Easy Prey

I've been telling people for years that they need to implement two-factor authentication wherever possible. Now that you've done that, imagine the havoc that would happen if those security codes were sent to somebody else enabling them to access your email, social media accounts, and worse your bank accounts. It is called SIM swapping, porting out, and SIM jacking. Today's guest is Haseeb Awan. Haseeb is CEO of Efani, American's most secure and private cell phone service. He is an expert at protecting high profile individual cell phone numbers. Haseeb was also co-founder of the first bitcoin ATM company. Haseeb shares his many experiences with working with SIM swapping. We talk about how we are all at risk and the precautions we can take to avoid becoming a victim of SIM swapping. Show Notes: [01:26] - SIM swap, SIM port, SIM hack, and telephone takeover are all the same. SIM swapping is when a criminal takes over your telephone. [02:05] - The criminal takes control of your social media accounts or email accounts and then drains your bank account. [04:06] - If a person gets your account number, pin number, and telephone number and then the criminal can transfer your phone number. [05:36] - Often they go online and buy a new SIM card and trick someone to transfer the number to them. [06:51] - Social engineering is as simple as pretending to be someone you are not to gain information maliciously or for fun. [08:05] - Telephone companies have the ability to sell, monetize, and track your data. [10:47] - If I haven't done anything wrong then why do I need privacy? [11:49] - The people that are criminals are working 24/7 to destroy you. [13:31] - The average customer is more at risk because they don't take as many precautions. [14:41] - Make sure your cell phone carrier supports a pin code at a minimum. [16:30] - Whatever setting you have the criminal can override. [19:42] - The port lock might help keep your number from being taken to a different carrier, but if they go to your carrier's store it doesn't help at all. [19:58] - These criminals only need a few hours to have complete access to everything. [20:36] - Often they attack when you are most vulnerable like after 9 PM in the evening. [21:16] - You should always use an app-based or hardware key vs. SMS two-factor identification. [23:32] - Keep it simple and have a password on your phone and then use the Google authenticator app. [24:52] - We often get attacked because we are lazy and put security off until tomorrow. [26:22] - Efani focuses on pricing and security. [27:18] - Most of their customers are people who don't want their information sold on the internet and want that extra layer of security. [28:15] - Doctors are the number one victims of SIM swapping attacks. [29:40] - Seniors are at a significantly higher risk. [31:19] - It is really easy to forge caller id, so never assume it is a real call. [32:25] - Within 90 days you will see a 90% reduction in spam calls with Efani. [33:27] - When you have a cell phone plan try not to be on a family plan. [33:47] - The two most important numbers in your life are your social security number and your cell phone number and you have way more linked to your cell phone number. [34:14] - He suggests getting two telephone numbers. Use one for all authentications and don't give that number out to anyone. [34:42] - Keep your cell phone software up to date and don't let children play on your phone. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Efani Haseeb on LinkedIn

Just because someone isn't trying to scam you out of your hard-earned money doesn't mean that they don't see you as a pawn, stepping stone, or a means to an end. Find out how to protect yourself from a narcissist. Our guest today is Dr. Ramani Durvasula. Dr. Ramani Durvasula is one of the world-leading experts on narcissism. She is a clinical psychologist, professor, best selling author, and speaker. She is on a mission to demystify and dismantle the toxic influence of narcissism on all of our lives. Dr. Ramani shares her many experiences with working with narcissists. We talk about warning signs and risks for being in a relationship or working for a narcissist. We also talk about how to protect yourself if you are in a relationship or working with a narcissist. Show Notes: [00:48] - Dr. Ramani shares how she got involved in psychology. [02:55] - The fall out for the people that stay in relationships with narcissists with chronic invalidating was shredding. [04:46] - Narcissism is a pattern of a person who lacks empathy, is deeply entitled, arrogant, superficial, and constantly needs validation. They fall apart under criticism or feedback. They get very vindictive or rageful and feel like victims a lot. There is a core self-esteem issue. [05:34] - The chilling difference between narcissists and psychopaths is that narcissists do feel remorse. Psychopaths have very little if any remorse. [07:03] - Psychopaths are much like some narcissists. They can be charming, intelligent, clever, charismatic, and very confident. [08:17] - Sociopaths know the rules, but they still break them. They tend to be more combative and agitated. [09:03] - Narcissists are insecure and do feel anxiety and remorse. The psychopath doesn't feel any of those things. They are much calmer and calculated. [10:12] - Narcissists give more warning signs because they are so sensitive to criticism of any kind. Psychopaths will lie and they are the ultimate con man. [11:05] - Narcissists have huge advantages. They make more money and are more likely to end up in leadership positions. [12:28] - Narcissists are motivated to get validation. [14:48] - Narcissists win the most with social media because they love attention. [16:44] - Narcissists are incredibly hypocritical. [18:04] - Being in a relationship or working with a narcissist is very bad for your health. The risks include feeling chronically confused, feeling self-doubt, anxiety, depression, not sleeping, and more. [18:45] - These people stay in these relationships because they don't understand that narcissism doesn't change. [20:10] - Trauma, neglect, abuse, lack of consistency, and safety can lead to adult narcissism. The other pathway is a person that is over or under indulge. [22:02] - At the surface level, narcissists are very engaging, charming, and confident. People are drawn to them. They also have a dismissiveness. [23:14] - Narcissists are very entitled and believe that the rules don't apply to them. [24:40] - The key is having radical acceptance that they are not going to change and they are a jerk. Once you have radical acceptance you don't personalize it. [25:41] - Don't try to fix it and don't believe their false promises. [27:10] - Don't engage! There is nothing you can say to them without them getting angry. [30:02] - Their ego is so threatened that they have to destroy everything in their way. [31:01] - With a narcissist, a big part is figuring out what they need to have to feel like they have won. They want to hurt you, make you feel as bad as they do, and win. [33:55] - At a population level, there are more male narcissists than female narcissists. There are still a lot of narcissistic women out there. [36:22] - The expression of narcissism can look a little bit different based on gender. [37:49] - The vast majority of scammers are psychopaths or narcissists. [39:38] - These scammers play on people's vulnerabilities, aspirations, and hope and show no empathy. [41:54] - The best predictor of future behavior is past behavior. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Dr. Ramani's Website Should I Stay or Should I Go Don't You Know Who I Am Dr. Ramani on YouTube Dr. Ramani on Instagram

We've all had that random fraudulent charge show up on our credit card and we wonder how did that happen. Do I need to cancel my credit card? Do I need to get a new one? Today we talk about credit card skimming with Scott Schober. Scott Schober is the president and CEO of Berkeley Varitronics Systems, a 48-year-old leading provider of advanced world-class wireless test and cybersecurity solutions. Scott is a highly sought after author and expert for live security events, media appearances, and commentary on ransomware, wireless threats, drone surveillance hacking, and cybersecurity for consumers and small businesses. He is the author of Hacked Again and Cybersecurity is Everybody's Business. Scott shares his many experiences about personally being hacked and finally getting the money back. We talk about what you need to know, how to protect yourself, and more. Show Notes: [01:02] - Scott shares how he got involved in cybersecurity. [02:01] - Cybercriminals want to silence you. They don't want you to share tips or expertise on how to keep companies secure or even individuals. These attacks lead to the creation of his first book, Hacked Again. [03:02] - In that process, he learned that there were some fundamental things that they were doing wrong. So he had to relearn and reimplement best practices for the company and himself. [03:34] - We should create more secure passwords and not use them across multiple sites. [06:14] - Anonymity is extremely powerful in the criminal empire. Criminal gangs often get educated to conduct criminal activity. [08:42] - We can now use technology to fight back. [10:29] - The challenge is to get the skimmers out before it even happens. [12:02] - Follow the money and it usually tells you why things are done or not done. [14:12] - Scott uses Apple Pay and Google Wallet when possible. [15:22] - When you're at a gas station use cash if you are afraid of a skimmer. Use common sense. If things look like they have been tampered with, use caution. [17:17] - The part of the iceberg sticking out of the water is the surface web that we use for searches and purchases. Below is tons of information that don't make a lot of sense to us working at the surface web. [19:38] - If you see a small transaction on your credit card ($0.50/$1) it could likely be that it is on the dark web and has been posted to be tested. [21:37] - It is hard for law enforcement because this is an attractive way to make money. [22:50] - Don't be complacent. Start out by doing best practices across the board in your personal life and business. [23:12] - The best thing to do is to add layers of security like multi-factor or two-step authentication. [24:29] - Scott doesn't share his actual birthday on social media, because that is one of the critical pieces of information if someone tries to compromise your identity. [26:07] - When setting up security questions put a password instead of the actual answer that can be researched about you. [27:42] - They discuss the pros and cons of freezing your credit. [29:25] - The process and investigation when Scott lost $65,000 took months, but he did finally did get the money back. [31:28] - Cybercriminals create fictitious accounts, steal money from multiple people in a bank, and quickly close them out. [33:32] - You can do things to prevent it from happening to you. [35:49] - You can't be too trusting to anyone. Don't use their means of communication to verify. [37:49] - Take a few minutes to question everything. Use caution. [40:07] - Many of these scams look very convincing. [42:50] - Your better to spend the time and effort upfront securing things then pay for it later. [44:04] - A small business owner can do small practical things to protect themselves. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Berkeley Varitronics Systems Scott's Website Hacked Again Cybersecurity is Everybody's Business

