|

Episode 482: Security With Tim Nash – Scams and More Scams

ByRob
Tweet
Share
Pin
Share

Show Summary

Tim Nash and Rob Cairns talk about scams going into the holiday period.

Show Highlights:

1. What are the types of scams?

2. How to protect yourself from scams.

3. Scams go up during the holiday season.

Show Notes

Hey everybody. Rob, Cairns here. And today I’m with my good friend, Mr. Tim Nash, and we’re going to talk all about security. How are you, Tim?

I’m doing well. I just said that outside it is snowing and it’s -2 and I’ve then remembered that I’m speaking to a Canadian. Who’s there, going -2.

That is true. Remember too, I grew up in Montreal, so I’m used to like -30 -, 40 wind chills, and. Snow banks at the at the sky high. But climate change has had a lot to do with screwing that up, so that’s not even happening anymore, you know? So it’s all good. That’s today. We were kind of preamble last month before we went to record and we got talking about phishing scams and they’re getting really, really interesting and the holidays are coming down on us and we’re already seeing an increase. And the AI is screwing that world up big time because it used to be you look at a an e-mail and said ohh this is a scam. The language is bad. The verbiage has been this is bad. What are you saying with phishing scams right now?

Well. It’s important to say that. Most phishing scams are still terrible, and the language is still bad. But it’s still all. Rubbish. But you’re right, this is very few times where people say ohh AI meant having this huge impact on security. Yeah. No, not really. Not in the way that most people think it does. But this is a really good example where it does, because if you think of the power or something like at a GPT model like ChatGPT or Claude, and you pass it your mangled rubbish and it will produce something. That looks like a perfectly good e-mail, but worse. Marketers, and anybody who’s employed in various jobs, are handing over the mangled emails and making them look good, and consequently, the language is merging together. So for phishing attempts, it’s going to be perhaps not so much right this very second. But over the next 12 months, it’s going to be very easy for a phishing scams because they’re going to be using the identical language. Because it’s being generated. By the same. Place which is interesting. Obviously you you most people can I say most. People a lot. Of people now have been have trained themselves to recognize a ChatGPT e-mail there are. There are those tail tail marks in there that. Yeah. Yeah. No, that that’s been. Written by but they you, you those things will happen more and more and we’re gonna have this new. Layer of well. Was this written by AI by the person who actually we wanted it to be written by? Was this being written? By a Fisher. How do you tell the difference?

I know it’s getting. It’s getting scary. I mean. I looked at 1:00, so I I’ve seen a couple recently. One was a text message scam. That end the post. So that’s the Canadian Postal Service center. And I know of four people who got this scam within minutes of them ordering something. And all four people clicked on the link and said I’ll pay the extra $2.00 and charge.

Yes.

Not even thinking. And you and I both know they do whole hanging fruit. They’ll charge a dollar, two dollars, $3. And then if the credit card goes through, the next charge is 1002 thousand $3000, right. So. That’s problem number one. And then the other one I saw, which was really interesting, was an e-mail scam where somebody put the Royal Canadian Mounted Police logo in there and tried to issue a court summons by e-mail. Well, we know court summons don’t go by e-mail, but if you put fear in the people, people do stupid things.

Yeah, I mean a a really good example of ones that you see every single day, but you might easily fall for. I’ve seen a lot of and I’m staring at my screen now and I’m looking at a bit Bitcoin. E-mail from Coinbase that claims you know your password. It has to be changed due to a security breach.

Yep.

And it’s like it’s a brilliant scare. It’s so you’re seeing it more and more. But it’s it it when it first came around this, this idea of this scam was brilliant. You know, your password has been compromised in a security breach. Ohh no, you must update your password. Ohh I must go do this. You go and update your password, and yes indeed it has now been compromised in the security.

Very great.

But these sort of this is the same sort of thing I’ve seen this, but in WordPress emails as well. I’ve seen a good one that was impersonating a hosting company, very large hosting company, and it basically said that the hosting company had had.

Mm-hmm.

