Adam Levin:
Travis, I understand you have a terrific story for us to open the show today.
Travis Taylor:
Sure. There’s a type of hacking that’s increasing, apparently called salami attacks or salami slicing attacks. The way that this works is that people will break into several bank accounts all at once, sometimes hundreds, sometimes thousands, and then takeaway sip off very, very, very small and unnoticeable amounts of money out of these accounts.
Beau Friedlander:
So we’re talking like 25 cents or
Travis Taylor:
What? Yeah, it can be 25 cents, it can be a dollar. And to be fair, this is a type of scam or hack that’s been around for decades. It was a major plot point in the movie office space. It was also that they even referenced this in office space, a plot point in Superman two, not the more recent one with Ben Affleck, but the one with Richard Pryor and Christopher Reeve. What? So wait,
Beau Friedlander:
What are the references? So what is it?
Travis Taylor:
It’s something where you are just taking little tiny amounts of currency and funneling it into a larger account, but you’re taking it from several different sources all at once. So it’s not noticeable, but it’s noticeable enough once it starts to accumulate.
Beau Friedlander:
Adam, isn’t this just like the 7 49 whatever thing,
Adam Levin:
9 84? But yes, it’s very much like that. There was a scam several years ago where people would hit accounts, generally cellular phone accounts for $9 and 84 cents. They were called gray charges, and they were hoping that people wouldn’t notice $9 and 84 cents because most people generally don’t pay attention to anything under at least two digits, so $10 and up. So this kind of sounds like an offshoot of that.
Travis Taylor:
Right? And one of the things about it that’s making it more feasible or easier for scammers to do is that in this day and age, we have a lot more things coming out of our bank accounts automatically. If you have an app that’s billing you a dollar a month, you’re not really going to notice that. If you have 10 apps that are billing you 50 cents a dollar, what have you on a regular basis, it’s a lot harder for people to notice, especially if you have something like Acorns, the investment app that just adds a couple of extra cents to invest in the stock market and what have you. It’s a lot easier for this type of scam just to be hiding in plain sight at present. But the other thing about it that I thought was interesting is scammers are also apparently using brute force attacks with this connecting to your bank account, what they can do is try to connect through just entering in random or at least targeted bank account and routing numbers and seeing which one works, putting a penny or two into that account, and as soon as they have confirmation like, okay, this connection was successful, then they will start siphoning the money out of that.
Beau Friedlander:
And we’re talking literally about cents or dollars or what Is it?
Travis Taylor:
Both, either. It depends on the scammer. It depends on how greedy they are.
Beau Friedlander:
Do you have any examples of specific things that have happened?
Travis Taylor:
There is a phishing scam that was noticed actually in, I believe in India pretty recently, where what they were seeing was it was credential phishing, but they would also be following up with that with the salami attack.
Beau Friedlander:
And the salami attack was specifically a small amount of money that was getting siphoned out of your account,
Travis Taylor:
Right? In that case, it was just them being greedy because it was meant to be a lead up to say malware distribution, ransomware distribution. But they kind of felt like as long as they were getting those credentials, they’re able to just say, okay, as long as we’re here, let’s also turn this into a means of getting a little bit of extra money before leading up to a full scale ransomware attack.
Adam Levin:
Yeah, kind of. Why not? Hey, because it’s opportunity opportunity. One thing we know about threat actors is they are real opportunists
Beau Friedlander:
Travis, is there any way that our listeners can protect themselves against this salami slice attack? Yeah,
Travis Taylor:
I think one of the easiest ways is just to set up a couple of different checking accounts or bank accounts for yourself. If you’re going to have one account that is constantly getting little tiny bits extracted from it for Netflix, Disney plus Acorns, or take your pick, keeping that aside from your main financial account just because if that’s something that you’re putting in a small amount in every month, you’re not necessarily protecting that amount of it, but you’re minimizing the damage there. And that’s, as we know, one of the three M’S
Adam Levin:
And an analogy here would also be where you have networks in your home and you put your kids on one network and you want another, just so that you want to be careful because children can be real explorers when it comes to the internet and you don’t necessarily want them clicking on links or opening attachments that might involve kid related stuff.