Many of us have seen James Veitch's comedic YouTube videos of him interacting with email scammers. Today's guest shares how he helps real-world victims of those scams and he has participated in taking down criminal enterprises. Wayne May is the owner of scamsurvivors.com. He began as a scam baiter in 2005 before concentrating and helping the victims of scams. Scam Survivors was created in 2012 by Wayne along with a small group of like-minded volunteers. He has appeared in the media worldwide as well as being a guest speaker at the IDate conferences discussing romance scams. Wayne shares his many experiences working with email scams, sextortion, and romance scams. We also discuss specific things you can look for when receiving a spammy email and how to research and check it out for yourself. Awareness and education are the keys to helping more people. Show Notes: [01:01] - He created the Scam Survivors website fifteen years ago when he was looking for something fun to do. [01:52] - He started as a scam baiter and fell into working with romance scammers. People would write to him and ask for his help. [02:41] - He went from having fun with scammers to really helping the people who were being scammed or thought they were being scammed. [03:57] - When receiving a scammy email a scam baiter would write back and ask for more details instead of deleting the email. Then you can post the information online to warn other people. [05:41] - It is important to get the scammer information out there so the public can find it. [07:21] - Wayne isn't seeing a lot of new scams. Instead, he is seeing variations of old scams. [08:07] - The first step in getting the site taken down is to get as much information as you can from the scammer. He then sends all the information to the hosting company in the hope that they will take down the site. [10:41] - Wayne shares about the horrible sextortion situations he has seen. [13:39] - Wayne shares other experiences dealing with minors. [13:58] - You don't give scammers money. [16:57] - He hopes that they have so much success that all the scammers stop. In reality, they hope to get more people involved and educate more people. [17:45] - Wayne's site has a forum where you can share spam emails and they will check them out for you. [19:08] - They try to get as much information as possible because then they can do more about it. You need their email address, not just their name. [20:19] - The emails are often repeated because they are scripts. [20:52] - People can do the same checks and searches they do at home. [22:02] - One telltale sign is inconsistency in language or grammar. [23:01] - As soon as anyone asks for money you know it is a scam. [25:17] - He does not use cash baiting because you are not getting the scammers money you are actually getting some other victim's money. [26:38] - Wayne has a book called The Stupid Scammer Files where he shares the stupid things that scammers say. [27:31] - Wayne shares some examples of stupid things scammers have said. [30:15] - If you get these emails, come to their website and post them to help other people that don't realize it is a scam. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Scam Survivors Wayne on LinkedIn The Stupid Scammer Files Stupid Scammers Website

Accounting doesn't sound like a sexy career choice. How about forensic accounting and getting to work with the FBI and Secret Service? Now that's getting interesting. White-collar crime is typically committed by business or government professionals that engage in fraud, insider trader, embezzlement, or cybercrime. It can destroy companies, individuals, and families. What happens when a murder occurs during these cases? Richard Brody is a professor and chair of the accounting department at the Anderson School of Management at the University of New Mexico. He is a certified fraud examiner, certified public accountant, and a forensic certified public accountant. He serves as an expert witness and has experience in both civil and criminal cases. He has worked with the U.S. Secret Service, the U.S. Department of Justice, and the New Mexico Attorney General's office. Rich shares many experiences working in white-collar and red-collar crime. We also discuss ways to help you be more knowledgeable because education is the only solution. Show Notes: [01:14] - Rich shares the background on how he got started in white-collar crime. [03:14] - He is very proud that he has been able to go out and speak to so many people about white-collar crime. [03:57] - Trust no one until you can verify. Use the same standard for interacting online as you do in person. [05:02] - White-collar crime includes occupational fraud, embezzlement, and more on the business side and scam artist, identity theft, and romance fraud on the individual side. [05:59] - It's not a small number of people that are doing this and it is a huge number of people that have been victimized. [06:11] - It is highly profitable and fairly low risk. [09:07] - Most people proceed by accepting it as an expensive lesson. [10:12] - Filing a police report is an easy thing for a business to do. [10:31] - In the area of identity theft, filing a police report will then give you the ability to get free services from the credit reporting agencies. [12:10] - One of Rich's goals is educating people. It is all about prevention. [13:38] - Without trust, you don't have fraud. [14:37] - White-collar crime is something that is considered to be a violation of trust, but it doesn't involve any violence. [16:19] - A red-collar criminal is a person who commits a violent and brutal act on a person when they expect that this person can expose their criminal behavior. [19:01] - There are many cases where you have the sudden death of a crucial witness in a case. Just because it seems like a suicide, it might not be. [19:56] - Sometimes the violent act can actually be against yourself. [20:48] - Anytime you have a white-collar crime, the person who is involved in that crime is a potential suicide candidate based on the embarrassment. [22:41] - Now scammers are going on social media, collecting personal information, and using that to convince them the scam is a legitimate situation. [23:21] - What is even scarier about the red-collar area is that the victim doesn't have to be someone who profited from the situation or is involved in any way. [24:53] - There is a misconception that white-collar criminals are not like violent criminals. [26:13] - Anybody can become a victim of white-collar crime. [26:28] - In the original case that motivated the term itself, the victim knew that something was going on. [27:43] - Many red-collar criminals are psychopaths. [28:06] - The fraud triangle has the three common elements of fraud. [30:01] - Red-collar criminals view killing someone as just as viable as a solution as any other solution. [30:51] - We have to deal with the white-collar aspect to prevent the red-collar aspect. [33:15] - Rich views this as a service to try to educate people. Education is the only solution to these problems. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Rich on LinkedIn Rich - Fraud Triangle

Have you ever wondered what strange things a digital forensic investigator has to dig through? Listen to this episode to find out. Our guest for this episode is Jake Moore. Jake Moore is a cybersecurity specialist for ESET, Europe's number one internet security and anti-virus company. Jake previously worked in the police force for 14 years investigating cybercrime in the Digital Forensics Unit and Cyber Crime Team in Dorset. In 2016, he was asked to implement cybersecurity advisers in order to make local communities more aware of ever-increasing cybersecurity threats. Jake shares many experiences working in digital forensics and cybersecurity. We also discuss simple things you can do to keep cybercriminals away and social media accounts safe. Show Notes: [01:05] - Jake shares the background on how he got started in cybersecurity. [03:20] - Without an understanding of cybercrime and what they are doing there is a huge chance that these companies are going to end up losing millions of dollars down the line. [03:57] - When Chris was in college he was very interested in crime scene investigation and he did a ride-along with a crime scene investigator. [06:13] - Jake shares a story about a time he received a laptop as part of a murder investigation. [08:37] - In the UK, they have a system for reporting all cybercrimes called Action Fraud. [09:53] - Cybercrime and fraud are making up over 50% of crime in the UK. [11:03] - Prevention is the best cure. [12:31] - Use a password manager. 90% of people are using two or three passwords for everything. [13:29] - Jake also suggests turning on two factor or multifactor identification. Every social media and email account offers it. [15:14] - If it hasn't happened to them or their nearest and dearest then people think cybersecurity won't happen to them. [17:22] - Sometimes in scamming emails they include an old password that they acquired from a data breach. [18:39] - Jake likes to make people aware that you can phish people's information. [21:04] - Even people with awareness tend to forget about things as soon as something amazing comes along. [23:24] - Cybercriminals are very crafty and they are doing their homework. [24:34] - They often feed their victims' egos just enough to get them to bite. [25:24] - Cybercriminals use urgency as one of the key factors. [26:06] - The use of authority is another key factor. [28:14] - Always backup your data. This is a good practice for everyone and can be beneficial in many different circumstances. [30:31] - It is important to have a local back-up and a cloud back-up. [32:01] - Chris has two back-up cloud services and a rotating clone of his hard drive. [34:15] - Chris shares a back-up story about a company that he worked for. [35:19] - Some people learn the hard way and sometimes that is what it takes. [36:46] - It is important to have a place to store your photos and just use your phone for recent photos. [37:21] - If Jake's 73-year-old mum can do it then anyone can. [39:12] - Sometimes providing more information can almost backfire and trip people up. [39:44] - Awareness and education have to go hand and hand. [40:36] - The number one rule is never to click on any link in an email. [41:02] - Jake's best advice is to do one of the things they talked about today in the podcast. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Jake's Website Jake on Twitter

