I was talking to a family member about someone who had recently fallen victim to one of those tech support scams and lost $15,000. It seemed like Geek Squad was calling and she’d purchased a printer from Best Buy so she was pleased their IT team was following up. Whether it was a breach on Best Buy’s part that showed her purchase (which is what she believes now), or just scammers posing as Geek Squad and hoping that 1 out of 25,000 persons had recently bought something from Best Buy and would answer…I don’t have the answer because I didn’t get to investigate. The worst part was that to ‘help her’ get everything installed and set up for remote support, she gave them access to her computer. So in addition to the 15k, she gave lots of fuel for future scams…basically every document she’d ever written, backups of emails from her old company, financial documents for the past 20 years, photos, etc. She’s now a major target with a whole lot of data in someone’s databases.
My family member and said “I don’t have anything to steal, LOL!”
My response? “How would it impact you to lose $500 this month?”
Their response “I guess I would have to choose between paying utilities or the rent, that’s how close we are to the financial edge.”
This blog post isn’t about the state of the economy, so, moving right along…
I suggested we check some of their security settings for various accounts and just talk this through.
As a single mom for 20 years, with no child support and little resources, I can definitely relate. Unexpected expenses were stressful enough, but to lose money to a scammer would just make me extra anxious and angry. When we don’t have much to start with, losing money can be devastating.
Here’s a just a few of the to-do’s I give to new clients and students. I’m hoping you will find it useful:
- Start a list on paper of account websites, usernames, passwords and authentication notes. Keep this in a safe place. We’ll talk about password managers another time.
- Prioritize these for now:
- financial accounts
- official government and sites they use for authentication (think SSA and ID.me)
- main email account used for the accounts above
- Log in to each one, then do the following for each account:
- Change password.
- Update and confirm that your contact info is correct.
- Check security settings for each account. On some accounts it will tell you where you last logged in and what device you were using. If you see something alarming, contact support.
- Add multifactor authentication, also known as 2-step verification to every account that you can. Some banks don’t have this option. Make notes on your handy little notepad. Include the date you made the change.
These are just the beginning steps, but you’d be surprised how many people haven’t taken these steps. We need this as a foundation, and we’ll build out your security plan from there.
We’ll go over more in future posts and in the CyberMarm Classroom, but for today, how about getting that done?
Cyber Marm 