Travis Taylor:
So I guess the way to put it is the best defense is to slice your own salami or Turkey or bread or cheese. I don’t know why they picked salami, but just,
Adam Levin:
And this is not necessarily cutting edge information we’re giving people here,
Beau Friedlander:
But it is a bit like this network thing that you’re saying, Adam, but at the same time, what a pain in the butt to set up a separate bank account for this.
Travis Taylor:
It can be, and it depends on your app or your bank or your credit union because in some cases you’re able to set aside, say your Christmas fund or a tax fund or something like that. You can do the same thing with your app fund for instance.
Beau Friedlander:
Oh, I have a thought with my, Adam, you taught me this with my older child. I have a credit card that I’ve given her a shared card on, but I can actually limit the amount of money that goes out on her specific card in that account.
Adam Levin:
What’s interesting though is that there are many financial institutions that don’t do that, because I’ve tried that on a couple occasions and some will say, yes, you can limit the amount that someone can charge on a credit card and some basically say no. So really you have to ask your institution if they let you do it, but it’s important to do
Beau Friedlander:
It, but it might be a way to outweigh around it. Now I’m just going to be thinking constantly. There’s this Russian guy who does parkour tricks, and I became friends with him online and now I give him a dollar a month on Patreon because I think he’s cool. And you’re right, I probably have 20 of those right now,
Adam Levin:
But another, and
Beau Friedlander:
It’s a lot to keep track of.
Adam Levin:
Another way to approach this though is also just sign up for transactional alerts from your institution that notify you anytime there’s activity in your account, and then you have to be an adult about this. You have to look and make sure that what you see is what you expect to see and it’s not a surprise.
Beau Friedlander:
Yeah, no, I had one of those this weekend. I was sitting on my front porch and up pop two charges from JetBlue, one for $30 and one for $40 on my debit card. And I never use my debit card. My debit card hasn’t been used once. So my number somehow got out there because I confirmed with my bank that it was my debit card that was used, and it was used. Now to their credit, they refunded the money within an hour and they closed down the card. But you don’t know that these things are happening unless you have transaction alerts set up.
Adam Levin:
And a lot of banks actually condition their response on how quickly you notify them that you see something that doesn’t make sense. However, I thought I was allowed to use your JetBlue card.
Beau Friedlander:
I knew it was you. I knew it. No, and really honestly, if you do it again, I’m going to start using your American Airlines account.
Adam Levin:
Oh, well. Alright, now that is a threat. That does disturb me. Hi, I am Adam Levin ringmaster of this glorious three-ring cyber circus that we call what the hack.
Beau Friedlander:
And I’m Beau Friedlander Cybermen reader, writer, thinker about all things hack horrific.
Travis Taylor:
And I’m Travis Taylor, and by Adam’s description, I guess that would make me the cyber bear on the unicycle.
Adam Levin:
But when we’re really on the subject of setting up separate accounts for small charges, one big problem that we face in this country is that we don’t educate our people well enough early enough to be responsible cyber citizens. So our guest today with a very interesting story is Jennifer, we are protecting her last name at the moment to protect the innocent. But Jennifer, where are you from?
Jennifer:
I’m from the Indianapolis area in Indiana. Go
Adam Levin:
Colts. Go Colts. So what is it you do?
Jennifer:
I manage an oral surgery office on the northeast side of the city.
Adam Levin:
What’s that?
Jennifer:
Every day is a new adventure, Adam. It’s very interesting. I’ve actually been at the same office for the last 16 years and it’s because there’s, every day is different from the last, so the patients are very different. The technology in oral surgery, believe it or not, has advanced tremendously even in just the time that I’ve been here. So it’s pretty
Beau Friedlander:
Cool. Are we talking about people getting new grills or are we talking about teeth or the whole jaw? I mean, what do you do? Everything.
Jennifer:
It’s mainly wisdom. Teeth extractions, dental implants, bone grafts, oral biopsies. From time to time we have occasion to see patients with facial fractures or jaw fractures.
Beau Friedlander:
So grills, but grills. Lots of grills.
Jennifer:
Oh no. Grills is a different area of dentistry. That’s
Beau Friedlander:
Not, wait, Adam, before you jump in, I know you have a ton of questions. I have one question I have to ask it. I can’t help. In the interest of science and darwinians stuff, are people having fewer wisdom teeth these days? I feel like I’ve been alive now for a long time, and when I was a kid, people had wisdom teeth, but they don’t anymore. We’ve evolved out of having wisdom teeth, so people only have one or two.