For a security breach, you had to log into it. To correct correct this and if you didn’t pay attention to the URL, you wouldn’t get the irony of all of this was the domain that it was sending you to, which was a fake domain, but it was using special characters to replace some of the O’s in it to make you know was actually. The domain was registered on the host. That you were going to. So if you did a who is to check you would that this was going to the right place. And you looked up the IP address. Because it also was hosted on there you got back the correct you got the IP address of the hosting company, you got The Who is so that the domain was registered on the hosting company. Why wouldn’t you suddenly trust this? Yes. All the all the, all the static assets were being pulled from the correct URL and the page was. I had the identical markup because they just copied and pasted the HTML from the the original hosting companies. So the only hint at all was that. There was was if you were going to inspect the form, you would have noticed that this was going to just a random PHP file, but otherwise they did a brilliant job. I imagine lots of people fell for it.

Then. And got sucked in.

Yeah.

And then and then there’s a few. I mean, there’s also the old, I don’t know if it’s a phishing scam, but it’s a variants. You you get, you get that text message from somebody you don’t know, and then they’re. I’m just saying. Ohh. Hi, James. Remember about our party and and what they’re really trying to do is build trust and then they’ll say. When you say ohh this scam. Oh, can we talk? Anyway, no wait.

Yeah. Or or the other good one is I lost. I I’ve lost my phone. This is my new phone number.

Yep.

Ohh worse this is your son and this is my new phone number and the phone number in my case is somewhere in the US instead of a Canadian phone number. Well, my son lives around the corner from me and no.

My my daughter has been arrested multiple times in Spain, which is very confusing for me because she’s 9 and lives and is currently downstairs. Yes, yes.

But what I would say though, you know for families and and the grandparents scam, we all we’ve all heard about and that’s a variance of the almost the phishing scam. What do you wanna call it? That and not? I would say in families, what you need to do is put in a code word. We have one and if you can’t reveal that code word you’re you’re not getting anywhere in the number 20. I’m sorry.

I think it won’t take. This is again another interesting thing for AI. This is not going to happen for general fishing. But I can very much see very targeted spear phishing campaigns where particularly if you’re you do have a lot of footage and a lot of access to build up a person, you could create a fake.

Yeah.

Voice that does sound legitimate, that you could potentially have a phone call, and so it is worth doing. I know that sounds very tinfoil hair, but it probably was tinfoil hat territory 2-3 years ago. Probably was still unlikely a year ago, but now if you’re not so much for the average person. If you’re a high value target. I can easily see someone trying to target at Spearfish and target somebody by creating a persona that is one of their family members. We see this with deep fakes with things like you know, the US presidential stuff, but you you see it with celebrities and it’s done for fun. Sometimes it’s done maliciously.

Hmm.

But we’re not. That far away from it being used seriously. Or proper blackmailing, extortion.

I actually wrote a blog post about six months ago or five months ago, and I said you should never use voice validation for any security stuff at all because of a. Time and somebody challenged me and. Aren’t you a little over the top? I said. Actually not. I’ve taken my own voice off my cell phone. Voicemail. I’ve gone back to a generic. Voicemail. On on purpose and one of the and my partner’s. No. She’s a lady, so you know, I just get enough harassing voicemails to start with. Actually has my voice on it, so good luck on that one because the the problem becomes is people are using AI to get less voice validation at banks. There have been cases at banks in Canada where people have had money stolen. Ohh, the AI system validated you telecoms use voice validation as we.

Yeah. And it’s, I guess I’m slightly lucky that being a Brit with a British accent means that most AI systems cannot understand me and that voice validation just fails to work properly in most systems. So that’s good. That’s extra layer of security in there. It could be worse. I have a very neutral. Accent. Yeah, but I live in an area that has quite a distinctive accent, and if. You go further. North further South, further eastward W they. The accents all radically change. Currently, most voice cloners are terrible at British accents right now. But again, free sick with the rapid rise in these and the simplicity of these, you know, have you come across the website zuno.com just singing?

I have.

But just watching when that when I was first shown it like. Six months ago, this is nothing to. Do with security, but it sort of shows. The evolution of AI, I think really. 3-6 months ago when I first came across it it I was like, that’s amazing. You know, songs, they’re just making them up on the spot. You ignore. We’re gonna ignore copyright and all that stuff. We’re just. Going with. Ohh wow, it was able to do that, but at the same time it had a slight. You could tell there was something wrong with the voice. Things were different. You look at the same if you got. If you put the same prompt in today. You’d be hard pushed to say that was Britain. You know, the voice was AI, and once we’re at that stage, weirdly I’ve. Experimenting and playing around with various other. Things. It’s actually harder to find truly realistic voices that are doing spoken words, and it’s easier to do a singing song.

