Sabrina’s Money Matters

So how can you keep your information from being stolen when your information is outside of your own control? Huh? If you do everything you can to protect your identity and have firewalls set up on your home pc so your files cannot be accessed and shred all your mail, are the other people that have that same information as careful as you are?

I’m talking about your educational institutions, your employer, your insurance company, subcontractors for any of these agencies, your doctor’s office, etc. How do you know if they’re protecting your information? The scary truth is that you don’t.

But if you ever fall victim to a story about a forgotten ID card, or a request for a password over the phone because it was “forgotten”, or any other ruse that means you have to give up information that is secure to someone who should already know it, if they are indeed who they claim to be.

A social engineer is able to convince you they’ve simply forgotten their ID badge or they’ve left something in the building and just need to run in and get it before you shut the door, you never know what they’re really up to unless you intend to follow them around, and even then you may not know.

Two years ago a laptop computer was stolen from the company that managed the retirement plans and benefits for a former employer of mine. I never dreamed that a company that far removed from me could affect me so directly.

The company responsible for this information loss paid for credit monitoring service as a result of this breach and I’ve been enjoying that service and its benefits, however, not all companies do that. I’ve been notified recently by one of the companies that holds a student loan of mine that information was stolen on a laptop they had, however they just offered tips to protect myself on the backside of the letter they sent me. Nice huh?

If every one of us takes the extra step to be a little more careful and not let anyone in a building that doesn’t have proper ID, or give information out over the phone, even if you recognize the voice on the other end of the line, do not give that information out. If we all do this, that is the one true way we can slowly put a stop or a speed bump in the way of the speeding identity theft train. By being sure none of us allow a breach to happen, we are overall protecting our fellow citizens not only from identity theft, but also personal crimes as well.

The sad thing is that it is more logical to be skeptical than trusting in this new and ever changing society of ours. It is of our own making, this beast - it’s been made too easy but we can still do our part to protect ourselves and each other.

Your information is no one’s business but you’re own. Tomorrow we’ll talk about how to go underground and become untraceable. Fun stuff! You’ll be thinking like a detective and no one will be able to find you if you utilize the methods I’ll be teaching you.

So until tomorrow friends, protect yourselves and each other, I’ll meet you all back here tomorrow - same time, same chair, same channel!

Sign up to receive new posts on Sabrina’s Money Matters by email and never miss a beat!

This is our 2nd day talking about social engineering. We’ve all watched enough detective shows to know that undercover police and investigators typically use other names, this is called pretexting. Call centers do this sometimes as well to avoid employees being accosted by customers. Although rare, it does happen, lol.

Again, I reference the explanation of Pretexting through Wikipedia:

Pretexting

is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is typically done over the telephone. It’s more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information (e.g., for impersonation: date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.

An example I can think of offhand, though it seems harmless, is the Dell customer service department, after hours specifically. I called one day and received an Associate that called himself Jeff. Being that I could tell he was an overseas agent (India) I knew full well his name wasn’t Jeff. That name however, was either chosen by him or given to him to make American customers feel more at ease with the person they are speaking to over the phone. As simple as that sounds, it is a form of pretexting.

At my job we have a list of the pretexts used so that if one of the people that the pretext has been used on calls into our office on a number given them, we’ll know who it is by the name used, they’re aren’t simply decided on the spot.

There are countless videos on YouTube showing what some people think is Social Engineering when really it’s just dishonesty and could even be called theft of service because it benefits only the person using the pretext. One video I watched this morning was a guy getting two burgers and a fry from a fast food restaurant using a pretext. I was hoping to find a good example for you, but didn’t find one, hence no video on this post.

Can you think of any examples of pretexting that you’ve come across in your daily life?

Sign up to receive new posts on Sabrina’s Money Matters by email below and never miss a beat!

“There’s a sucker born every minute.” -David Hannum

It’s called Social Engineering -(glorified title) this is what a con artists best tool is, it enables scammers to trick you out of information that they will use for their gain. It’s one of my biggest pet peeves and I am now in a position to tell you how they do it so easily. It’s like the smooth talking salesman at the dealership, right down to the checkers at the grocery store offering you “a chance to donate to a worthy cause” at the checkout lane. It’s a skill, it’s easy to say no when the person trying it isn’t good at it.

However, the best scam artists walk away with what they need and you never realize they got something from you that they can harm you with.

According to Wikipedia:

All social engineering techniques are based on flaws in human logic known as cognitive biases.

I’ve been a bit ambiguous about my new employer, it’s not something I associate with this blog really, but soon enough I’ll be revealing more and more about it as I write about certain topics that you need to know about - and ways to protect yourself in different situations. So all ambiguity aside, I work for an attorney who started a private investigating firm 35 years ago that is now headed up by his son. I am immersed in the legal field in all facets, but not only in the courthouse sense of the law. I also work closely with Private Investigators who have various interesting and not so interesting jobs. What is investigated? Anything you can imagine.

My trade is transcription, it’s not a glorious one however it is very necessary in the world - and I’m pretty good. ;D This puts me in the rare position to hear interviews of people, surveillance reports, background investigation information, etc.

My point is that social engineering can be used for ill gotten gains as well as to learn you things you may need to know, and private investigating is the only legitimate use I can think of for social engineering.

Anytime you get a feeling that something isn’t right, be it during a conversation or you feel someone might be following you, maybe you think someone is listening in on your conversations or someone is phishing your email account, these are all forms of social engineering, retrieving information the person giving up the information may not realize they are giving out.

I’ll give you some more precise examples tomorrow of situations that are typical for social engineers… this is just a preview of what’s to come…

Sign up to receive new posts on Sabrina’s Money Matters by email below and never miss a beat!

I just took a little while to put together a page through Amazon of some of my favorite things and things I’d like to have - I thought I’d share these things to do two things, show you things I use as well as show you something you might decide you need. I love Amazon because they’re competitive by offering you everything you could need in one central location. I get all our DVD sets there and most of my cd’s unless it’s local music and countless other things. I still have a wok I bought through Amazon two years ago. Great stuff, and at really competitive prices. I don’t think anyone can beat them.

Check it out at my Time and Money Saving Products page.