranoid) technology user out there that doesn’t fall for their tricks, there are plenty that will.
Think before you click!
I’m not advocating for burying all your electronics in the potted geranium and building a hut out in the woods. But we’d all be safer if we went online with the assumption that people are “out to get us.” If we researched each app that we’re about to install on our phone or tablet, or scrutinized the address of the website, or link to click on, or email from an unknown someone BEFORE we click, or open, or install – we’d stand out from others as being safe and savvy technology users.
Here are some friendly reminders:
- If you have any doubt as to the status of patching and updating on your computer (or phone, tablet, servers on your network), or how recently your anti-virus was updated – STOP and ask your IT professional to confirm all is in order. Have them show you how to check for yourself (Note – some business networks have the updates disabled for end-users as it’s handled centrally by IT).
- Before you open an email – look at who it’s from. Recognize them? Expecting an email with an attachment? Ok, then proceed – but with caution.
- Even if you do recognize the sender, proceed with caution when it comes to attachments. It’s not just program installers (exe files for Windows or dmg files for Mac) that can infect you. Viruses are found in PDF, Word, Excel, JPG, etc., because we’ve all learned to watch out for the installers, so the bad guys evolved to use other file formats. We need to evolve to look carefully at all other types of attachments as well.
- Here’s the next trick they might try – instead of email coming from firstname.lastname@example.org (perfectly legitimate) – the bad guys will send it from yourfriend@email@example.com.Notice the extra “@me.com” on the end there? If you just back away from the Running of the Bulls in Pamplona and are faced with a huge amount of email in the inbox, you might not take notice – and that’s what they are counting on (not you running with the bulls, but not noticing their little tricks) and you click to open the email and TaDa you have a virus.
- When in doubt, pick up the phone and call the person and ask, “Hey Bob, did you send me an email with an attachment?” It’s old school – and it works.
Be (and stay) paranoid my friends, it will save you time and frustration.