I have always been curious as to why so many people fall for scams. What are some of the consistent elements that scammers use to hook us? In this episode, we find out. We talk about the different psychological tactics scammers use to successfully scam their victims. Our guest for this episode is Dr. Stacey Wood. Dr. Wood is a clinical neuropsychologist and full Professor of Psychology at Scripps College in Claremont, California. She is an expert on a number of issues related to neuropsychology including aging, decision making, and capacity issues. Dr. Wood also works on the frontline with fraud victims as a consulting neuropsychologist with Adult Protective Services on cases in Riverside and San Bernardino, California. Dr. Wood shares her experiences working with scam victims including the psychological tactics she sees scammers using the most. We also discuss red flags and practical tips for helping and talking with parents and grandparents. Show Notes: [01:01] - Dr. Wood shares how she got into the psychology aspect of scams and frauds. She has worked with older adults most of her career, and she loves that. [03:43] - When you are interviewing scam victims you start to understand the complexity of these scams. [04:05] - Dr. Wood goes on calls to interview scam victims and she works with the Elder Abuse Forensic team. [05:59] - Scammers use very complex psychological tactics. [07:48] - There are certain risk factors among older people that are more common. [07:58] - A loss in the past year greatly increases the chance of fraud. [08:07] - Cognitive impairment is a huge risk factor in older adults. [08:54] - Scammers are like a virus. They change and mutate incredibly quickly. Scammers went from mailing solicitations to older people to phishing emails, robocalls, and now social media. [10:06] - When someone suffers a loss it is a huge transition in their life. It can be a loss of a sounding board and create isolation. [12:41] - Adult children should initiate conversations with their parents about money because the parents most likely won't do that. [13:08] - Dr. Wood suggests adding an adult child to a bank account just for monitoring purposes. [15:58] - You have taken care of me and watched over me all these years, now I have to start thinking about laying the groundwork of taking care of you guys as you age. [18:30] - Most decisions we make are more impulsive and automatic. We really don't have the resources to dig into every small decision we make during the day. [19:57] - When there is scarcity it causes consumers to act more quickly. [21:12] - Dr. Wood recommends taking time out or finding a sounding board before making a decision. [22:38] - Urgency, scarcity, and authority are all red flags to be watching out for. [23:44] - Scammers use the fire hose approach. They target everyone and hope that certain consumers will be in an emotional state or be prime to respond to their solicitation. [25:06] - There are three types of reactions by consumers. [25:22] - If you are wary about an email at all just delete it. [28:48] - Scammers don't care who they cheat. [29:54] - When someone is scammed they are often terrified to tell anyone because they are in fear of how they would be perceived and how it would hurt their reputation. [31:31] - Scammers often use the psychological tactic of always calling and always being in their life. [32:01] - The bad guys only have to get it right once. The good guys have to get it right 100% of the time. [32:44] - Having an open family dialogue about these issues is useful. Be more aware in these times of uncertainty. [34:54] - Discussing your decisions with your parents may open the door to a broader discussion. It may help to foster a better conversation in general. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned Dr. Stacey Wood's website Dr. Wood at Scripps College

Have you ever wondered how hackers find vulnerabilities and how companies can find and fix their own? You will find out today! On average 30,000 new websites are hacked every day. Our guest for this episode is James Kettle. James is the Director of Research at PortSwigger Web Security where he explores new ways to attack websites and designs and refines vulnerability detection techniques for the Burp Suites scanner. James shares his hacking experience and hard work helping companies keep their websites secure from all the crazy stuff going on out there. On today's episode, James shares his expertise to help you be more aware of possible red flags and prevention measures to take to protect yourself and your website. Show Notes: [00:40] - When James was at university he saw that Google said they would pay anybody that could hack their website. He thought that sounded like fun and spent a huge amount of time doing that. [01:02] - Now James works at PortSwigger and researches new techniques to hack websites. [01:11] - Bounty programs are where a company wants to make sure their product or website doesn't get hacked by malicious people so they go out and publicly say that anyone is welcome to try and hack their website. If you are successful and you don't do any damage, but you tell them how you did it they will pay you for it and then fix it. [03:45] - Pen testing is the classic approach to securing your website where you pay a consultant to spend one or two weeks trying to hack your website. [05:14] - It is totally worth it to get that third party view. Developers often can't find problems with their own products. [06:13] - If you want to find a vulnerability on a website you need to use an attack technique. [07:15] - These days they see a lot of cross-site scripting vulnerabilities and it's the most common one they see. [07:37] - One of the most common causes of high impact breaches is access control issues. [08:45] - James shares the biggest data breach they were able to do during their testing. [10:31] - Try to use a framework whenever possible, because it makes things like sequel injection less likely to happen. [11:01] - The standard approach after you make the website is to try to get someone else to look at it. [11:27] - With Wordpress, it is very important to keep it up to date, install as few plug-ins as possible, and choose a good password. [14:08] - Use as few browser extensions as possible to avoid possible malware issues. [15:25] - Most people are not being personally targeted by hackers so the threats that most people need to watch out for are things that can be automated. [16:10] - If you are using the same password on multiple websites you are going to get hacked. [17:02] - A common misconception is that if you have a strong unique password then it doesn't matter if you reuse it. [18:03] - James uses websites with the assumption that all the data I give this website is going to end up public at some point. [18:45] - Provide the minimum information possible. [20:19] - James shares his all-time favorite story. [22:33] - If an entity builds their security around detecting when people are attacking them then running a bug bounty would be harmful because they have no idea who is legitimate or hostile. If your website is on the internet, it is being attacked. [23:35] - When you are being attacked, it is important to know that it most likely isn't personal. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Have I Been Pwned PortSwigger Burp Suite Web Security Academy BurpSuite on Twitter

You have probably heard of multi-level marketing also called MLM or network marketing. A multi-level marketing company is a company that recruits people to sell their products to their network including their friends and family. Network marketers typically buy inventory and then try to sell it. They can also recruit people underneath them and create a triangular shape in which they can collect commissions on the people underneath them who are also making sales. Casey Bond is a certified personal finance counselor and a lifestyle reporter for Huff Post covering money, home, and living. Her work has also appeared on Business Insider, Yahoo! Finance, MSN, The Motley Fool, U.S. News & World Report, Forbes, TheStreet, and more. Casey has been reporting on MLM's for the past year. The big question many people wonder is if multi-level marketing is a great business opportunity or an opportunity to lose thousands. On today's episode, Casey shares her expertise to help you make the decision that is right for you and help you beware of possible red flags. Show Notes: [01:13] - A multi-level marketing company is a company that recruits people to sell their products to their friends and family and their network. It is also called network marketing or direct selling. [01:29] - They typically buy inventory and then try to sell it. They can also recruit people underneath them and create a triangular shape in which they can collect commissions on the people underneath them who are also making sales. [02:14] - You will find a wide range of products offered including everything from kitchen knives to insurance products. [02:23] - Most multi-level marketing companies sell products that are traditionally marketed towards women. [04:06] - These days the gig economy is huge. One-third of adults are involved in the gig economy somehow. [05:02] - It is often presented as a way to make a ton of money in your spare time, and be able to win vacations, cars, and extra products. That is usually the case for a small percentage of people involved in MLM's who usually got in very early and built a huge downline. [05:41] - The key for being successful in an MLM is not necessarily making a lot of sales, but instead recruiting a lot of people underneath you. [06:37] - A big red flag is having to buy your inventory upfront. [08:10] - Another big red flag is when the initial details of this opportunity are vague or coming from someone you don't know very well. [09:40] - MLM's really play into the emotional side of people who would really like to have something of their own and who would really like to become more financially independent. [10:39] - The FTC watches and keeps an eye on the MLM industry. [12:14] - Illegal pyramids schemes do operate legally until they are caught. [12:50] - The Direct Selling Association oversees all MLM and direct selling companies. [13:48] - Casey is very hesitant to recommend multi-level marketing to anyone because it is so easy to get in a hole with debt or overspending when there are so many other ways to make extra income. [14:28] - It's best to go out and create something for yourself instead of relying on an MLM. [14:52] - The FTC does have an option on their website to report companies that are operating questionably. [15:46] - Working for an MLM can put strains on relationships and friendships. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Huff Post Casey on Huff Post Casey Lynn Bond on Twitter