Yeah. So so.

I get it. That’s partly to do with the fact that you can hide a lot more with songs, but it won’t be long. We are getting very close. We’re getting very close to having your voice client. We’re getting very close to having your where your image can be cloned fairly well. And fairly cheaply. So yeah, that person on the end. Of. The phone who wherever they are in the world no longer has to put on a funny accent and try and pretend to be they can just throw it into a computer. And off it goes. So you really are going to struggle to prove. Who other people are? Unless you have some? Sort of reproof like. A passphrase or a passcode, or just even a yeah, a basic code word for that. You you. So your child can repeat. I was jokingly playing in the back of in the car back from school. My cause. My daughter was Kate arrived wearing a coat which is unusual because of snow. And she normally just loves running around in the. Without a coat on. And so I joke. And he said, oh, you must be a robot. And we spent quite a lot of time going backwards and forwards asking questions with me, asking questions to try and prove she was a robot. And her had proved that she was human, which sounds silly. And it’s childish little game.

Yeah.

He was also encouraging her to understand. How to? Recognise well actually what? What information is private? What information could she share with me and only me? That wouldn’t be known by anybody else. And she she throughout the conversation discovered. Actually, no, it’s really difficult. Most things she thought only I would know. It’s like, well, no ex could there. One could know, and so it was. A. It was a really interesting exercise for her. And I wonder. If perhaps Maddocks could do with doing that exercise too.

Yeah, I’m sure. The problem we’ve got too is the holiday. Season’s coming. Up. And you and I both know that the minute the holiday season comes up, the phishing scams, the AI scams and all the scams go up tenfold. What should people be doing to kind of help themselves? A little bit.

Well, I mean we’ve give. The same advice, and I think we’ve given the same advice for decades, which is, if someone’s pressuring you. And there’s some sort of urgency. Then you should slow down and it. I mean that’s a good rule of life anyway. It it. It doesn’t matter what the emergency is and what the pressure is. You could always, if you always take that few seconds to stop and think. If someone’s emailing you out of the blue when they would normally phone well, that should be a bit a warning. If someone’s phoning you and they. Would normally e-mail. If you’re if, if you’re getting a phone call from your bank and the bank is saying this is so and so from the bank, you must give us all of your personal information, which annoyingly banks quite often will do.

Mm-hmm.

And it’s like, that’s just crazy you you can just say ohh sorry. Yeah, 1 moment. What department are you from? You’re from the department. OK, I will put down the phone and I’m going to ring the number on the back of my debit card. Or. Or the number that I’ve got from my bank and I will go through the department. I can always ask for you, can’t I? What’s your name? A legitimate bank, a legitimate company, would be always happy to do that. The second thing to do is just never click a link.

MHM.

And I I I I saw a amusing joke which was that Rick Astley has done more for stopping fish. Thing than any cyber security training ever has because colleagues getting random emails don’t want to be rickrolled.

Wow. Yes.

So they won’t click the links. And I was like, that’s. Brilliant. If we knew more of that. Yeah. More fastly needs to be put in there so we can stop people just clicking links again. Any any links that’s gonna click that requires you to click should probably have some other mechanism. The only time that might not happen is something like a password reset, but then you’ve triggered that action, so hopefully you understand that that’s happening if you get a random password reset e-mail, don’t click it. If you don’t know where it’s from, people do, but just don’t, but. Generally, take your time. Think about it. If you’re being pressured into doing something. And it’s all happening suddenly. You often these really good spearfishing attacks or not. So the difference between a a phishing attack and a spear fishing attack, phishing attack is very generic but stuff is being thrown around. Probably doesn’t have your name on it. It probably doesn’t have any real detail to it. They tend to be a bit more. Not obvious a spear phishing attack is something that’s targeting you and you as an individual, and often in that scenario you’ll find that there’s multiple sources suddenly kicking in. A good example for a spear phishing attack against a website might be that the bad actor would start to DDoS your site. Your sights intermittently going up and down off and then and then all of a sudden you’ll get a high we’re hosting company. Right. No, no, don’t worry. We just need your username and password to get in and we’ll. Fix it for you. That you’re going to your website needs offline, something bad’s happening. You, you, and there’s a person who’s going to fix it for you from your hosting company. That’s great. So you, the and they’ll be pressuring you very quickly. OK. Yeah, obviously we we know you’ll lose and it’s we know you’re losing sales. So it’s your problem. You as the individual are being told no, you’re in danger. You’ve got this problem. We’re here to fix it.