Jennifer:
Our patients still have plenty of wisdom teeth, thankfully. No way. Yeah, that’s kind of our bread and butter usually. But yeah, so it’s not been our experience that fewer people are having fewer wisdom teeth. But every once in a while we do see patients just with one or two, or sometimes we see patients with six or eight.
Beau Friedlander:
Oh, what?
Jennifer:
Yeah, right. You can have extra with
Beau Friedlander:
That’s awesome. Now that makes me think they’re sharks. But I asked because I only had one real one, another one that was sort of okay. And then I had this little tiny sea one that was sort of shaped like, I don’t know, a toothpick. It wasn’t even really a tooth. I still have it, it’s super cool. But anyway, enough about me.
Adam Levin:
So 16 years. Okay, so clearly you’ve taken root at this practice. Sorry, I couldn’t help myself on that. I had to throw that out there. But it’s fast. I mean, I need implants that I’m hiding from, but I realize that I must face reality and do this or else I will have no teeth. They will all crack. But it is a fascinating area and more and more people are getting implants and apparently the process is getting less expensive because there have been advances made.
Beau Friedlander:
I have a question for you, Jennifer, which is your story today in some way related to oral surgery?
Jennifer:
No, it’s actually completely, it’s on the personal side, so yeah, completely unrelated.
Beau Friedlander:
Well, alright, let’s hear it. Let me hear what this is. Yeah, I mean I was expecting some very crazy story about somebody buying a Corvette with their oral surgery money.
Jennifer:
No, I mean, I hope to be there one day, but no, this is actually a story regarding my son. He was 16 at the time that he, well, our family by way of his activity experienced bank fraud.
He had just had, I think probably his first job, first debit card. And we handed him the debit card and said, okay, be very careful with your transactions. Don’t overdraw your account or you’re paying your own fees now go be experienced and enjoy this card. And he actually ended up, I mean it was a learning experience for all of us, including my husband and I. He received a text message when he was at school one day and the text message said, Hey, this is your bank. We need to verify some activity on your account if you would please give us a call at this number. And
Beau Friedlander:
They said, Hey, do you think they said, Hey, like, Hey,
Jennifer:
They most likely did. And I mean he fell right for it. Oh man, they’re speaking his language. And so he called them immediately because he was sucked in immediately and verified a whole bunch of information, who he was, where he lived, his login credentials for his online banking and his pin number for his debit card
Beau Friedlander:
Social. Did he include his social security number in that mix?
Jennifer:
He did indicate that he did not give them his social security number.
Beau Friedlander:
That’s good news.
Jennifer:
And we’ve been monitoring that ever since this happens. So they said, okay, well, sounds like everything’s in order. Thanks so much for calling. Take care. We we’re good to go. You can just keep doing your thing. And I believe that was maybe a Thursday or Friday. It was right before winter break for him at school. And the following Wednesday, which was December the 27th, 2017, actually our family was in the car heading over to see the last jet ex. Perhaps you guys are Star
Beau Friedlander:
Wars fan, of course. A hundred times,
Jennifer:
Yes. And he received a phone call from the bank saying, Hey, we just need to verify some activity on your account. And he said, okay, yeah, sure. So he just wants to apparently verify with anybody who calls him
Beau Friedlander:
Same bank.
Jennifer:
I’m sorry,
Beau Friedlander:
Same bank or bank with quotes?
Jennifer:
It was the actual bank.
Beau Friedlander:
Oh wow.
Jennifer:
Okay. And they said, have you been to Chicago lately? And he said, no, I’ve been with my family for winter break. And they said, okay, well, we see that there are these debit card transactions and now your account is seriously overdrawn.
Beau Friedlander:
When we say serious, do we mean Corvette serious or do we mean dinner in a show serious,
Jennifer:
More like dinner in a show, serious, maybe not even that much, but Sirius to a 16-year-old
And serious enough that they identified some weird activity and called the actual bank, contacted him. And so after the movie was over, because of course we couldn’t Miss Jedi movie, certainly not, certainly not. We went over to our local bank branch and they let us know that there had been some suspicious activity in particular, some checks that had been deposited via ATM. And then immediately funds were withdrawn against those checks. And so eventually through a series of conversations, we obviously told right from the jump that we had not, or he had not been the person performing those transactions, eventually it was discovered, which I think they expected at that point, the checks that had been deposited via ATM were fraudulent. They were payroll checks that were just, they were nothing. Ultimately his account, I think it ended up being less than $450 overdrawn. So again, not even a giant amount of money.
