Welcome!
Good morning, everybody. I was on with Mr. Jim Polito this morning and we discussed a one-second mistake that can cost millions – Business Email Compromise. So, here we go with Mr. Polito.
For more tech tips, news, and updates visit – CraigPeterson.com
—
Automated Machine Generated Transcript:
Craig
Millions transferred electronically. I have a copy of the email in front of me right now I’m looking at it. It seems like it’s from a German company. Supposedly, it’s for some renovations in the building. It is what scammers do. They look at you, and they look at your business, they looked at what would be a kind of typical ask for your business. In this case, that’s what they did. They knew Barbara, and they found out who her executive assistant is and what the executive assistant email address is, who bookkeeper is, and the bookkeeper’s email addresses.
Craig
Good morning, everybody. It is something that really could happen.
It happened to Barbara, and I don’t want to happen to you. So listen in as we go through some details. I hope again that this is going to help you from becoming a victim.
Jim
Here he is. He is our tech talk guru, and he is our good friend, and it’s great to have him on our side. I’m talking about Craig Peterson. Good morning, sir.
Craig
Good morning, Mr. James.
Jim
How are you, buddy?
Craig
I’m doing great. I’m excited. Today’s Super Tuesday. Maybe Finally we can finalize of this stuff today. Well, I don’t know.
Jim
I think we’re heading into a brokered convention. But we’ll see. We’ll see. But I wanted to start with you today with something exciting. My wife is a big fan of Shark Tank. I understand that one of the sharks got tanked out of $400,000 and didn’t have any equity in that $400,000
Craig
Oh man, I wonder what trades you made. Yeah. It is an example of what, Jim, you and I have talked about for how long now? It is the whole concept of business email compromise.
Jim
Yeah, you have said, it happens to the smaller businesses too. That is the weak point, the weak link in the chain, and they are more susceptible to the hacks.
Craig
They are. There tends to be less training for the employees. One of the most significant risks you have, and I’ve seen people who’ve analyzed this who stay maybe 80% of a company’s risk. One of the most significant risks out there is our employees. It’s our not typically lower-paid, but not necessarily, who will click on stuff. Now this story about Barbara is interesting. Barbara Corcoran is one of these investors over there on Shark Tank. She’s a big-time real estate investor. That’s what she’s been doing forever. That’s how she made her money. It’s interesting to read through what happened, and this one, Jim, it did have a happy ending. We typically don’t see this at all. There was an invoice that forwarded to her bookkeeper that supposedly came from her executive assistant. Now, there was one minor difference here. Maybe the bookkeeper should have noticed. There was one character different in the email address that sent it.
Jim
So, a difference you’ve taught us about this before?
Craig
Yeah, exactly. The scammer posing as her executive assistant, forwarded this fake invoice earlier last week, requesting that a payment of $388,700 and 11 cents be transferred electronically. I have a copy of the email in front of me right now I’m looking at it. It seems like it’s from a German company. Supposedly, it’s for some renovations in the building. It is what scammers do. They look at you, and they look at your business, they looked at what would be a kind of typical ask for your business. In this case, that’s what they did. They knew Barbara, and they found out who her executive assistant is and what the executive assistant email address is, who bookkeeper is, and the bookkeeper’s email addresses. Now, you know, Jim, it’s pretty easy to find most of this stuff out. It was interesting to me that I sat down with the FBI because we had pulled them in on an investigation where we found that some criminal activities going on against a small local company. They have eight employees. I sat down with the FBI. The first thing the FBI did when I did the report was they went to my website, my business website. They just tried to find out the lay of the land? Who are the people that work there? Who are the executives who are the accountants? You know, they were impressed because I didn’t have any of it on my website. If you go to @mainstream.net, you’ll see that under who works here, who are executives are it says due to security concerns, we don’t post any of it. Yeah, exactly. But you know, what people do, right? Look at your website, or Facebook,
Jim
All that information is right there.
Craig
Now, what do we give out? Then when talking about Facebook, but you and I mentioned our wives on our Facebook page. Yeah, you and I know, well, I think both of us know not to say, Hey, I’m going to Italy. I’m going to Ireland. Next week, although obviously in your case, yeah, you’re tied in with the business. Yeah. Typically, we don’t mention anything like that until after the fact, so right here, that means we are relatively safe. In this case, what happened is they invested what probably amounted to 10 or 20 hours doing some research. It was thought that they’re probably from Eastern Europe will tell you what happened here specifically.