Yes.

Any scenario like that you can just. Go. Stop. That’s OK. Let me just have a minute.

I want to check what’s.

Wrong with my website. I’ll phone back. You obviously phoned the hosting company and the hosting company. Goes what will. Have you ever heard of a proactive hosting company that would genuinely would phone its customers? That’s not ever in the history of that guy’s family happened, and if it?

No.

Need. Do they have? The time to do that but but you know people don’t think like that because in the moment you like your stress levels up. Anything where they can increase your stress or increase your happiness. So the exact opposite is effectively a lottery scam, you know where? Congratulations, you’ve won the lottery. This is where the original Nigerian. Prince style scams came from. Ohh I have this. Large lump of money and I must. Get it out of my bank here in insert whichever country they’re from. I must have it in your country. But I can’t open the bank account in your country. So would you mind taking my money for me? And then when I get to the country, you can give me it and you know even me saying just the. When you got to the scam bar you, you’re screaming. No what? No. But people people for that because.

Yeah, there’s.

They’re getting a windfall.

There’s the employment, there’s the employment.

And really, they they’re gonna. Get to keep all of it.

Yeah, there’s the employment scam where they say we have to send you $3000 to purchase some goods and what happens is you deposit the money goes into your account and then you know you got fraud and the bank says, wait a minute and you’re out that money before it’s out, right. So that’s the scam. That’s a common one. And it just keeps going. The reason these scams work is we need to say it no matter how much education you do, I do the police, do the consumer protection. People do. We’re still falling from and that’s a problem.

I had a a friend who will remain nameless, who a company fell for it. He he works as a he’s an MD of a not a huge company, but a large enough company that they have somebody who does multiple things. And he got a phone call saying, well, I got the gift cards and sent them over to you, but you haven’t acknowledged the. Receipts and he’s like. Gift cards? Yeah, for for the raffle raffle. Yeah. For for. For the Thanksgiving gift raffle. We’re a UK company. Thanksgiving isn’t really a I think we celebrate, particularly we we got. We’re not thankful for anything. It’s dark and depressing at this time. Of year, yeah. But he’s like, so he looked into it and it turned out that this person had been sent a e-mail that was basically looked like it had come from.

Since.

And because of the way that their e-mail was set up.

Up.

It they were able to fake his e-mail address so it looked like it genuinely came from him and it said, hey, Susan, please go and buy 10 gift cards and pass the send them back and and put the codes in, send the codes to me. Now, Susan went. That’s weird. And then he said for the staff raffle for Thanksgiving. Ohh. You must be having a staff raffle for Thanksgiving. Went and bought the gift cards. Which you he gave them the link for a website to go do this.

Ohh no.

And obviously those gift cards. Put the details for the gift cards into the e-mail, sent it back to what that he bought was for them. Obviously the reply to address was not his e-mail, so while his e-mail had been spoofed on the original send, the reply to was off to some random other place.

Yeah.

By the time that they realized that this was the case. Those gift cards have all been spent.

May have been spent in probably his credit card compromised in the process, I would think.

Potentially they’re actually, in this particular case, they just wanted the credit card, they they wanted the cards because what they could do is they could, they basically can. Then there’s several websites where you can take those cards, pop them in and they’ll give you a cash alternative at massively reduced rates. And it’s like an extra barrier along the way.

Yes.

Cause so it prevents any sort of credit any so. Sort of attempt at finding the money, but obviously if someone really was trying by that someone, I mean the police were truly trying. They could go through the steps, but genuinely the crime level was so low that the police aren’t going to do that. And so they know that there’s enough steps that the average. Copper is gonna go. Can’t deal with this. It’s gone.

Right.

Yeah. Off it goes.

Yeah, it’s a never.

These things happen. They happen every single day and you know, there were things she could have done. She could have gone. That’s weird. I don’t normally get e-mail. In fact, if anybody ever emails you saying please do this for me to spend money and you’re a business. Unless you’re the accounting and billing department, the answers probably should be no. Do it yourself, especially if it’s coming from like the chances of the CEO not having a a company credit card is rather slim. Asking you to use yours would be unusual, unless that’s your exactly your job.

Hmm. That’s right.