Workplace bullying and violence seldom happens in a vacuum but rather are led up to with warning signs and events. In this episode, I talk with Timothy Dimoff about workplace bullying and violence. Workplace bullying is usually not physical, but it is ongoing. We talk about steps you can take if you are a victim of workplace bullying and ways to prevent it from the very beginning. Timothy Dimoff is president of SACS Consulting and Investigative Services, a high-risk HR and security consulting and investigation firm. As a nationally recognized expert in high-risk security and human resources, he is a sought after consultant, speaker, media commentator, and expert witness. Timothy has more than 40 years of experience in law enforcement, corporate security, and consulting. We talk about workplace bullying and violence and exactly what they are and the difference between the two. We specifically discuss what types of behaviors to look out for, things you can do to limit these behaviors, and how you can protect yourself from emotional and physical violence. Timothy shares steps you can take if you are a victim of workplace bullying or violence. Show Notes: [00:48] - Timothy's first career was 20 years in law enforcement at an Akron, Ohio police department, and then the federal task force. [02:04] - His career has been rewarding because he has been able to take everything he has been taught in both careers and apply it toward a positive. [02:34] - The low-level workplace bullying is intimidation. People go out of their way to embarrass, intimidate, or degrade someone to get themselves to a higher level, promotion, or even just look better. [03:21] - Higher-level workplace bullying is when somebody that really just has a higher level of anger or dislike for someone and they really want to go out of their way to damage them in some way. It could be physical, but a lot of times it is just mental or social. [04:05] - You need to watch out for someone setting up and presenting you as somebody that you're not. [05:18] - Human nature is simple. Where you get your reaction is where you continue and the severity increases. Try and downplay anything that happens especially in the beginning stages. [06:50] - Bullying is defined by one major thing. It is an ongoing continuous off and on type of action. [07:39] - You should be logging what is going on with the date, time, what they said, and what they did. [09:47] - About a third of the accusations that happen they discover are false. [10:27] - It is very difficult for companies to investigate these types of cases internally by themselves. Using an outside company sets the tone that this type of behavior will not be tolerated. [12:49] - If the bullying goes unanswered by management it can turn into workplace violence. [14:50] - Sometimes employers terminate an employee and get some pretty strong messages of aggression or potential retaliation. Once you have any kind of termination and there is an indication of these things you need to put some precautionary measures in place. [17:02] - SACS has a threat response team that they deploy out to boost security, research the potential perpetrator, assess their level of anger and aggression, monitor them, and figure out how to track them and defuse them down. [18:32] - As a society, we are showing more aggression as an answer to disagreements. Many people think that it is a proper reaction and they have a right to respond that way. [19:23] - Sports, politics, and other types of events and debates can get very aggressive, mean, and attacking. [19:48] - Timothy's number one suggestion for any employee that feels uncomfortable or unsafe is logging the instances. That gets more effective results than anything else they can do. [20:16] - What if it's the owner of the company that is treating their employees this way? [22:37] - If you are having problems with your direct supervisor then you take your complaints to the CFO, HR person, or another supervisor you respect and ask if they can help you. [23:12] - Bullying is not just between employee and employee. A supervisor has a distinct advantage to use their level against an employee in the wrong way. [24:05] - SACS Consulting works with both companies and individuals. Most companies call them to objectively find the truth. [26:37] -SACS Consulting will work with companies if they want to find and live with the truth. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest SACS Consulting and Investigative Services SACS Consulting on Facebook SACS Consulting on Twitter SACS Consulting on LinkedIn SACS Consulting on YouTube Timothy's Website Timothy on Facebook Timothy on Twitter Timothy on LinkedIn Timothy on YouTube

Just because something is secure, doesn't mean that it's safe. The S in HTTPS doesn't always mean safe. In this episode, I talk with Casey Crane about trust and encryption. We discussed many practical ways for you to avoid being a victim of a scam. Prevention and knowledge can help stop many attacks before they even begin. Casey Crane is a cybersecurity writer for Hashed Out at The SSL Store. Casey is a regular contributor to Hashed Out with 10+ years of experience in journalism and writing, including crime analysis and IT security. She also serves as a Content Marketer at The SSL Store. She has bachelor's and master's degrees in mass communications (in journalism and media studies) from the University of South Florida and USF St. Petersburg. Casey is passionate about data privacy and wants to educate others about encryption because it plays such an integral role in our daily lives (even though many people don't know it!). We talk about trust and encryption and best practices for protecting you, your family, and your business. We specifically discuss what you need to look for before clicking on a link or downloading anything. We talk about different types of SSL certificates and how to figure out which one would be the best fit for your website. This episode will help you figure out if you need an SSL certificate and reputable and trusted sources that can help. Show Notes: [00:35] - Casey works at the SSL Store as a content writer for the website and Hashed Out. [01:17] - She wrote her master thesis on the relationship between serial killers and the media in terms of how they are represented. She has always had a keen interest in learning more about crime and criminal elements and it just transitioned over time into the realm of technology and cybersecurity. [03:22] - What are HTTPS and SSL certificates? [04:15] - HTTPS is an encrypted communication channel between one party to another. Passwords and personal information are encrypted. [05:59] - Domain validated means that the person who requested the certificate gets an email. The email typically has a link or some files they need to upload to and that is about it. Organization and extended validation are two levels of validation above that. [07:29] - The Anti-Phishing Working Group reported nearly three-quarters of websites that were phishing websites used an SSL or TSL certificate. [08:21] - There are Unicode domains which basically pull from different languages, character, numerals, and signs. Those are now being used in web domains. [09:25] - Criminals tend to go for the lowest hanging fruit. They want to make this as easy as possible for themselves to save time and make the most profit or achieve their agenda quickest. [09:50] - If you get an email before you actually click on anything check the header in the email and see who the email is coming from. Check that the email and name match. Often the email is off by one letter or digit. [12:59] - Scams often create some sort of feeling of urgency, curiosity, fear, or concern so people are motivated to want to answer that email quickly by clicking on the link or calling a provided number. [14:25] - From a website owner perspective or an admin perspective it is about knowing which certificate you should be putting on your site. [15:02] - If you are collecting any financial information you should be using an OV certificate at minimum. [16:48] - In countries where the internet service is less reputable or you are concerned about your government snooping on what you're doing, having the encrypted communication channel between you and the website prevents the content that is going back and forth from being seen. [17:57] - Sometimes an issue that people tend to run into is that they just forget to check their certificates. [20:40] - The shorter the validation is for a certificate the more secure it is because there would be less time for a cybercriminal to be able to crack the encryption. [22:14] - The current standard for validation is 2 years for public certificates. It is continually changing and will keep changing. [23:16] - Certificate managers are programs that can help you manage the certificate and the life cycle of the certificate. There are different programs based on your preferences and needs. [24:56] - When you are able to keep your certificates valid you are avoiding issues and downtime. [27:09] - The actual encryption from certificate to certificate is the same. It is still the standard encryption that is provided. It is just the extra features that vary per certificate. [28:45] - Where can people go to get an SSL certificate? What should they be looking at to decide what is right for them? [29:36] - Find a reputable source and then figure out what level of validation you need for a certificate. Then you need to choose the functionality of the certificate. [30:57] - You want to make sure to choose a warranty as well. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTun

