The Increase In Business Email Compromise Passed 10 Billion Dollars – Why Not Share Passwords: AS HEARD ON: WTAG: [09-11-18]
Airing date: 09/11/2018
The Increase In Business Email Compromise Passed 10 Billion Dollars – Why Not Share Passwords
Craig Peterson: [00:00:00] Hi, Craig Peterson, here. It’s a bit of a sombre day today, of course. You know, you might put two and two together, here, and realize I’m recording this on 9/11, and I remember this well it was also Tuesday when the hijackers hit. It’s a sad day of remembrance, of all of that, and of course at 8:46 this morning, 8:46:40 is when the first event, along with that long line of events, that morning took place. Where the flight I think it was Flight 11 took off from Boston Logan. So, my heart and thoughts go out to everybody, who lost anyone or knew someone who lost anyone on that day. So, we’ll leave it at that. This morning, Jim Polito, and I talked about a couple of different things I talked more about business email compromise. The statistics, what’s happening, how big this really is. Believe me, it’s really, really big. We’ve got one industry where we’re talking about a one thousand percent increase, in the number of attacks. And the FBI upped their numbers. It’s now over a ten billion dollar industry. The actual money stolen from businesses, so it’s a bad thing. So, we talked about that and we talked very briefly as while about sharing passwords but what are some ramifications, there. So, here we go with Jim Polito on this rather sombre morning. He is our favorite guy.
[00:01:45] He really is, Cause he gets us out of jams all the time and he gets you out of jams too when it comes to this digital age. I’m talking about our tech guru, Craig Peterson who joins us a little early today. Craig, thanks for being flexible. Hey, ditto. All right. So, I want to talk about the e-mail again. E-mail passwords, but I want to start with something quite frightening you’ve let me know about. Business e-mail fraud attacks are up 25 percent. What’s that all about?
[00:02:20] Yeah, isn’t that huge. We’ve known for a while that there are problems here. And the biggest parts of this problem, at least as far as I’m concerned, is that businesses and this is according to the FBI, have now over the last two years lost some 12 billion dollars, because of this. Now, you know there’s a lot of ways to lose money right. You wake up in the morning and you see the stock markets down, its bad, right. You could lose money because of all of bad investments. As a business person, you can lose money because you invest in a new way of doing something, and it just doesn’t work for you. In this case, what we’re talking about is a type of fraud where they get you to do something, and they do it via e-mail. So, here’s what it is you open an e-mail and you see in there that the boss wants to pay a vendor. Well, you know that happens every day, right. You get directives from your boss telling you to do something, right or don’t do something, probably. And so it happens all of the time. In this case what they’re doing is they do a little bit of research on your business, and then send an e-mail into the business. It looks as if the boss and you now take action on that because the boss told you to pay this vendor.
[00:03:51] Well, what we’re finding now, and what businesses have found out, including in most cases, especially smaller businesses is it isn’t the boss and billions of dollars over 10 billion now have been transferred by the employees to the bad guys. And these attacks are up about twenty-five percent, right now. Now there is one industry that’s even worse than that, Jim. You probably can’t guess that it has something to do with you know Leasing something one of the biggest expenditures of money we make. Of course, number one is our house right. Well, number two in the car, the car, the car the fraud in the business of car dealers where they’re going after car dealers. Now, with these e-mail fraud attacks is up over one thousand percent, in the last six months. It’s absolutely huge. Absolutely. It’s crazy here. Now, we’re seeing some industries where it’s up 400 percent in the last quarter. So, this is a huge, huge, huge they’re engineering these e-mails. They’re spoofing e-mail addresses. We get calls from businesses every week, almost every day, now where they’re saying something weird happening with our e-mail. And you know that they’re not sure what up but one has to have a look at it which we do. Right.
[00:05:28] And Danny we lose. All
[00:05:39] Right. You know that.
[00:05:55] Craig. We’ve got Craig, Craig, I don’t know, I don’t know.
