Working in the sector that we do, we’re naturally exposed to a wide variety of people and businesses – some of which are looking to take preventative action to reduce their risk, whilst others are looking for assistance in the event of an incident or to help prevent further issues. Helping people is our passion… that’s what we do!
But then, well… then there’s my mother. She didn’t fall into any of the above categories… until the weekend!
“Ah, a text message from my darling Mother”, I thought; “It’s no doubt likely to contain her usual text speak” – a requirement from the early 90’s to save space when writing text messages that is now wholly redundant and just makes for undecipherable content – “Oh…”:
I called her.
Over the next hour, my mother explained how she’d received a telephone call on her mobile phone from a “friendly sounding” male, who advised her that there were some security issues with her BT broadband and that she needed to make sure her laptop was secure.
As prompted, she turned on her laptop. In an attempt to fend off a would-be fraudster, my mother asked “But, how do I know you are who you say you are?”, to which the male explained he would be able to confirm an identification number in the settings on her laptop and guided my mother to it. Unsurprisingly, the numbers matched and the caller continued with his spiel.
During this call, the male managed to get my mother to download an application to allow him to remotely view, and control, her desktop.
Indeed, when my mother then went on to say she didn’t have time to do this right now, the male sent her a phishing email appearing to come from BT – only this time, directing her to download another remote access application to her computer. Both of the remote applications were entirely legitimate pieces of software in their own right but, naturally, the intentions behind installing them were to the contrary.
Now, here’s the thing. My mother isn’t computer illiterate, in fact, I’d say she’s reasonably computer savvy having worked as a secretary for most of her life. She’s in her early sixties and still uses her internet regularly for online shopping, emails, documents, etc. So, what caused this incident? Regrettably, it was her lack of understanding or awareness of the types of frauds that are out there. You’d think, given that her son does what he does, she’d be more alive to it than most but it goes to show the power of a simple con. Even though, in hindsight, she knew it was irresponsible and even, in her words, ‘idiotic’, in that moment her guard was down and she fell victim.
Now, imagine the impact this could have had upon a business were she not retired? Email accounts, payment details, sensitive information…. all at the mercy of a fraudster.
So, why am I telling you this? It serves as a gentle reminder that even though you may consider yourself, or your staff, to be computer savvy… there really is no substitute for security awareness training – whether at home, or within the workplace. It only takes a minute to become a victim.
In an effort to raise awareness, I’m signing my mother up as a member to our services so that she’ll receive regular training on cyber-crime and fraud (naturally, I’ll give her a discount – I’m not a total animal).
Oh, and did I mention that my mother’s broadband provider isn’t even BT? She’s with EE.
Subscribe to the Proofpoint Blog