School districts, health care organizations, cities, and towns have all been victims of ransomware. Families have lost access to photo albums of 20 years of memories and personal finances. It can be a very devastating experience. It is very scary to not be able to do your job or access your data. Now attackers are not only threatening to delete your data, but they are also threatening to leak the data. This can cause lawsuits, legal ramifications, and a huge headache for businesses large and small. What is ransomware? Ransomware is a type of malware that gets installed on your machine and it locks all of your files so you can't access them. It spreads very quickly through your computer and you may be unable to access crucial programs and files. Often you get a message from the attackers requesting money or your data will be leaked or deleted. Craig and Joel share their expert insights on how to prevent these attacks. Craig MacAlpine is the founder and CEO of Expert Insights and a passionate security innovator with over 20 years of experience in information security and product management previously founding e-mail security company EPA Cloud. Joel Witts is a Senior Content Editor at Expert Insights covering a multitude of areas including cybersecurity. We talk about ransomware and best practices for protecting you, your family and your business. We specifically discuss ways ransomware can get in, how you can be affected, and ways to protect against it. We talk about secure gateway products, post-delivery protection, and isolation. This episode will help you figure out what solution can offer the best protection to your family and business. Show Notes: [01:38] - Ransomware is a type of malware that gets installed on your machine and it locks all of your files so you can't access them. It spreads very quickly through your computer and may be unable to access crucial programs and files. Often you get a message from the attackers requesting money or your data will be leaked or deleted. [03:14] - With a lot of scams there is a level of emotion and urgency in the ransom component. [04:50] - Travelex was hit on New Year's Eve this past year and it closed their operations down for a week while they had to go to a manual basis and had a 32 million dollar hit. [06:08] - Ransomware is something that affects all the way up from small to large businesses. The most common targets are healthcare, education, towns, and cities. [07:19] - The average ransom sum is increasing to over $40,000. [09:01] - There is conflicting advice on whether the company should pay the ransom or not. There is no guarantee that you will get your data back. [09:59] - Ransomware has become more of a well-known issue. Businesses are putting more measures in place to try and mitigate the risks from these threats. [11:10] - A common way for ransomware to start in an organization is through phishing attacks which are difficult to stop. Phishing is a type of email that tries to trick a user into performing an action. [13:31] - If you have got a savvy phisher whose updating that content it is really hard for the gateway systems to pick that up. [14:14] - The email may be the start of the phish, but not the method that the malware is downloaded that is just where they start the conversation. [17:03] - Secure gateway products usually do a good job stopping spam and phishing emails. Typically 98-99% of these threats will get stopped with those products. [19:03] - Someone can get remote access to your email account and forward the emails. The user isn't even aware of what is going on in their email account. [20:04] - Post-delivery protection looks for compromised accounts and phishing emails coming from a genuine internal account emailing someone else within your business. [22:10] - If you are an IT manager or IT professional you're asking for trouble not installing two-factor or multifactor identification. [24:17] - E-mail is your gateway to connect with someone, but the malware usually comes through the web like a download. [26:34] - Isolation could be the solution, but it will be a while before this option comes to consumers. It is a process that takes a while to get to the home-use level. [27:55] - With isolation videos or documents would be rendered for your viewing, but not actually be downloaded to your machine. [29:43] - If someone does become a victim of ransomware what are their options? [31:59] - Realistically if back-ups are not automated they are not going to happen. [34:06] - The IT manager is often a jack of all trades trying to oversee the phone systems, PC updates, and more. Back-ups are not prioritized, because if something isn't broken then we don't have time to fix it today. [36:13] - Over time there will be more advanced and automated systems that will block the vast majority of ransomware, but there will still be some carefully crafted scams that will be hard to catch. It will probably become less frequent, but never entirely go away. [

Identity theft comes in many forms. Children and adults can be victims of identity theft. Each year there are over 9 million identity victims. 1 million of these victims are minor children. The worst part is that we often don't notice a problem until we need to buy a car, house, or get a college loan. The clean-up process can be costly and time-consuming. Dana Mantilia is the founder of Identity Protection Planning. Dana grew up in the car business. She was running and still oversees her family's car dealership today. In 2014 they wanted to open an insurance agency so they could offer insurance to their customers, and shortly after in 2017 she decided to get into the identity theft world and business. Identity Protection Planning helps Americans protect themselves, their family, and businesses from identity theft and cybercrime. Identity Protection Planning was established to help educate, organize, and protect folks against identity theft. Her team established a user-friendly B2B software platform that allows agents, advisors, employers, and association managers to offer Identron identity theft protection plans to their clients, employees, or members. We talk about identity theft, data breaches, and best practices for protecting you, your family, and your business. Dana shares several practical tips and best practices that you can put in place today to help protect against identity theft. Show Notes: [00:32] - Dana shares how she got into the identity theft business. [02:58] - Often with identity theft cases, you have to pay first to start the cleaning process. It can be expensive to start the process and maybe you will get some of that money back later. [03:59] - What is identity theft? Identity theft is someone using someone's social security number to get a loan, a job, get credit, or file taxes. It often happens with children's information. [05:35] - The best thing to do with a child's social security number is to freeze their credit. [06:32] - Don't give out your social security number or your child's unless absolutely necessary. Be careful not to give your personal information out online. [07:34] - Informed delivery with the post office is a great service to make sure all your mail actually makes it to you. [08:18] - It is very important to have different passwords for different accounts. [09:02] - Dana suggests getting a different email to associate with all financial accounts. Use a password manager app with more complex passwords. [11:15] - Stop doing Facebook quizzes. Identity thieves actually create some of these quizzes. They often ask questions to figure out security question answers. [13:42] - Identity theft prevention service helps you with forms you need to fill out, government agencies you need to contact, and they help you along the process if your identity was stolen. [15:45] - Keep close tabs and don't give out your driver's license number, medical insurance card, and birth date unless absolutely necessary. [16:57] - Everybody should have either a fingerprint lock, gesture, or passcode on their phone because we are logged into most of our accounts. If you lose that phone, they can change your passwords and log-in credentials. [17:53] - Use two-factor identification is a great security measure to protect your accounts. [18:18] - On Google and Apple phones, you can enable a service that allows you to remotely wipe your phone. [19:33] - On your phone, you can see which apps have access to your photos, microphones, contacts, and location. [20:57] - One time per year on each of the three different credit bureaus you can run your credit for free. [21:33] - Identity theft protection services and insurance are a valuable service because it is something we are not good at and don't want to spend the time doing those things if we can even remember to do them. [22:57] - Most children are getting social security numbers right when they are born. As soon as you get your hands on your child's social security number, you should be freezing it. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. [bctt tweet=""Your identity is great until it is messed up. The challenges identity theft can bring are monumental." - Chris Parker" username="easypreypodcast"] Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Identity Protection Planning Identron Identron on Facebook Identity Protection Planning on YouTube Dana on LinkedIn Data Breaches with Troy Hunt SSA.gov