Is you’re his PA? If you’re a random person in the organization, he is not going to ask you to use your company. Credit card? Yeah, it’s just not a thing that would naturally happen in most businesses, but scammers rely on this scenario where you’re being asked to do a favor. It needs to be done soon because we’re doing it. We we’ve got the urgency we need. It’s for the raffle that’s happening.

So strong.

Yeah.

Today.

June. Yeah. Today we need these cards. You need to send me the details back over because I’m going to be presumably handing these. Felt and that how grateful he is for what? The work you’re doing. So there’s all these, like, hits into the psychology and like, ohh, OK, I’ll go do that. Even though this is something I have never. You know, I have never done before. I’ve never been asked to do before yet for some reason I’m subtly. Typing into the URL. All of this should be red flags. But for many people, it’s not.

I get it, it never ends too. And what people need to do is. Breathe out to 10 and then say ohh worry about this tomorrow when I feel better, right? And so they’re jumping on, they’re going back to the one I was talking about earlier. They can’t the post one. People need to realize in the post doesn’t come out the individual for shipping charges. If you purchase something through somebody, they’ll go after the company, not after you. They don’t do it by by text message even worse. You know South.

I I think it’s made complicated because somewhere along the line somebody will have had for example here customs charges. Can be applied to you at the end of the chain. If someone didn’t play the customer properly, but so you do end up with you with numerous text message scams saying DHL or UPS or.

Of course. 02.

You know, are holding your package. The reality is that almost certainly they’re not and you would be getting that for a different way. And it would have had your tracking number on it. And there will always be telltales. But if you’re waiting for that package. That one thing that you know and you know it’s it’s on its way.

And you need it yesterday, yeah.

Because, Oh my God, it’s not gonna come in time. You’re gonna see a lot of this wrapped up around Christmas time. You’re gonna start saying the text messages that say your package is stuck. You, you, you, you, because there’s a good chance that most people will have a package on. Its way around Christmas time. If you’re in the UK, in America or in Canada or Australia. Yeah, and pretty much any Western country is likely to be this time of year going into Christmas, Hanukkah, etcetera. The gifts will be being sent, gifts will being being ordered. The chances of a package on its way suddenly it’s really high compared to other times of the year, so this scam obviously being felt falling for much more often now than it would be, say, in July, where the chances of you having a package on.

No.

Its way. Yes, that said. Since COVID and are switching very much to working from home, rise of the big is people like Amazon and Amazon’s next day delivery you you’re seeing a lot more packages going around, so there is still a much greater chance that I have a package on the way. This year than there was in, say 2018-2019 where a package would be unique and surprising, whereas now it’s like oh it’s.

Yeah.

The toilet roll.

Yeah, that the fun one I got this morning. Interesting. And cell phones are carriers are getting better. They’re starting to pick up on scams more and more and Google with their AI. I’m on a Pixel phone. It’s picking up on scams even more, but I had one get through this morning and it was your cell phone numbers about to be cancelled in four hours. Uh-huh.

And. Yeah, you’re that going. That’s weird. You’d have thought they would have told me. That said I I was before we got on this call. I was reading a thread on Reddit from someone saying BTC just cancelled my account and then for no reason, BT is the largest, the largest.

British Telecom.

Yeah.

It’s like my my my broadband is gone and when I phoned them up it turned out that the IT they they basically they had two flat flat A and flat B and the people who were moving into flat a.

Doesn’t.

Accidentally gave Flat B’s address. You could like 1 digit difference and somehow BT went yeah.

Yes.

  1. Well, we’ll just do. A change of over it got changed over. And now I. Then this Reddit thread was just people going. BT would have told you it was like, well, I’ve got and I got a text message saying about this connection. It’s like, where did you get that about 20 minutes before it disconnected. And they’re like, well, why didn’t you ring them? It’s like because it was a scam. Looks.

It was like, yeah, I understand. Yeah, yeah, yeah. It it never ends and you wonder, I mean, I was sharing with you without getting into big details that my issues with Google Adwords before we got on this call and I kind of attributed and you know my bank keeps saying ohh it’s fraud and I keep saying I think it was a billing mistake more than anything no more than. Probably, but nobody wants to seem to deal with it. So that’s. That’s a trip to the bank this afternoon. After we’re done with a pile of emails in my hand to try and. Push the bank into coming to a decision faster than they should.

Good luck.

Ohh thank you. You are so kind. Any last tips going into the holiday? How?

Right.

