Ashland Business Association Offers Cyber Security Zoom PresentationFeb 25, 2021 06:00AM ● By Pamela Johnson
written by Marjorie Turner Hollman, Contributing Writer
In late January, the Ashland Business Association (ABA), with Gary Rossi, vice-president of Fidelity Global Security, offered a free and open-to-the-public Zoom session on cyber security. Rossi worked for over 30 years in the private sector and law enforcement and has deep experience in investigations, cyber security, risk mitigation, and strategic planning.
Rossi’s most basic advice? “Make yourself a difficult target.” He explained, “Once you become a victim, your problems multiply. Your identity will get resold.” Rossi recalled some sage advice that his own father had given him when he was young. “My dad told me, ‘You can’t outrun a bear, so don’t make yourself a target.’” Rossi followed up this basic rule with some added advice: “Don’t use the strategy of hope; that is, ‘I hope it doesn’t happen to me.’”
Some of your most important information that cyber criminals target is your log-in information. “These are organized and sophisticated organizations,” he explained. Rossi worked undercover while with the FBI to discover these organizations. “These are not new threats—these are economic criminals. They advertise! Their motto is ‘In fraud we trust.’”
A surprising piece of information that Rossi shared was that these cyber criminals are not particularly interested in your credit cards—you can usually get that money refunded. Rossi’s strongest warnings were for how we protect (or do not protect) our bank accounts and investment funds. He explained, “The goal is to transfer wealth into their own accounts, then send the money overseas.”
In stark terms he spelled out the methods used to access our accounts. “There are traps all over the internet,” he warned. “They may use fake website emails, text messages that look like legitimate Zoom event web links, emails that appear to be from friends. Today, beware of COVID-related websites asking for donations. These criminals take advantage of crises and set up fake websites to grab personal information and steal money out of your accounts.”
An important step that each of us can take to provide basic protection for our accounts is to use 2-factor identification to allow access to our accounts. As important as keeping your passwords safe (and no, do not use “password” or “1,2,3,4” as your password, please!) is to require taking a second step beyond entering your password, typically requiring that a text message be sent to you, prompted by entering your password, before permitting access to your financial accounts.
Rossi noted that only 1-2% of our population uses 2-factor identification on their accounts, so for cyber criminals, it’s a numbers game. “If you make it difficult, they move on,” he noted. “Enabling 2-factor ID will stop a lot of this theft.”
Another simple step Rossi suggested is to freeze your credit with all three credit companies (Transunion, Experian and Equifax). There is no cost to do this, and it reduces the chance of someone’s opening new accounts in your name. You may have to delay completion of a new loan by a few days while you temporarily unfreeze your account.
Rossi also suggested having a separate device, a tablet or laptop, dedicated solely for your financial transactions and accounts. He urged his audience to never surf the web using this dedicated device, and to never access email with the device either. In addition, he urged practicing cyber hygiene. Keep your anti-virus software up to date, and use strong passwords.
Rossi was asked about how to be sure a device is wiped clean if you want to use it for dedicated financial transactions. He spelled out several steps. First, back up any data on the device, then scan for malware, and erase to factory settings. He warned that criminals also have anti-virus software, and they use it to test out their newest malware, so even the best anti-virus software may not pick up newer viruses. His alternative suggestion was to purchase a new, unused device and never use it for any other tasks than for your financial transactions.
In this age of social media, he added a stern warning against sharing information in real time on your social media, and to make sure everyone in your family is on the same page on this. He pointed out that posting photos while you are on vacation in a lovely place is an invitation to “robme.com.”
He addressed additional concerns about cyber criminals targeting elders, especially those who may be experiencing cognitive declines. He urged being careful when bringing household help into the house, including running a CORI check before hiring help. “Use extra vigilance monitoring accounts, especially after the loss of a spouse. Have a trusted party monitor accounts,” Rossi urged, then shared a quick story of someone at one of his presentations going out to call his father at a break, and learning that his father’s account had been compromised and criminals had already begun removing funds from his account. They were able to put a freeze on the account before the person’s father suffered substantial losses.
And those robo calls we all hate? “Their goal is to extract personal information they can later use to defraud you. They may invite you to click on a document, send you a link, all of which is intended to obtain your passwords.”
Rossi noted that he uses a credit monitoring service, and rather than recommend a specific company, he suggested Googling company names and checking for their history of regulatory fines. “Some companies have been fined large amounts—this is not a good sign!”
On balance, after all his dire warnings, Rossi offered this sound advice: ‘Live your life, and enjoy—and use your security settings.”
For more information about cyber security, ABA member Paul Netopski of Critical Prism Defense ([email protected]) is able to answer your security concerns. For information about future ABA zoom programs, contact ABA president Wendy Pyne, [email protected].