To him it was huge. And they asked him, what’s happened? Have you shared your information with anyone? And he did disclose the information that he had shared with the quote air quotes bank, and as soon as he indicated to them that he had shared his pin number, their demeanor, their whole posture just immediately changed. And they said, oh, interesting. Because when you share your pin number with anyone else, if they take money from you, you’re on the hook for it. Those transactions are not insured by anything. You basically just give up all rights to any recourse that you would have.
Adam Levin:
Well, one thing that I’ve noticed with certain banks, depending upon the length of your relationship and the size of the money that you deposit in the bank, that you might still get some form of reprieve from them. But it’s really, you need to know the bank well and they need to, shall we say, value your patronage. And any bank that doesn’t do that for a young person, I think they really need to rethink their customer service policy. I say this as a former consumer affairs director for estate, but
Beau Friedlander:
So you’re saying that the bank should have been like, look, this guy is going to be with our bank for a gazillion years, let’s give ’em the 450 bucks.
Adam Levin:
Yeah, it’s like, we’ll give ’em a pass on this. There are some major tech companies that, if you shall we say overplay your welcome when it comes to video games and things that they’ll give you one pass because their attitude is they would really like to keep you as a customer.
Beau Friedlander:
All right. So is there more to this story, what else happened? So when the bank said, oh, I see, so you did the soccer equivalent of an own goal, you gave them your pin code, they took your money. It’s the same thing as actually giving them your $20 bill out of your wallet from their point of view, I guess
Jennifer:
After that. Well, we did obviously bill out a bunch of paperwork listed all the transactions that we found to be fraudulent, and they did their investigation because our son had disclosed his PIN number and they really did tell us that their hands were tied and that there was nothing that they could really do for us. And we did have a newer relationship with that bank, but we had, our family accounts were there. My husband and I both had checking accounts with that bank. We had our savings account. So it wasn’t just like that. Our son’s account was the only account. It was much more substantial than just the $450 that we were talking about at that time. And so actually a guy from the fraud department from the Fraud Investigations department called, he said that they had video of the man depositing the fraudulent checks and withdrawing the funds against those fraudulent checks. Our son’s bank statement even had the address of the ATM listed on it, and they basically told us that because it was such a small amount of money to them, they weren’t going to pursue things any further. So in order to keep as far as identifying the individuals that had perpetrated the fraud, in order for my husband and I to keep our accounts in good standing with the bank, we had to settle the negative balance from our own accounts.
Beau Friedlander:
Is this a big bank or a small bank?
Jennifer:
I mean, it’s a decent sized bank. So
Beau Friedlander:
If we were watching the Simpsons, would it be Springfield Bank or would it be
Jennifer:
I think it would be a bigger bank. Okay. I think you would recognize, yeah, if you heard the name, I think you would recognize it.
Beau Friedlander:
I feel like they didn’t do the right thing here.
Jennifer:
Yeah, really
Adam Levin:
It was shortsighted on their part and it was not fair to you guys. Especially, it’s one thing if you’re talking about somebody in their thirties and forties, fifties, they say, come on now, the way the world works, this is a 16-year-old boy. I mean, it’s kind of like give ’em a break,
Travis Taylor:
Especially if they’re saying that they’re not going to give you any kind of mercy in terms of the money coming out of the account. But it’s also such a small amount that they’re not going to bother to try to pursue that any further. That’s sort of a one two punch right there.
Beau Friedlander:
Yeah, no, it feels like, I mean, I’m older. I mean I’m thoroughly Gen X and to me it just feels like some mean millennial kind of attitude like, well, I don’t really care enough to research this. Sorry, millennials out there who may not be like this beating
Adam Levin:
Up on the millennials again, can’t
Travis Taylor:
Help but
Beau Friedlander:
Man. So listen, I’m just saying it’s like I’m not going to work on this and also you owe me the money, but I can’t be bothered.
Adam Levin:
No, the magic words, my hands are tied. It’s like my hands are tied.
Beau Friedlander:
It’s a bank. They don’t have any hands.