[00:05:59] I don’t know, Danny if he can hear me. But, can you make a reconnection with him? Something happened with that connection there. But what Craig’s talking about is business e-mails, protecting businesses from having to protect themselves. But also this fraud that’s going on and protecting yourself and leasing a car and things like that. And again, the car is your second greatest expense, after your house. Well, where are the bad guys gonna to go? The bad guys are going to go, where the money is, and the money is first in going after homes, you know taking out a second mortgage on your home without your knowledge or credit cards, too. So, Craig – is Craig is back with us? I believe, Danny, we got him.
[00:06:56] Down now. OK.
[00:07:00] He’s also going to be talking about your e-mail password sharing your e-mail password. All right, Craig, I’m sorry we lost you there. Toward the end, it started to drop off.
[00:07:14] Sorry, about that. No problem. Now you blame, blame the tech blame the tech, people.
[00:07:21] Yeah, exactly, right. This is a huge deal. We’re talking about e-mails here. You know you’ve got be careful to make sure that your employees, your fellow employees your boss know that the simplest way to avoid this is if you get an e-mail that’s a little suspicious. Like, I don’t recognize that vendor and why should we be paying them? Pick up the phone, call the boss and say, Hey, I just wanted to make sure that this was legit or you know wasn’t legit. And, in that case, FBI warning about this all over the place, we’ve been talking about it on the FBI infragard webinars. It is just rolling, like crazy because it’s working.
[00:08:09] Yeah, they’re making money, I said while we lost you. If they’re making money you know what I mean if there’s money to be had there that’s where the bad guys are going to go.
[00:08:20] Exactly right.
[00:08:22] We’re talking with Craig Peterson, our tech talk guru, at the end of this segment. We are going to give you a number that you can text my name to, standard data and text rates apply. And you’ll get all this information, plus weekly updates. And if there’s ever a crisis, a hack you’ll have the information from Craig and what to do. Craig, don’t share your e-mail password. I think that’s obvious, but apparently, a lot of folks do it.
[00:08:53] Or Yeah you have your passwords on a post-it note stuck on your screen. No, No. Exactly. Well and that’s because, well in your case, it’s something like P A S S W O R D. You follow John Podesta’s lead and make your password, password with a zero. Yeah pretty tricky, Yeah. Yeah, well one in five employees are sharing their passwords with co-workers. So, looking at it is an easy way, if they’re out of the office that co-workers can check their e-mails for them. There are all kinds of liability problems with this. Don’t do it. Don’t share your password. You could be the subject of a criminal investigation if you share your password with another employee and let’s say they leave the company or they’re fired from the company. You don’t remember that you shared your password with them and they now use your account to hack into company computers or to do other things, nefariously. What happens all the time. And, then to top it off if your username and password get stolen from another Website because you and your fellow employee knows it and they use it elsewhere. You could be liable.
[00:10:08] Yeah, yeah. See that’s the part. Like all of you know, it’s because I was careless with it. But, now if anything happens with it it’s going to be my fault. It is your fault.
[00:10:18] And nowadays we’re talking about criminal prosecutions, Jim, yeah. Where they are going after you. So, don’t share your password if you’re in business. And let’s say you have people working in the payables or receivables or whatever, sales. Set up a mail reflector. So, everybody gets that email. Be careful don’t use shared e-mail accounts. There just all kinds of problems that you can’t track down who did what when, and if they do it in sales you also have the problem of salesmen trying to leave the company with your customer list and going to a competitor. So, you know just to make sure that doesn’t happen do not allow employees to share them and make sure you have certain types of reflectors, so that you can shut off their access, as soon as they leave the business.
[00:11:10] Craig Peterson, you heard it there. He’s he’s got it all. He’s got a lot of other stuff to talk about and share with you. And you can get it all for free, no obligation. He’s not going to pester you, he’s not going to sell your cell phone number so what you do is text my name to this number.
[00:11:28] 8 5 5 3 8 5 5 5 53 that’s eight five five three eight five fifty five fifty three.
[00:11:37] That’s right. Standard data and text rates apply. You’ll get this information and more, from our friend Craig Peterson you will also receive updates or alerts when something big is going on and he’ll give you instructions on what you need to do to protect yourself. And, Craig I appreciate you coming in a little bit early for us. We appreciate the time and we can’t wait to talk to you next week.
[00:12:04] Thank you. Take care. Craig Peterson. everybody. Oh by the way.
[00:12:10] After a while we.