Allure Security Navigation Logo

Thanksgiving Table Talk

Thanksgiving is right around the corner this year, and the festivities are (Hopefully) looking to return to relative normalcy. But how can Thanksgiving conversations be “normal” after the year we’ve had? Between all the controversy, the polarization of opinions, and the “I’m right and you’re a fool” attitude an embarrassing amount of our country has seemingly adopted, Thanksgiving this year will certainly be one for the books. 

Some of us enjoy the chaotic debate that devolves from thanksgiving dinner with rarely seen relatives. However, for those of us who prefer to keep things tame, Allure Security has prepared some discussion ideas for you and your employees. The topic? Something we can all agree on – Cybersecurity!

Don’t be a turkey and answer suspicious emails or texts

Banks are not going to send text messages to “check the security” of an account. (or anything of the sort) The IRS isn’t going to send threatening emails. If it seems like extortion, it likely is. If you or your employees are worried that the entity reaching out to you is not legitimate, call the company or government agency being impersonated directly and resolve the situation that way. 

Banks will rarely call you – if they do, it is always a real person!

Spam phone calls are quickly getting out of hand these days. There are some days where I receive almost half a dozen calls! Almost always, it is a robotic voice reading from a poorly written script about credit card debt or bank troubles. A real bank will never do this. They will always have a real person behind the phone and will open with a professional introduction, letting you know who you’re speaking to and why. To test whether it is a scam, ask for their name and number, and call them right back AFTER checking the number online to see if it is the bank’s number.

Don’t be afraid to lie

If you or your employees do happen to find yourselves on a bank website asking for a social security number, bank pin, or other extremely important information that has already been given to them – LIE! There is a 99% chance that if they’re asking for these things, they’re fraudsters impersonating the bank. On the off chance that they’re real, the bank already has the information and can double-check once they see you’d deluded them. 

If you get a call from a phone number remarkably similar to your own, ignore it!

These calls are designed to get people to pick up the phone. Once you engage with them, your phone number is listed as one of higher value (since you answer the phone) and they are able to sell it to more people – resulting in you getting more calls. 

When answering the phone to a random number, let them speak first and do NOT say “yes” 

Robocalls are dangerous. This is because of Vishing – when somebody takes a sound byte of voice and re-purposes it. Spam callers will call, wait for you or your employees to speak, and take the byte and add it to a database. They do this every other day for a couple of months. With the help of AI, they can now synthesize full sentences from the sounds they’ve recorded and use it to “give permission” to retrieve/change things like financial or company information. If you or your employees are silent and wait for the other person to speak first, these calls hang up after about 2 seconds. 

Unprompted SMS text links are almost always malicious

An increasingly popular method of attack is SMS texts. These often appear as random number sequences without the hyphens or character count of a phone number and contain click-bait Esque blurbs with a link to a website. Never click these links. It is a best practice to not even open the text message and immediately block the number altogether. 

Check to see if your passwords have been in data leaks

This step sounds a lot easier said than done but in reality, it’s quite simple. Compared to 2019 and before, data breaches have increased at an alarming rate. From Microsoft to Verizon to Robinhood, the likelihood of your passwords remaining untouched is quite low. Luckily, Apple and Google have features with their saved password technology that informs you which accounts have been compromised. This makes the process of cleaning up our online presence significantly easier. 

Don’t go cold turkey on cybersecurity this year!

It’s no secret that historically, cybersecurity has been everybody’s favorite afterthought. However, within the past couple of years, data leaks putting hundreds of millions of phone numbers into online databases of the world have brought spam to the forefront of everybody’s mind. And with the drastic increase in spam in all forms, a discussion about cybersecurity is sure to hit home with just about anybody in the room. Do your family a favor and spare the intense political debate this year. And who knows – you might just agree about something. 

Post Date
Author