Adam Levin:
Someone said that’s why they’re called bankers and not entrepreneurs. But this does bring to mind though, one of the pieces of advice that we give people, the three of us, and that is especially when you’re dealing with a young person, and I know the normal inclination of a parent is to have a bank account and give them a debit card that you may want to think about the possibility of not a debit card, but rather a credit card one that you monitor, especially now you can sign up for transaction alerts that notify you of any activity in the account. You can do that with your bank too. But also it has to do with the level of protections that are available because with a credit card, remember it’s their money with a debit card, it’s your money, you have much more time with the credit card.
They generally have a zero liability policy. These days used to be $50, it’s now pretty much zero liability. It just gives way more protection, way more time. And also if you say, okay, well this is a kid and I’d like to have him or her understand money management better. And one of it is you can only spend what’s in your bank account and that’s it. But with a credit card, it’s just sort of be an adult look at your credit card balances on a daily basis or a sign up for transaction alerts, and at least you are better protected and the family is better protected. So you wouldn’t have to go through a situation like this with a credit card.
Beau Friedlander:
I know, but Adam, if you’re going to say, snap your fingers and be an adult that doesn’t really work with a kid, not adults,
Adam Levin:
Well then manage the account with them.
Beau Friedlander:
Yeah. Well, so here’s what my question was going to be. I know you do this, Adam, because when we met a thousand years ago, we did have the talk. You sat me down and we had the talk, right? And it helped tremendously. I tell you something, having somebody who knows their way around credit and finance is a wonderful thing. And for most kids, that’s us. It’s the parents who we know a little bit about finance and money, and it sounds like you did have the talk with them. What I’m curious about is, okay, so if the bank, I’m stuck on this bank, if they didn’t want to help, they didn’t want to look into it. It was such a small amount of money. Did they have a program where they could help your kid get better acquainted with proper hygiene on banking? Or was it just see you later or buy
Jennifer:
It was just basically, see you later. Bye, man. Because when they said you have to, us’ parents need to settle his negative balance in order to keep your accounts in good standing with the bank, I hate that. I did express to them that if that was something that they were going to require of us, then we would not feel comfortable continuing our family’s banking relationship with them. Well done. And they said, well, how about this? We’ll credit you. That’s $45 and return fees and then you can pay the rest of the money and then we’ll be good. Right? What you were
Beau Friedlander:
Like, sorry.
Jennifer:
Yeah. I was like, man, that’s almost even a little more of a slap in the face. So they do
Adam Levin:
Not, they clearly did not understand the concept of customer service
Beau Friedlander:
Or customer retention. I would’ve been so out of there. Let me ask you a question. Are you still banking with them?
Jennifer:
Oh, heavens no. Excellent. No. Yeah, we bailed pretty much. Actually we settled the account beginning of January in 2018, let everything, let all the stuff settle out and return to a zero balance. And then we moved all of our accounts over to another large bank. And actually when I went to the other large bank, we’ve been thinking about moving to them. Some of our family members, actually many of our family members bank with this institution and half for years, I met with the banker there. And my first question was, so how do you guys handle fraud? And they were like, oh, there’s a story. What do you mean? And we’ve had thankfully no issues with fraud. I mean, there have been sometimes where they’ve caught some funky activity, but thankfully it’s never risen to the level that there’ve been any issues to the magnitude with it. Now
Beau Friedlander:
Adam’s going to have a whole list of what he calls the three M’S type things for you to do, but before he gets to that, right, I know you have that, Adam, am I right? I’m right for sure. Yeah. Okay. But before we go there, I am wondering if there is now in your head, Jennifer, a talk now. So I gave my kids both have a card and they use it and it is an institution where I can put a limit on it, but I told them what you told them, this is essentially cash. This is a convenient way for you to pay for things, but at the end of the month, you got to settle up every month. And they don’t really do it. And it’s a point of contention, but at least they kind of understand it. But when it comes to fraud, what would your mom of that 16-year-old before it happened, knowing what now say, how would you deal with it?
Jennifer:
I think the first thing I would say is never give your pin number to anyone.
Beau Friedlander:
That’s a good one.
Jennifer:
Never verify any of your information with anyone unless you look up the phone number for the bank yourself on your app and you call them directly and say, Hey, I got the text message that you needed to verify some of my account information and verify that with them as needed. And I don’t know. I think too, I’ve listened to enough of your podcast episodes that I would just say that you really can’t trust anyone that you don’t have a good relationship with.
