A big Thank You goes to Laura Transue! Thank you for sharing your experience experimenting with AI. Your inspiration gives me inspiration. Hopefully, we will inspire others.
The past two weeks we have deconstructed how some scam's work. There are social aspects, very personal aspects, some effective means of pressure and increasingly the use of AI.
This week, I would like to shift focus to other rackets currently making the rounds. Many scams may start with an “accidental” contact. If you are like me, you get the occasional wrong number text, or maybe “haven’t heard from you in a while” text. Some of these are simply what they seem, wrong numbers. Some are not.
Getting into the Halloween state of mind, let us start off with the Pig Butchering scam. The concept is essentially as it sounds. Contact is frequently made by accidental contact...” Since I have you on the phone...” the scammer will gain the victim's confidence with small investment opportunities or purchases. These continue to increase in value while the victim’s stake is fattened.
Frequently, there is an app that the scammer pushes, enabling the victim to make payments and purchases easier by attaching credit cards and bank accounts. When the victim starts to falter with available funds, the scammer will encourage the victim to borrow money from friends and family, cash in investments, and retirement accounts. Lastly, when the victim starts questioning returns or the scammer feels they have exhausted the victim's resources, they disappear with all the proceeds and cease communication.
There are many versions of this attack. In fact, they are so prevalent I recently received a notice from one of my banks. Listed prominently in the number two spot was “Investment Scams.”
Cybersecurity has been and is an increasingly important part of our lives. So far, our scope has been primarily on the individual. What happens when we widen our view to look at the organization or sector?
Cybersecurity is a careful dance between willing compliance and revolt. School settings tend to be more difficult environments to exercise alignment between federal guidelines and scholastic reality (Gedeon, Joseph; Cyber is getting schooled).
Multi-factor authentication is one of those topics that is a hard sell. Even here at Rutgers, compliance needed to be mandated, and conversations remain as to whether phone calls, SMS texts, and the DUO app are all acceptable means of MFA.
Sector-specific vendors are also a major concern. Security by design development is a vast minority of the options available. Return on investment is a bigger concern. This may seem like a minor issue; after all, businesses aim to make profits. However, vendors and industry-specific websites are prime targets for cyberattacks.
And they do make spectacular headlines.
- The water company was hacked!
- Weakness in Water Cybersecurity
- The power grid is compromised!
- Hospitals diverting patients due to cyberattacks!
To sum up, please protect yourselves. Remember to be situationally aware. Offers that are too good to be true, always are.
Security is everyone’s responsibility. When sourcing solutions to work problems, perform your due diligence. DoCS and Rutgers are counting on you!