- The 70+ best Black Friday TV deals 2024: Save up to $2,000
- This AI image generator that went viral for its realistic images gets a major upgrade
- One of the best cheap Android phones I've tested is not a Motorola or Samsung
- The best VPN services for iPhone: Expert tested and reviewed
- Docker Desktop 4.36 | Docker
Protecting a New Vulnerable Population on the Internet
On a Mission of Protecting
Abraham Lincoln is credited with saying that “A lawyer’s time and advice are his stock and trade.” Whether the quote is mis-attributed to Lincoln is irrelevant to the greater message, which is that attorneys are “knowledge workers.” To state it as bluntly as one attorney once explained to an executive where I worked, “My knowledge will keep you out of jail.” As a cybersecurity professional, you too are a knowledge worker. Many times, your job is probably occupied with advising rather than creating. This specialized knowledge and the sharing of it is what makes you the subject matter expert. Protecting others from the perils of the internet has always been the primary responsibility of cybersecurity professionals.
Whether working for a large corporation, a government agency, or in an individual capacity, helping others to become better educated about online threats has always been a core part of the job.
Can you fix my computer?
Of course, many non-security people (often our friends and family) think that a cybersecurity professional is someone who can fix their computer, and while that is true in many cases, recent newsworthy security events have raised awareness about the differences between the skills of a computer technician and that of a cybersecurity professional. Now, when a news organization interviews a “computer security expert” to explain a breach event, the exclamation, “Oh, so that’s what you do!” is heard more often.
The Newest Members of the Most Vulnerable Class
Do you recall just 10 years ago when the task of protecting the most vulnerable people on the internet meant going into schools to teach children about cyber-bullying prevention? At the time, young people who were newly joining the Internet community needed to be educated about the correct way to behave as well as the correct way to respond when targeted by others on the Internet.
Sadly, cyberbullying continues, and we must continue our efforts to teach young people how to conduct themselves behind the easy anonymity of the Internet. Now, there is a newly emerging Internet population that needs protection, as well. Our senior citizens are now being targeted—not with threats but with false promises.
Follow the Money
As a very broad statement, cyber-bullying is an attack on a young person’s social status. However, there is no profit in any of that. Cybercriminals are not merely flexing a muscle to gain popularity or cause emotional damage; they want money. Young people are not known for having a lot of money, so they are a very bad target for profit. According to the FBI, “Seniors are often targeted because they tend to be trusting and polite. They also usually have financial savings, own a home, and have good credit—all of which make them attractive to scammers.” Those factors, coupled with the newest cybersecurity threats, make them prime targets for cyber fraud.
Tech Savvy Need Not Apply
Let’s clarify a common misunderstanding. Many people will often speak of how senior citizens lack the technical skills to protect themselves. Yet most of the newest members of the senior citizen class include the “Baby Boomer” generation. Some of those people have retired from jobs where they used a computer all day long. Along with that, recent statistics show that more than 90% of people between the ages of 65 through 74 own a cellphone. This is true across a broad spectrum of socioeconomic factors, as well. The new seniors may be much more tech savvy than they are being given credit for.
While seniors may understand the technology, they may not be as well versed in social engineering techniques, which have improved. A recent article in the American Association of Retired People (AARP) revealed the internal workings of a “boiler room” fraud operation. While the initial contact with the victims was under the pretense of fixing a computer problem, all of the scams are propelled using social engineering techniques. The article also discusses the brilliant efforts of one magnificent cybercrime fighter pseudonymously named “Jim Browning” who decided to combat those fraud attempts.
Unfortunately, Jim Browning cannot scale his operation to combat every scamming operation, and this is where we come into play. We need to find better ways of informing and protecting those who may not recognize when they are in the early stages of a fraud. Some of the preventions that can be put in place are technical, while others require more public outreach.
Keeping the Phone from Ringing
While it is rare that I promote any particular product, I highly recommend RoboKiller as a simple method to stop scam calls from arriving in the first place. Once it is installed on a cell phone, it will prevent any calls from a database of over one million known spammer and scam caller lists. For some extra fun, you can set up the phone to play recorded conversations that are timed perfectly to waste a scammer’s time. Some of these recordings are quite funny, and any time spent wasting a scammer’s time is a minute where they cannot be scamming someone else.
On my phone, RoboKiller has saved me from over 100 annoyance calls in the last year. One can only wonder how many were full-blown fraud attempts. There are other great features, such as SMS blocking and call screening for legitimate calls. RoboKiller is also reasonably priced.
This is a perfect gift for the senior in your life, and it should be on any cybersecurity professional’s “must have” product list.
In part two of this series, we will examine the Grandparent scam along with a simple and novel approach to protecting people from this popular fraud.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.