Beau Friedlander:
Well, first of all, congratulations on having wonderful taste and that you like all the stuff that you’ve heard on the show and you’re putting it into use in your life. But first, before that was first, actually, I did want to say there’s one thing I noticed in your story that we didn’t touch on that is important, and it is that that first call came to your son when he was at school. And I have no idea, and there’s no way to know if the scammers knew that he was young and that he was going to be in school at that time. But the thing that I try to bear in mind at all times is no matter what I’m doing, whether I am holding three wedding cakes, one on my head and one in each hand, I have to be aware of the fact that I may not be aware of the fact that I’m being targeted and scammers are looking for that moment when I’m not paying attention.
Travis Taylor:
That’s actually one of the questions I had that I don’t think we’re going to come to the answer for here, but how they knew to target your son. Exactly. But that might suggest either maybe your son was just giving out other information of some sort, but it’s entirely possible that there’s someone at the bank that was a little bit less than on the level that was helping provide the target. Creepy. I mean, I don’t know. It’s not quite so common with banks, but right now, for mobile service providers, that is a huge vector for attack, which is people who work for the company supplying access to scammers, to sim swapping
Beau Friedlander:
Adam. Adam, what do you think of that?
Adam Levin:
No, I’ve heard of that. Sort of the insider threat. The other thing is that a lot of these folks who are scammers follow people on social media.
Beau Friedlander:
Oh, right. Is your son on social media, Jennifer?
Jennifer:
He is. Yeah, he is. To a limited extent. I think he,
Adam Levin:
Are you on social media?
Jennifer:
Yes. We’re on different social medias. I’m on Facebook and he’s too young for Facebook, apparently he’s more Snapchat, Instagram, TikTok,
Beau Friedlander:
Those
Jennifer:
Types of things.
Adam Levin:
See, a lot of these situations occur because parents are on social media and people follow different people on social media. I mean, for instance, what does your husband do?
Jennifer:
He is in software sales
Adam Levin:
Software. Alright, so software. So sometimes that they’re not necessarily going after someone, they’re going after the people that particular person is affiliated with or people that it’s not even for those people, it’s for the place where they work. And so a scammer will start with what they think is the weakest link and they’ll start to move up the chain. And oh, by the way, if they can also nail some money along the way, they like that as well.
Beau Friedlander:
That is the thing. It’s like they could have been going after your husband for all we know, but they were like, oh, look at this kid. Oh look, 400 bucks, I’ll take it.
Adam Levin:
Well, no, and I’ll give you another thing too. They possibly not to create paranoia, but they possibly could have come after you. Why? Because you work in a medical provider’s office
Beau Friedlander:
With lots of expensive procedures
Adam Levin:
And lots of patients. I’ll give you sort of the ultimate scary example is hackers got into the network of a plastic surgeon in Beverly Hills and they not only put ransomware on the network and try to extract a fee essentially for going away, but they then also said, what’s it worth to you for us not to release the data on your patients? And then after that, and they got paid, they went after the patients individually and said, what is it worth it for us not to publish before and after pictures of your plastic surgery? Damn. And then they got some of the patients to pay. So again, both of you work in situations that would be very interesting to scammers and hackers.
Beau Friedlander:
Alright, you’ve scared everybody to death. Adam, thank you. Can we be a part of this solution for a second here? And what are Adam, the things that can help? What’s the talk look like nowadays?
Adam Levin:
The question is, does either your practice or your husband’s company offer as part of employee benefits, cyber protection or identity theft protection programs?
Jennifer:
I know that mine does not. I can’t speak for my husband’s. I don’t know.
Adam Levin:
Yeah, because a lot of times companies now as part of their employee benefits programs offer help to people. So in a situation, if his company offered it, then you would’ve had a professional working with you from the beginning.
Beau Friedlander:
Yeah. And that professional might’ve said when they were like, we’re not going to pay this. They would’ve maybe helped you with that. But
Adam Levin:
Yeah, so these are programs that are available, but that’s the third M. The first M is really how do you minimize your risk of exposure, reduce your attackable surface and for the whole family and for your kids, it’s long and strong passwords. Or use a password manager, don’t share passwords across your universe of accounts or websites. Use two, two-factor authentication where this is where you start to log in somewhere and then a code comes to your phone, a trusted device. And there are also new ways like Google Authenticators and auth and several other ways that are the second factor of authentication. Third is the big rule, which you yourself said, never authenticate yourself to anyone who contacts you. I don’t care who they are, immediately get the information and contact the institution or that particular person if it’s somebody. And just even something as simple as an E-card could be the pathway in for a hacker into your home network because you click on the link saying, oh, this is lovely. Grandmom sent us an E-card, but it wasn’t grandma.
