Get Started

The Safety I Follow

I recently worked on a project for my family, which contained information not meant for the world to see. I secured the page, which required a username and password. I did not do this to be controlling. I did it to protect my family and friends. Allow me to elaborate.

  1. Once something is posted on the Internet, whether a blog, social media, YouTube, or the likes, those posts cannot be removed or undone.
  2. Preying eyes are all over – professional cyber criminals use various programs and bots to look for keywords on the net. The program can generate reports for the criminalist who can plan a robbery or assault (physical, emotional, and even sexual), or worse, murder (including a robbery gone wrong). The FBI report assault where the perpetrator gets information from the Internet rose 231% in the last five years. Many of these dumbasses get away with it. Sure, law enforcement tries very hard to use technologies to apprehend cybercriminals, yet it is not easy – why? Because criminals are professionals and they use technologies to protect themselves.
  3. The big one – phishing. Cisco, one of the foremost networking, internet, and security companies, compiles reports annually. This year the recent report explored how cybercriminals (A) executed highly coordinated, multi-step attacks, (B) Leaned about four types of cyber attacks above all others, (C) Used old technologies to launch ransomware attacks, and (D) Used fake CDC and vaccine sign-up sites to gain access to data. Microsoft Security shared the six common types of phishing (of which there are over 15 types):
    1. E-mail phishing
      • Email phishing is a cyber-attack where an attacker sends fraudulent emails that appear to be from a legitimate source, such as a reputable company or organization. Phishing aims to trick recipients into revealing sensitive information, such as passwords, credit card numbers, or social security numbers, or to get them to click on malicious links or open infected attachments.
      • The emails typically contain links that lead to fake websites designed to look like legitimate ones, where victims are prompted to enter their personal information. Alternatively, the emails may contain malicious attachments that, when opened, install malware on the recipient’s device.
    2. Malware phasing
      • Malware phishing, or phishing with malware, combines two cyber attack techniques. It involves sending fraudulent emails or messages that appear legitimate, aiming to trick recipients into clicking on malicious links or opening infected attachments. The recipient unwittingly downloads malware onto their device, leading to unauthorized access, data theft, system damage, or other malicious activities. Malware phishing combines the deceptive tactics of phishing with the delivery of malware, making it a potent and dangerous threat to individuals and organizations.
    3. Spear phishing
      • Spear phishing is a targeted phishing attack where the attacker focuses on specific individuals or organizations. Unlike generic phishing emails, spear phishing emails are personalized and tailored to the recipient, often containing accurate information or references to make them appear more credible. The attackers research their targets to gather personal details or learn about their affiliations, job roles, or interests. This information is then used to craft convincing messages that trick the recipient into revealing sensitive information, clicking on malicious links, or opening infected attachments. Spear phishing attacks are sophisticated and often harder to detect, making them a significant threat to individuals’ and organizations’ cybersecurity.
    4. Whaling
      • Whaling phishing, or CEO fraud or executive phishing, is a spear phishing attack targeting high-ranking individuals within an organization, such as CEOs or other executives. The goal is to trick these individuals into divulging sensitive information or performing actions that can lead to financial loss or data breaches. Attackers use social engineering techniques to create a sense of urgency or authority in their emails, often impersonating colleagues, business partners, or higher-ups to gain the target’s trust. Whaling phishing attacks can be highly sophisticated, leveraging extensive research and personalized content to deceive their targets. Due to the potential impact on organizations and the individuals involved, whaling phishing requires heightened vigilance and security measures to mitigate the risk.
    5. Smishing
      • Smishing is a type of cyber attack that involves fraudulent text messages or SMS (Short Message Service) messages sent to individuals’ mobile phones. It combines the words “SMS” and “phishing.” Smishing attacks deceive recipients into revealing sensitive information, clicking on malicious links, or downloading malware onto their devices.
      • Attackers often impersonate trusted entities, such as banks, government agencies, or well-known companies, in their smishing messages to establish credibility. The messages typically contain urgent or enticing content, urging recipients to take immediate action, such as providing personal information or clicking on a link that leads to a malicious website.
      • Smishing attacks exploit the fact that people are more likely to trust and respond to text messages than other forms of communication. To protect against smishing, individuals should exercise caution when receiving unsolicited messages, avoid clicking on suspicious links, and refrain from providing personal or financial information through text messages unless they can verify the sender’s legitimacy.
    6. Vishing
      • Vishing, short for “voice phishing,” is a type of cyber attack that utilizes voice communication, typically over telephone calls, to deceive individuals and obtain sensitive information. Attackers impersonate legitimate organizations, such as banks, government agencies, or tech support services, and use social engineering techniques to manipulate their victims.
      • During a vishing attack, the attacker may use automated voice messages or personally engage with the victim, posing as a trustworthy entity. They create a sense of urgency or fear, attempting to trick the individual into revealing confidential information like passwords, social security numbers, or banking details.
      • Vishing attacks exploit the human tendency to trust voice interactions and authority figures. To protect against vishing, individuals should be cautious when providing personal information over the phone, especially in response to unsolicited calls. It is advisable to independently verify the caller’s identity by contacting the organization using a trusted phone number before sharing sensitive data.

Microsoft said best: “As technologies evolve, so do cyberattacks.” MAKE NO MISTAKE: Phishing is not just in business or work; it can help at home simply by clicking a button, completing a fake form, or sharing information on the web.

As an Education Institution Trainer and Support Specialist, I work closely with IT and disseminate different technology information to my colleagues and family.

This past spring, I was required to complete multiple training on phishing and online security. I am constantly amazed and eager to learn how people get hurt; mentally, physically, and financially. I read a story about a loving family in Idaho who lost their home due to cyber crimes. The rate of ransomware is ridiculous.

Many companies and academic institutions spent thousands of dollars on keeping safe and cyber criminals at a distance. The same is needed for the home. I recently put my family’s devices on VPN to ensure we are protected on WiFI. Clue: you can be a victim of cybercrime by using WiFi at the airport, hotel, Starbucks, and McDonald’s. The latest crappy fad for cyber security is charging your iPhones, iPad, or laptop at the airport’s charging stations – free or otherwise! Cybercriminals are losers and have nothing better to do than ruin people’s lives and damage businesses.

Here is my message for the home and family:

  1. Take extra steps and money to spend on security measures – at the least, antivirus and VPN.
  2. Refrain from using publish WiFI unless you are protected.
  3. Be responsible when using Facebook, Twitter, and social media.
  4. Do NOT share personal information on the net unless you use a trusted and secured system.

For people who bitch and moan about using secured pages or sites, you are unrealistic and putting yourself and your family in danger. Technology changes every hour. The chances of becoming a victim of cyber “dumbass” criminals also increase. Be thankful to IT at work and family members for thinking of loved ones and protecting the family. Almost every family has someone who is a technology person. Suppose you don’t visit an Apple Store or Microsoft Store or take Adult Education classes at community colleges. Yes, learning all of this is scary, and knowledge is power.

Be safe and be well – Dr. E

Tags

Ava Reed is the passionate and insightful blogger behind our coaching platform. With a deep commitment to personal and professional development, Ava brings a wealth of experience and expertise to our coaching programs.

About the Coach ›

Newsletter

Weekly Thoughts on Personal Development

We know that life's challenges are unique and complex for everyone. Coaching is here to help you find yourself and realize your full potential.

About the Coach ›