To be careful. Uh.

So we’ve, we’ve, we’ve already covered, don’t click links, we’ve already covered. Wait, wait a little bit, I guess the the final one really is read everything twice. We talked at the start about how it’s like we’re living in a world where people are using AI more. And more but.

MHM.

Just because they’re using AI more and more doesn’t. Mean that they’re still they’re still. It’s fairly obvious that it’s very rare I get a a phishing e-mail that passes through that I look at and go wow. Yeah, if you read this. You wouldn’t notice nearly always when you read the emails, read the text message, something won’t sound or look right, be it the Royal Canadian Mounted Police sending me jury summons. Well, that’s weird. Pretty sure that there’s some sort of, like, judicial thing that says that the police can’t send me to jail. That you have to go to a court. And that might be. Presumed by somebody else, so that sort of logic normally works through you normally can look at an e-mail and go. That’s weird. That’s not my website, or that’s weird. That’s not my bank. I get every day at 3:00. A automated phone. The phone rings. You answer, and it goes. Hello. This is bank security.

Yes.

It’s like. He didn’t even try. Try harder, but someone will fall for that because they didn’t think and they just were like, yeah.

And they and they don’t realize. How did they get my phone number? Well, it’s easy to set up a computer to start dialing sequential numbers. I mean, that’s that’s a no brainer we had. We had back in the day when I worked in healthcare, I had a A comp director he used to be the Queen of Practical Joke. Until I disappear, for we can accept my modem. Up to now her pager and put in random pager codes all night. And then into those practical jokes now what I should also tell you is her husband was the Sergeant on the Toronto police bomb squad and on call that weekend. So he was not immune, Dave. Well, but. But, but that’s what they got for filling my office.

No, I imagine most.

Garbage was on vacation for two weeks. So you know, but, but that’s what I’m saying. It’s not hard to do. It’s you set up a modem and you can do it the old traditional way and the code to to do that to dial random numbers. They’re not even random. They’re just up to sequence by 1 and.

But these things can be relatively targeted. A good example is there was a a a utilities company here in the UK that got hacked. They went, they made the press because they had some ransomware and then the bad actors simply sold all the customer details.

Of course you did.

So. The random web was resolved. Everything calmed down six months to a year later. People were getting phone calls and they were and they were like, hello, we’re from me, but utility company. Ohh yeah. No, of course we know. But I’m going to bring up your account details. Can you just to confirm your last four digits of your account number? Bloody bloody blah. Yeah. Oh, yeah, you like because they had them. Ohh. That is my last four digits. And here’s your just to check. We we we’ve got your address is this? Yes. And the vast majority of people do not move so.

Because I had them.

They dresses, get lots of people felt we we’re going to increase your direct debit. We’re gonna do this. We’re gonna change you over to our new thing, blah, blah. And obviously they get caught up that way. But the really weird thing is they the way to spot that particular scam was that they were actually giving over too much. Information. Yeah, they were being proactive in proving themselves to you. And actually when you looked at the script, the script was so keen to try and prove that they were legit.

Yes.

That they didn’t sound legitimate in the end.

Yeah.

More of a sort of like twist. The same the the original companies Telly sent to, where they did all their phone calls from. The people hired the same firm that managed.

Yes.

Yeah, to do the scam calls.

Hmm.

So it was often the same people who would go from utility company 1 to what appeared to be utility company #2. But utility Company 1 was legitimate and utility company #2 was a scam and their job was to hook people and get them to that state and then take them up to the next person. And it there was a very small group of. Of those who were the actual people, so they would be, they’d get you, they wrote you in with all the bits that they knew how to do, they would not have had a clue that this was happening. And then they said, Ohh, excellent. We, you’re you’re here we can do you a a great deal. I will pass you over to our sales team and then it would go over to the scammers. So the people on The Who were actually. Phoning in that scenario. Were real people reading real scripts? That just didn’t know what that was going. On it was.

Yeah.

What I would suggest is if any company calls you and ask for any personal details, you don’t give them because they should have them. If they’re calling you, tell the the the worst industry to be in right now. It’s the collection agency cause these collectors call and say, can you verify this? No goodbye. I hang up. And not that I owe any bills. But you know, I I advise people and say just hang up.

No, no.

No, you’re not. Give now if you call your insurance company, for example, I called mine the other day. You know, first thing they said to me is can you confirm the e-mail address and your mailing address? Well, I called them so I know. Who I called. I know what number I called. I know what queue I went into. That’s a little different.