Jim
Big surprise, Eastern Europe. What a big surprise.
Craig
Yeah, exactly. And 400 grand How long will that last? You know, if you’re in a country where the average person makes five grand a year, do a little mental math on that. That’s going to last you and your family for a long time. For what? Divide that 400,000 by 20 hours, how much an hour? That’s a nice payday. It is. Barbara said, Hey, listen, when talking to experts, I’m not counting on getting me this money back. She had an excellent attitude about this whole thing because, indeed, her accountant did wire it. How they found out about this was that when the accountant wired the money, the accountant CC’ed the executive assistant, and using the correct address. Okay, so initially, the bookkeeper just replied to the email from the scammers thinking it was the legitimate executive assistant, and she wires the money. After wiring the money, she copies the real address of executive assistant who says wait a minute, hold-on now, let’s stop this. People, when this happens, you don’t get your money back. The FBI says it’s 90 seconds. It’s 90 seconds from the time that they get that wired money that it is out of the country. And pretty much gone.
Jim
90 seconds. It just reminds me of like, what was that movie?
Craig
Gone 90 seconds. Yeah. Like, boom, there it is. You can watch it go by on the computer screen.
Jim
That’s it. I like to think that Steve McQueen’s version was better than the remake of Nicolas Cage. Yeah.
Craig
Yeah, exactly. So here’s the good news and the weird news, it never happened. They were able to contact the bank that the bookkeeper had wired the money to, and they responded quickly, right? So the German bank was able to freeze the funds in the account. Before the scammer knew it was in the account and transferred it out. Here’s where it was going. In this case, it was going to China.
Jim
Oh, so it wasn’t our friends in Eastern Europe.
Craig
It wasn’t in this case, and it is not common, it was China. It makes you kind of wonder who in China? Much of the criminal activity in China is, of course, sponsored by their socialist government. So here’s the bottom line. One hundred fourteen thousand people reported being a victim of this type of scam last year. We’re talking 10s of millions of dollars in losses. According to the FBI’s internet crime report. It is huge. It is a common way hackers are going after you. If it is in China or Eastern Europe, do you know who the next most person probably knows?
Jim
Right, it’s your roommate. It’s someone you know, who’s going to hack. Yeah, right, right. Yeah, we’re talking with Craig Peterson, Tech Talk guru, and at the end will tell you how you can get more information from him. Craig, you know what, before we run out of time, I want to talk about this because it caught my fancy here, this VHS vault? Pretty, pretty good idea. Why don’t you explain it to everyone?
Craig
Yeah, there’s a web service out there that, when started, was called the Wayback Machine. Now it’s called archive.org. It is the coolest thing ever. I go on there, and I looked at old versions of my website. One time, I lost my website, and the Wayback Machine had a copy of it. It clones all of the websites, and you can go back to your favorite website and look at it as it evolved over now decades. And they got this cool new thing that you just mentioned, which is what’s called the VHS vault. And if you go org, you’ll see they have several different types of vaults there are. I use this one all the time where there are these ink drawings. Yeah, the 1800s of patent pictures and other things, and they’ve got them all there. But the VHS vault as of right now has 20,701 videos in there. And these are old VHS tapes from the years gone by some of them back, not the tapes, but the content in 1922. And wow, you can watch it in its original brilliant 480 lines if you’re lucky, worth of resolution right. None of it is the stuff that you can generally find out there. It is such a cool flashback right near the top. The Beatles Let it be, and the original 35 millimeter was you know, put up there, and They’re in their collection. It’s called the VHS vault. You’ll find it and all this other cool stuff at archive.org
Jim
Sounds pretty cool. All right, Craig, they can find more. And when I mean they I mean our audience, if they text My name to this number
Craig
855-385-5553. Text Jim to 855-385-5553
Jim
Standard data and text rates apply, Craig Peterson will provide you with updates. There’s no charge for this. He won’t try to sell you anything, and he won’t hack you, Craig, thanks so much.
We look forward to talking with you next week.
Unknown Speaker 12:41
Take care, Jim. Bye-bye. All right, a final word about Hillary Clinton. When we return, you’re listening to the Jim Polito show, your safe space.
Transcribed by https://otter.ai
—
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553