Website attacks are very common. They are often not personal, but they can create a mess for website operators. As website owners and operators, we need website privacy and security especially if we are collecting data and personal information. As I was making more money from my business in 2015, the need for better performance became an issue. I also needed to be able to keep my site up 24/7 and not have to deal with outages. My website started getting sustained 500-bit denial service attacks. I realized very quickly that this was not my expertise, but that is when I began my partnership with Cloudflare. Cloudflare provides services that increase the security performance of over 26 million internet properties around the world from individual blogs to governments to Fortune 500 companies. Cloudflare offers services to accelerate internet applications and mobile experiences, mitigate DDoS attacks, prevent customer data breaches, stop malicious bot abuse, and more. Our guests on today's show are John Graham and Evan Johnson. John Graham is a British software engineer and the current CTO at Cloudflare. Evan is a Product Security Manager at Cloudflare. We talk about attacks on websites, distributed denial of service attacks, and how to protect your own website. If you want to keep your website up and running without skipping a beat, this is a must-listen episode. Show Notes: [00:58] - Chris is a Cloudflare customer and shares how he became a Cloudflare customer. He shares his history of working with Cloudflare. [03:05] - In 2015 Chris started getting sustained 500-bit denial services attacks. He realized it was not his expertise and he needed help with this. [04:23] - John and Evan share the risks that Cloudflare helps website owners protect against. [05:53] - What things should we worry about as website operators? [07:09] - Evan is recommending businesses move more of their applications to the edge with workers with Cloudflare Workers. It has real security benefits. [08:29] - The big benefit of Cloudflare Workers is that there is no back-end server to overwhelm. It just moves the application to all of their servers. [10:38] - Often hackers are using automated tools to scan websites, so you really want to limit the ability for that scanner to see something. Then they will just move on. [11:39] - Anyone that has a database should prepare for the contingency if you get your database breached. Know your legal obligations in dealing with that especially if you are storing personally identifiable information. [14:01] - With Cloudflare, you can identify a problem and have it blocked almost immediately. [14:58] - It is really hard to patch your website fast enough. So a WAF can give you some breathing room while you patch the back end systems. Everyone should have a WAF, it is an extra layer that can really, really help. A WAF is a web application firewall. [17:16] - If you are connected to the public internet and you provide a service or website Cloudflare can protect that. [18:13] - Use a good password and have two-factor identification. [21:11] - Cloudflare Workers is super flexible and easy to write since you use Javascript. [21:46] - John shares how Cloudflare is able to offer free DDos services to their users. [23:12] - Cloudflare believes that your data is your data. They analyze it for you to provide your analytics and to look for attacks but they don't use your data. [24:34] - Cloudflare is a way to get a level of protection for an inexpensive price. [26:40] - With your back-end servers, you want to make sure you orange cloud things. Cloudflare is seeing the requests and it is being proxied through their network. [28:09] - With Cloudflare's new project Magic Transit they can take over the IP space and become your network. The traffic comes to Cloudflare so they can run the services they provide and then pass the good traffic back on to you. [30:30] - Cloudflare tries to take things that are expensive and complex and make them easy to use and cheap so that everyone gets access to these cool tools. [32:16] - People started to realize that they are using the internet for absolutely everything from banking to dating and it really matters that they protect that and use things that are trustworthy. [32:51] - If there is one password and two-factor you are going to use, put it on your personal email because if someone breaks into your personal email they can probably reset the password on every other service you use. Secure your email first. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Cloudflare Cloudflare on Facebook Cloudflare on Twitter Cloudflare on LinkedIn Cloudflare on YouTube Cloudflare on Instagram

Your online identity is quickly becoming more crucial to your personal and professional success than in-person communications. But most of us don't understand this digital Wild West and the dangers that lurk around every corner. Most of us are unaware of the digital breadcrumbs that we leave behind with every post, and how easy it is for a person with malicious intent to harm us. In her book, Catching the Catfishers and on today's episode Tyler Cohen Wood teaches us how to protect ourselves and our families from online predators. Tyler Cohen Wood is a cyber-authority with 20 years of highly technical experience at the Department of Defense. As a Cyber-, Intelligence, National Security Expert, three-time Author, and Public Speaker, Tyler is relied on for her wealth of knowledge and unique insights. Tyler served with the Defense Intelligence Agency as a Senior Intelligence Officer where she developed highly technical cyber-solutions and made recommendations significantly developing and changing critical cyber-policies and directives affecting current and future intelligence community programs. She has helped the White House, DoD, federal law enforcement and the intel community thwart many cyber threats to the USA. Tyler's expertise has made her a frequent guest and writer for both national and local television, radio, print, and online media. What is catfishing? What do parents need to do to protect their children online? What can you do in this uncertainty to protect yourself from cybersecurity issues? In this information-packed episode, we answer all these questions and more. Show Notes: [01:02] - When Tyler first started her cybersecurity career, she was doing digital forensics for The Department of Defense Cyber Crime Center. [03:01] - Parents often post pictures of kids and information without privacy settings. This can put kids in potential danger. [03:57] - Catfishing is someone pretending to be someone they're not in order to get you to do something or to give them information. [05:31] - In most catfishing cases there are some monetary or other things they are actually looking for. [07:30] - These attacks are always based on some fear or urgency. [09:55] - It is really concerning that kids are being targeted now more than ever. [10:35] - Predators target kids through online gaming platforms and social media apps. It is so important for parents to really know what their kids are doing, who they are talking to and what accounts they have. [11:05] - It is good to talk with your kids and sit with them and see what they are doing. [11:36] - What do parents need to do to protect their children online? [12:35] - Make sure you have accounts on all the same platforms that your kids do. Often predators will start a conversation on Instagram and then move to an encrypted platform like TikTok, WeChat or WhatsApp. [13:43] - Once a predator has a target they will continue to go after that target. If they see someone that they consider "easy prey" they are going to go after that. [14:58] - One of the number one things you should be watching out for is if someone claims to be somebody, but they don't have an online presence normal for that person. [17:15] - A Home Incident Response Plan involves talking with your kids about what to do if you have problems online including downloading malware. [19:06] - In a Home Incident Response Plan you want to include a paper copy of all of the numbers of people that you would need to call in the event of identity theft or other emergency and all of your accounts. [21:53] - If your friend sends you something that seems out of character or they're using words that they don't typically use that is an indication of a potential scam. [22:12] - If anyone ever asks you for money on the spot just walk away. [24:52] - Be really cognizant of what's in the background of your photos. [26:37] - You want to see what apps on your phone have access to. They may have access to your microphone, video, or contacts. If they don't need it then turn it off. [28:12] - Fear, uncertainty, doubt, and urgency really get people in trouble. Stop and take a breath before you react. [30:26] - You have to take time right now to nurture yourself. [32:08] - It is important to talk to our kids about what's going on in the world right now. [34:01] - Just be aware of what you're posting and what you're doing and trying to be as paranoid as your be without being crazy paranoid. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Tyler on Twitter Tyler on LinkedIn Catching the Catfishers Book

With over ten million cyber-attacks reported daily, we have to be equipped with the knowledge, information, and software to protect ourselves and our families. With the outbreak of the Coronavirus, there was a sudden shift of employees working at home and this has become even more of a problem. Since time wasn't available for most businesses to create a well-thought-out plan, that opens the door for even more cyberattacks. In this episode, Dr. Eric Cole and I talk about specific ways to make cyberspace a safe place to live and work. We talk about how to lock down your wireless access point, specific ways you need to update your computer, and most importantly how can you prevent these attacks. World-Renowned Cybersecurity Expert with more than 30 years of network security experience, Dr. Eric Cole is a distinguished cybersecurity expert and keynote speaker who helps organizations curtail the risk of cyber threats. Many of the foundational principles of this course and training in cybersecurity were developed by Dr. Cole. He has worked with a variety of clients ranging from Fortune 50 companies to top international banks, to the CIA, for which he was a professional hacker. While he started his career on the offense, he is now fully dedicated to understanding the adversary so he can provide cost-effective solutions that actually work. As a pioneer in the area of cybersecurity, he has been inducted into the Infosec hall of Fame, awarded the Cyber Wingman Award from the US Air Force, received multiple accommodations from the CIA and was part of the commission on cybersecurity for President Obama. He has been the featured speaker at many security events and also has been interviewed by several chief media outlets such as CNN, CBS News, FOX News and 60 Minutes. Show Notes: [01:41] - Most businesses when they are making decisions usually look at the benefits and security risks. With everything happening so quickly right now it is just survival mode. [02:15] - It is dangerous to get people up in running without a security plan because people assume that their home network is secure and protected, but often it is not. Most people were never meant to run their business off their home network. [02:39] - The first step is to lock down your wireless access point. [04:27] - If you are going to be clicking on links or opening email attachments about Corna or anything emotional use an Android, iPhone, or IPad. Don't use Windows for doing that web surfing and email right now. [05:03] - If you are running a business you need to pay for the commercial file storage. Free isn't free. The free accounts are a higher risk to your business. [06:24] - Search for directions to update your specific router and you will find easy to follow directions for your exact router. In less than 10 minutes your now in a much better position and much safer than you were ten minutes prior. [07:13] - When it comes to cybersecurity you are going to pay the pipe. You either pay now or pay later. Do you want to spend 10 minutes now patching, locking down and updating your router or do you want to wait for 2-3 months when your data and identity are stolen and then you have to spend 300 hours trying to clean and fix everything? [09:24] - Make sure your password to log-in to your wi-fi is different than your administrative password. In the last 3-4 weeks, there has been an increase in cybercrime. [11:10] - What people don't realize is that free is not free. They are using your data. [14:01] - If the service is really free and the company is staying in business there have to be some exposure points they are not telling people about. [16:01] - No matter what somebody says or does never give away that second factor in your two-factor identification. Eric highly suggests account monitoring over two-factor identification. [16:44] - Prevention is ideal, detection is a must. Set up account notifications so if someone is logging into your account or even attempting to log in you will get a text notification. [17:24] - If you catch fraudulent bank activity within 24 hours it is usually reversible. Turn on your notifications so if something weird is going on with your account you will be notified immediately and can take action. [19:33] - If you get a call from your bank saying there is a problem with your account, tell them you are going to hang up and call them back. If they start making excuses you should know there is a problem. [21:00] - If you get an email that has an emotional response, urgency, and something feels a little off or unusual pick up the phone and verify it. [21:44] - When working at home paranoia is your friend. Trust no one, admit nothing and make counter-accusations. [22:21] - Make sure all software, operating systems and anything you are running is up to date. Check your support pieces like Adobe and Java. [23:49] - When using Zoom or online teleconferencing programs set the additional passcode every time you do a conference meeting. You shou