Beau Friedlander:
Yeah, if you don’t like e-cards and if you don’t like e-cards, it’s a really good way to make ’em stop because my cousin sends ’em to me. Sorry Jonathan and I don’t love them. Sorry Jonathan. But when now he stopped because every time he sends one, I say, Jonathan, did you send me this E-card? And he got tired of it.
Adam Levin:
It’s like it’s a buzz kill, but it’s a protective device so you don’t get killed. Also, don’t let download every app in the world because it’s new and cool and whatever. Go to a legitimate app store, read reviews, freeze your credit and freeze your children’s credit, which you now can do. And it’s free based on an amendment to the banking law that was passed a couple of years ago. So that’s really the first M. The second M is monitor, which means get credit reports, look at them, pay particular attention to what you didn’t do as opposed to things that you did. Track your credit scores to make sure they don’t take a sudden precipitous drop sign up for transaction alerts from your institution. So what’s going on in your bank account, your credit card accounts. Look for now, as someone who works in a medical provider’s office, whenever you get a explanation and benefit statement from your health insurer, just take a look to make sure that it was really you or your kids or your husband that was really there as opposed to someone else who took information from the family and used it as a way to get medical treatment or crawl into their medical insurance.
This happens, medical identity theft is a serious problem and it’s growing. Also more sophisticated forms of monitoring that have what’s called the me not me notification, which is not, I’m a bank security guy and the bank is being broken into as opposed to I want to stop the bank from being broken into in the first place. So it notifies you sort of contemporaneously with somebody applying for credit. Dark web monitoring is important. And then the third M, which we talked about was managing the damage, which is many insurance companies, financial institutions as well as HR departments where you work, offer programs to help people with whom they have a relationship get through an identity incident. And sometimes it’s free and sometimes it’s
Beau Friedlander:
Discounted and leave your bank if they don’t give you your money back. For me, that’s the big hoo-ha lesson. But it was great to hear your story today, and I think the reason it helped me personally was to hear how you navigate finance with your kid. It is not easy. There is no easy answer to getting a young person to understand the red light, green light of identity theft. But the pin code story is definitely going to stay with me because that one is a very good example of what not to do.
Adam Levin:
Travis, any summation you’d like to give us here on what we’ve been talking about?
Travis Taylor:
Statistic came out recently saying that millennials and younger are now a bigger target for scams like this than the elderly who previously were the most commonly targeted sector. There are a few reasons for it. In a lot of cases, the elderly people with a grandparent scams and the like did not grow up with technology. So they may have made a few errors here and there might not have been quite as cyber aware, but with the younger generations, so the ones that have grown up with technology and are used to oversharing and are used to just sort of trusting and providing that information out there. So that is right now easily the biggest and easiest target for scammers.
Beau Friedlander:
Yeah. And one thing, the one tip that I have is this, whenever I get a phishing text, a phishing text or any kind of hack that comes my way and I get a lot of them because I respond to them, I like to play with hackers, I show them to my kids. And so now my kids send them to me and they go, look at this stupid fisher who sent me this stupid thing and they know what it looks like. So I think when you do have someone come at you and we all know what these hacks look like, show ’em to your kids, let them get to know what they look like and make it into a game so that they can show you like, oh, I saw one too and oh, aren’t they stupid? And on we go with our life. Having not clicked the link, having not had a problem.
Adam Levin:
Jennifer, we really appreciate you taking time to come and talk to us about this. Again, we call this the shame-free zone because we want people to tell stories because the only way that we learn and other people learn is by sharing the experience and hearing others share the experience. And it’s kind of putting a north star for everyone. So we really, really appreciate it. Thank you very much for joining us.
Jennifer:
Certainly. I appreciate the opportunity guys.
Beau Friedlander:
Thank you Jennifer.
Adam Levin:
What The hack is a loud tree media production in partnership with LARJ media. That’s LARJ Media. You can find What the Hack wherever you get your podcasts. Be sure to follow us on social media and find additional information at adamlevin.com.