Social engineering has become so creative and clever with the ways scammers are trying to infiltrate your world. AI and deep fakes are only going to make things worse. Over the past 30 years, fighting viruses and malware has only increased with no end in sight. Today’s guest is Roger Grimes. Roger is a Data-Driven Defense Evangelist for KnowBe4. He is a 34-year computer security expert and an author of 14 books and over 1,300 articles on computer security.

Show Notes:

• [1:06] - Roger shares his background and his drive to continue writing in the field of computer security.

• [3:17] - In his career as an accountant, Roger found himself more interested in the computer side of things.

• [7:45] - Things have gotten worse every year. Ransomware has attacked hospitals and law enforcement in addition to personal devices.

• [10:21] - In many cases, older devices are very hard to replace.

• [11:44] - Most employees of a company don’t know how devices work when it comes to security and things go without updates and patches.

• [15:10] - Some companies are getting better about making sure products are set to auto-patch.

• [16:20] - Social engineering is involved in about 70-90% of all successful hacks.

• [17:23] - Compromised credentials is another common way hackers are easily able to gain access to accounts.

• [19:38] - Social engineering is all about getting you to perform an action that is harmful to yourself or your organization.

• [19:50] - Three qualities to look for: unexpected, asking you to do something you’ve never done before, asking you to do something harmful.

• [21:12] - If something has those qualities, slow down before clicking anything within an email.

• [23:26] - Really good scammers will prepare you for the scam.

• [25:06] - It is hard to retrain yourself to think about these things during any communication.

• [27:14] - People shouldn’t get in trouble with their organization for taking precautions.

• [29:47] - Scammers prey on vulnerable populations, including the elderly.

• [32:10] - Always remember that no legitimate organization accepts payments in gift cards.

• [34:10] - The best we can do right now is educate people to help prevent successful scammers. There’s no stopping it.

• [36:04] - Try to use a MFA that is phishing resistant.

• [38:55] - Roger shares the experience of his fingerprints being stolen.

• [41:20] - Security questions are surprisingly guessable in a lot of situations. Your password might not be guessable, but the security questions aren’t always secure.

• [44:31] - Roger shares some data about patches and what is important to remember.

• [48:31] - Roger sets a time every few months where he sits down and changes every single one of his passwords.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. 

Links and Resources:

• Podcast Web Page

• Facebook Page

• whatismyipaddress.com

• Easy Prey on Instagram

• Easy Prey on Twitter

• Easy Prey on LinkedIn

• Easy Prey on YouTube

• Easy Prey on Pinterest

• KnowBe4.com

• Roger Grimes on LinkedIn