In this day and age, we are experiencing knowledge overload. There is information everywhere on the internet and social media. Add in the changes and hoaxes we are seeing pop up with the Coronavirus and it is harder than ever to decipher the truth. How do we research and check out this overload of information? In this episode, Alex and I talk about many strategies you can use to be more aware and make the best decisions for yourself and your family. Snopes.com is a great resource for fact-checking information you receive. Snopes.com does the research, cites its sources, and encourages you to do your own research. Alex shares the history of Snopes.com and how the mission and company have grown into the information giant it is today. Alex Kasprak is a science writer and investigative journalist at Snopes. Before joining Snopes, he wrote about science at NASA's Jet Propulsion Laboratory and at BuzzFeed. His work has been featured in The Atlantic, Motherboard, New Scientist, and other venues. These days, his work generally centers around scientific misinformation and long-term investigative projects. Alex's scientific background is in geological sciences. He has a master's degree from Brown University, where his work focused on reconstructing environmental changes during a major mass extinction event by extracting molecular clues trapped in 200 million-year-old rocks. This research was published in the journal Geology in April 2015. In addition, Alex has a master's degree in science writing from Johns Hopkins University. An adapted version of his Hopkins thesis essay was published online at The Atlantic under the title "The Desert Rock That Feeds the World" in November 2016. When misinformation obscures the truth and readers don't know what to trust, Snopes.com's fact-checking and original, investigative reporting lights the way to evidence-based and contextualized analysis. We always document our sources so readers are empowered to do independent research and make up their own minds. Show Notes: [01:25] - Snopes has been around since 1994. It started as part of the Usenet Group dedicated to urban legends. [01:39] - David Mikkelson and his wife Barbara spun it off into Snopes.com. [02:04] - Now Snopes deals with social media misinformation, political stuff, and also investigative work. The mission and the size of the staff have grown over time. [03:46] - Social media allows information to travel much faster than it used to through emails and other things. The tactics are always changing how misinformation gets around. [04:40] - The most popular and most shared hoax on Snopes is the claim that posting something on your Facebook wall will legally prevent Facebook from using your material. [06:39] - The underlying theme to most any conspiracy based hoax is that the government doesn't want us to know this and is hiding it from us. [08:52] - They often claim that the people debunking the myths are in cahoots with the people that are propagating the truth. [09:22] - Hoaxes are designed to trick someone and are generally viral. [09:53] - If a story feels too perfect for your personal or political viewpoints it is probably because someone is directly targeting you with that message. [10:25] - The first thing to ask is does this seem too good to be true. [11:20] - You can double-check most visual hoaxes by doing a reverse image search. [13:49] - Different hoaxes target different demographics. [13:53] - In general studies have suggested that older Americans are much more susceptible to online fake news than younger generations. [15:46] - Political misinformation is typically targeted at making the other side look bad or your side look good. It doesn't have a strong demographic component. [17:46] - The motives for hoaxes can range anywhere from trying to be funny to financial motives. [18:41] - Financial motives are the most common motivator for intentional misinformation. [19:21] - Genuine innocent spreader heard something from somebody they thought was reliable and they shared it. It was wrong, but it went viral. [22:08] - One outlandish hoax about the Coronavirus is the notion that holding your breath for 10 seconds can diagnose it. This is the most ridiculous scientific claim Alex has heard. It defies logic that that would be a scientific test. [23:02] - Be careful of self-check and cure claims surrounding the Coronavirus. Another claim that sipping water every 15 minutes can cure the Coronavirus. Hydration is important, but you can not wash the virus down into your digestive tract to be destroyed. [25:41] - When there are medical claims we have to be really careful not to follow the advice of people that are not physicians, doctors or people that don't know our existing medical conditions and situations. Don't take random advice. [27:01] - Make sure to only read reputable sources like trusted news sources and governmental agencies. [29:23] - In times of uncertainty we have to just take a step back, not share much, an

With the worldwide virus pandemic, we are seeing things on Facebook, Twitter and in our email multiple times a day already. We are focused on remaining vigilant so we don't contract the virus, but we also need to become vigilant so that we don't become victims of the various cons, schemes, and scams that are already starting to surface. During uncertain times we often see scams on a personal level, business level, and national geopolitical level. It is important to be informed so that we can be protected in all areas. Frank Figliuzzi is the former Assistant Director for Counterintelligence at the Federal Bureau of Investigation. Figliuzzi was previously the Special Agent in Charge of the Federal Bureau of Investigation's Cleveland Division which includes all of northern Ohio, and the major cities of Cleveland, Toledo, Youngstown, Akron, and Canton. Following his FBI service, Figliuzzi joined General Electric and served for five years as Assistant Chief Security Officer for investigations, insider threat, workplace violence prevention, and special event security for GE's 300,000 employees in 180 countries. Figliuzzi is currently a frequent National Security Contributor for NBC and MSNBC News. A national pandemic is a target-rich opportunity for cons, schemes, and scams. We have to make ourselves harder targets for the bad guys. It is really important that we don't do things out of panic without researching, talking to people and seeking the right advice from the right people. What do we need to be looking for in an uncertain time to avoid being a victim of a scam or scheme? Listen in as Frank and I discuss warning signs to look for and trusted resources you can turn in this very uncertain time. Show Notes: [00:55] - We are all so squirrely focused on remaining vigilant so we don't contract the virus, but I'm here with a slightly different message which is that we have got to become vigilant so that we don't become victims during the virus of various cons, schemes, and scams that are already starting to surface. [02:15] - When you see something that doesn't look or sound right go ahead and research it, find out if it's wrong, and if it is wrong politely post your research. [02:52] - Frank puts these scams in three different buckets. There are scams for coronavirus on the personal level, business level, and national and geopolitical level. [04:01] - It is really important that we don't do things out of panic without researching, talking to people and seeking the right advice from the right people. [04:48] - We have got to look out for each other on this. If you have elderly family or neighbors we have to pay extra attention to them. [05:36] - If it is too good to be true, it's not true. Trust your gut! Run it by 2 or 3 other people that you trust. [06:53] - When it comes to charities, Frank's advice is to stick with the well-established charities that you already donate to. Charity Navigator will do the vetting for you. [8:13] - If anybody is asking for your money or your personal identifiers right up front the alarm bells should go off. [9:58] - Many businesses are not equipped from a cybersecurity perspective to deal with work from home. [10:34] - We are going to see a huge increase in accounts payable fraud. [11:51] - Get your IT people together and pay now for the increased security or you're going to pay later. Maybe some sensitive functions should not be functioning at home. [13:00] - Testing is a great thing to do before you launch into massive work from home. [13:28] - If looking for work from home options watch out for the too good to be true. Always check out the opportunities and do your research. [15:16] - Test first before you start producing products remotely and make sure that it can't be interfered with. [17:03] - With the government stimulus package coming out we will likely see emails pop up asking for your social security, date of birth, and address which is identity fraud. [18:31] - Don't fall for people reaching out to you by phone, e-mail, and snail-mail. Go to a government site for the information. [19:26] - The government will not call you. You can verify through their websites and the official numbers. [19:38] - Share this information about possible scams with your grandparents, parents, and adult young children to protect them. [20:56] - We are in a polarized society. So far it has been political polarization. [21:22] - The fear is that we will move from political polarization to polarized responses to a pandemic and that can be very dangerous. [22:15] - There is also a foreign influence to try and polarize us. [23:14] - Do not be afraid to block and report anything that comes across your screen that looks like it is dangerous propaganda. [23:43] - When there is something really scary that we don't understand, it is a lot easier to blame something that we can identify than to recognize there is nothing we can do about the situation and we just have to wait. [24:15] - Humans want simpl