Yeah. I mean the overall, if you ever get a call and you are not, even if even the tiniest spider sense ring. Just say ask for the name and department. I’ll call you back on the main number.

Yeah.

If they say ohh you can’t call me back on the main number, they go OK how do I get through to you from the main number? Ohh you can’t. Ohh really?

Cool.

But in a but in a call center like a bank, that’s not uncommon either. They don’t have, they don’t.

Yeah, but you can always get to the department or labor and they there isn’t a call centre on the planet that doesn’t have a mechanism for filtering people across. So you can always say you can you make sure that I get through to you.

That’s great that that is.

I don’t mind waiting.

Yeah. The other thing we gotta remember too is and. And this is the the hard the hardest thing people need to do is just have some patience with this stuff, especially seniors. Seniors are way, way, way, way too trusting because they all want to be nice to everybody. And I think when it comes to protecting yourself. You gotta stop being nice.

I mean, I’m not sure about being nice necessarily, but generally there is a perception of in actually, I would argue impatience, frustration with optimal technology generally seniors that need that little bit.

Mm-hmm.

Of extra time to process. Things that not in and they tend to maybe be hard of hearing. So they’re often asking to repeat things. Yeah. And it’s generally it’s very easy to bamboozle someone who’s hard of hearing in particular.

Yeah. I just.

Because you can say something, then say it just slightly quietly and they’ll their heads, they’re gonna interpret what you said and put it through. And quite often you can be quite embarrassed about that, that you didn’t hear it. So you just tried to skip over. If you’re only hearing every four out of five words and they are, they know this, they can. Playing on it, but they do prey on the fact that generally seniors are not as technology focused and yeah, they can easily. You can be manipulated very easily if you’re not careful and the way around that is to go with the technology that you prefer. Again, banks are not going to necessarily. It it you can still phone the bank back up through the normal route. You might have to go through more steps you might go through the automated systems that might feel painful, but it might be better than the alternative, which is that you get scammed. If anybody’s offering to do home improvements over the phone or doing spoiler or anything like that, anything where that’s specific to you, insurance, pensions. Those are nearly always not done via phone calls, and certainly the out of the blue phone calls, no.

What? No, we need to be careful and thanks so much. As always, please him. And I hope you be careful going into the for this season, US Thanksgiving is next week, Black Friday, coming up, the cams go up like Christmas comes. So go up. It’s New Year comes. They go up. So just watch out what you’re doing them and somebody wants to talk to you. LinkedIn is still the best way, I assume.

Yeah. So you can find me on LinkedIn, LinkedIn slash in Slash Tinashe. Or just look for Tim. Or you can visit my website timnash.co.uk. I tend to work on online security and WordPress security specifically, but yeah, I’m always open to have chat with people, so come say hi.

Thanks, Tim. Bye and have a good day. Appreciate you so much. Have a great one, my friend

Tweet
Share
Pin
Share

Similar Posts

Episode 112 Why You Need A Domain Email Address as a Business
|

Episode 112 Why You Need A Domain Email Address as a Business

ByRob

Show Notes Episode 112 Why You Need A Domain Email Address as a Business…   00:00 Everybody, Rob Cairns here, I’m the founder, CEO and Chief creator of amazing ideas that stunning digital marketing. In today’s podcast, I want to talk about why as a business selling high end services, you need to have a…

Episode 144 – 9 Ways to Protect Your WordPress Website
|

Episode 144 – 9 Ways to Protect Your WordPress Website

ByRob

Show Notes Episode 144 – 9 Ways to Protect Your WordPress Website 00:00 From the center of the universe, Toronto, Ontario, Canada. This is the SDM show with your host Rob Cairns. The SDM show focuses on business life productivity, digital marketing, WordPress and more. Sit back, relax, grab your favorite drink, and enjoy the…

Episode 324: Using WordPress as a Lead Generation Tool With Spencer Forman

Episode 324: Using WordPress as a Lead Generation Tool With Spencer Forman

ByRob

Show Summary Rob Cairns talks to Spencer Forman about using WordPress as a lead generation tool. Show Highlights: Show Notes Hi Rob Cairns here. And today I’m here with my guest, Spencer Foreman. How are you today, Spencer? Good morning. We had a chance to catch up before and we switched to stream yard today….