Many of us love traveling, but safety and security are usually a concern in the back of our minds especially if we are traveling with our family. So how do we stay safe and secure when we are traveling? J. teaches us what red flags to look for when reserving and staying with Airbnb. With a few extra steps any problem can often be prevented and in turn, keep you safer and more secure. If you have thought about operating your own Airbnb tune in to find out what you need to be on the lookout for, how to be a responsive host and tools that J. offers to help you succeed. Massey is a full-time Real Estate Investor, Entrepreneur, Popular Podcast Host, Author, Speaker, Coach & All-Around Problem Solver. Cashflow Diary is a short-term rental hospitality training company. We show people how to build their own short-term rental business (without needing to buy or own any property) so they can thrive financially. Heralded as the most advanced short-term rental training in the industry, Cashflow Diary enjoys creating content and communities that are solely focused on developing individuals into powerful business owners. Founded by J. Massey, Cashflow Diary exists to create short-term rental entrepreneurs. No matter your passion, he believes that running a hospitality business will change people's lives… Prior to entering the sharing economy, J. taught real estate strategies based on his years of experience. He owned hundreds of units, raised tens of millions of dollars, and even owned cell phone towers. He was all but "retired" at the age of 38 when one of his students asked what he knew about short-term rentals – the answer at the time was, "not very much." He started looking into the model and was astounded at the opportunities it presented. J. now runs a 34 unit short-term rental business, and they create more profit faster than any other strategy he has seen before. That means that you too will now have a business that creates more profits to invest into whatever is most important to you—your family, your business, your future, and your community. The bottom line is that because short-term rental businesses provide a financial safety net, you can take more risks, develop advanced business skills, and do more of what you're passionate about. Show Notes: [00:35] - Chris shares an article from Allie Conti about her Airbnb problems and struggles. [03:06] - As Allie digs into this particular host and their listings she finds out that this listing is actually being rented out by multiple people. [04:18] - Common scams the renter is at risk of with Airbnb. [04:38] - If you don't know what you don't know you wouldn't know that you have an opportunity to discover this ahead of time. [05:05] - The number one concern of people is safety and security. [06:59] - Message the host right after the check out time the day you plan to arrive so they have a chance to respond to your inquiry. Tell them when you are planning to arrive and ask if everything will be ready for your arrival. [07:37] - If you don't get a response then you would call and involve Airbnb directly. [10:00] - Usually if you contact the renter by 12:30 PM they will know if something needs to be replaced or if they need longer for a maintenance issue. [11:09] - Hosts that are less communicative and responsive to their listings get pushed down in the search results. Those who are more responsive are more likely to have their search results near the top. [11:39] - Keep your conversations inside the Airbnb platform. [14:20] - If the host needs to move you ask for a link to the listing. It needs to be on the Airbnb platform that you made your original reservation on. Then you can verify it with Airbnb. [16:44] - Most plumbing issues can not be resolved in one day. [17:39] - Every listing can have a unique cancellation policy. [20:20] - On the operators' side there is a predictable pattern to those who have less than honest intentions. [21:33] - If the property is substantially different when you arrive, you have to document the differences with pictures and videos and contact Airbnb. [23:08] - If you know your arrival time is late all these preventive measures are extremely important before the cutoff time which is usually around 10 PM. [23:43] - Read the listings. Don't just look at the photos. [24:21] - If you are suspicious of a place take a screenshot of any of the photos and do a Google image search. It will tell you if the image is used frequently. [26:57] - The biggest abuse for operators is with pet situations, but often they could suggest a better location for you and your pet. [27:56] - Hosts need to know how many people are actually staying on the property for safety and security purposes. [30:48] - Hosts know what bed bugs look like. Renters will try to submit blurry photos of insects. [33:39] - It is very common to say I couldn't get in or I never stayed at a property. Then the operator has to prove you stayed there with electronic door locks, key codes and

Have you ever been the victim of an email scam? Business Email Compromise is a type of scam where scammers focus on businesses that conduct wire transfers and work with suppliers abroad. There are many things businesses and consumers can be on the lookout for to avoid falling into these email traps. Learn how to protect your information and money from these cyber attacks with Steve's practical advice. Steve Weisman is a nationally recognized expert in scams, identity theft and cybersecurity as well as a lawyer, college professor and prolific author. In his informative speeches, articles, and books Steve makes difficult subjects such as cybersecurity, scams and identity theft not only understandable but enjoyable with the humor he brings to these complex issues. Steve Weisman is a lawyer, admitted to practice before the United States Supreme Court. He is a college professor at Bentley University where he teaches "White Collar Crime." He was awarded the Gregory H. Adamian Award, Bentley University's highest award for teaching excellence. He is the author of more than ten books including The Truth About Avoiding Scams named by Smart Money Magazine as one of the ten best money books of the year. He has been awarded a Certificate of Merit for excellence in legal journalism by the American Bar Association. He has been a columnist for USA Today, Bankrate.com, the American Institute of Economic Research and the Saturday Evening Post. He has appeared throughout the media as an expert on scams, identity theft and cybersecurity including appearances on ABC, NBC, CNN, CBS CNBC, MSNBC, NECN NewsMax and Fox. He also has been featured on the Dr. Phil Show. He has been quoted throughout the print media including the New York Times, the Washington Post, the Wall Street Journal, Barrons, Money Magazine and Forbes. He is a sought after public speaker with numerous appearances throughout the country.

Has your information ever been compromised in a data breach? There are security measures you can implement to lessen the effects. Troy Hunt shares about the frequency and increasing size of data breaches of personal information. Don't miss the end where we share lots of strategies you can put in place today to better protect your information. Troy Hunt is an Australian Microsoft Regional Director and Microsoft Most Valuable Professional for Developer Security. He doesn't work for Microsoft, but they're kind enough to recognize his community contributions by way of their award programs which he's been a part of since 2011. You'll regularly find him in the press talking about security and even testifying before the US Congress on the impact of data breaches. Troy is a Pluralsight author of many top-rating courses on web security and other technologies with more than 30 courses published to date. There's no better way to get up to speed on a topic quickly than through professional training that you can take at your own pace. As both an author and a student, Troy has nothing but positive things to say about the breadth and quality of Pluralsight courses. One of the key projects Troy is involved in today is Have I Been Pwned (HIBP), a free service that aggregates data breaches and helps people establish if they've been impacted by malicious activity on the web. As well as being a useful service for the community, HIBP has given him an avenue to ship code that runs at scale on Microsoft's Azure cloud platform, one of the best ways we have of standing up services on the web today. Troy regularly speaks around the world and runs developer-focused security workshops. You'll regularly find him at major technology events.

In today's internet age we are meeting more and more people online. How do we use this incredible resource wisely and keep our families safe? Jeffrey Hayzlett shares about how his image and pictures of his grandkids are being used to scam women out of tens of thousands of dollars and breaking hearts in the process. Listen in to hear practical tips for making sure the people you connect with online are legit and real.

Have you or your family been victims of identity theft, phishing, romance scams, or any other scams? The true stories and actionable advice you will hear on this podcast can help save you money, headaches, and more. Chris Parker is the founder of WhatIsMyIPAddress.com and host of the Easy Prey podcast, which attracts over 6 million monthly visits. His website provides information on IP addresses, as well as easy-to-read information on how to stay safe online. Chris realized that people need help recognizing the dangers and red flags before they step into a trap, not after they've been tricked and taken advantage of. The Easy Prey Podcast is the perfect way to reach a broad audience with stories and valuable information in today's imperfect and sometimes dangerous world. I want to provide a little background behind the launch of the podcast. I launched WhatIsMyIPAddress.com the Dark Ages of the Internet back in 2000. Over the years it has grown from my social to a technical issue to a hobby to a side hustle. In 2014 when I lost my day job it became my full-time work. As the site started to grow, more and more people who are the victims of scams reached out to me for help. There were the victims of romance scams, identity theft, phishing, lottery scams, and the list goes on. To some the losses were minimal and to others it was their life savings and beyond. Regardless of the loss, my heart goes out to them. When looking back at the interactions there were plenty of warning signs that were either overlooked or outright ignored. Many of those losses could have been prevented if they had only known what to be on the watch for. Over the years, I have had the pleasure of meeting and learning from experts in various industries and what to bring their knowledge and expertise to you. You will hear true stories and actionable advice that will help you, your friends and your family from becoming Easy Prey.