A Funny Thing Happened on the Way to the Office
I try to make most of my blog posts about current legal issues in the area of cybersecurity and data privacy because so many businesses do not fully understand cybersecurity, how it works and what they can do to protect their company. As my law partner often says, cybersecurity is like pandora’s box and many companies do not want to open that box because they are scared and do not know what is inside. However, this is not that kind of post. I am angry. And really, more than angry, I am upset. And why may you ask?? Simply because I received a telephone call. HUH???
Yes, I was on my way to the office on Friday morning. Trying very hard to stay focused because I had not yet begun to consume my gallon of coffee that I need to get through a morning after I go through the gauntlet of getting children ready for school, when I received a phone call from a caller whose contact information was not in my contact list. Now, usually I do not answer calls from a number that I do not recognize, but as previously stated -- no coffee. So I politely answered the phone and the voice on the other end replied, not with the usual pleasantries, but with a sharp, “who is this?” Now I am coffeeless AND annoyed. I reply, “you called me, who is this?” The woman on the other end of the line then proceeds to tell me that I have been calling her several times every day and hanging up.
I tried to, politely, tell her that I did not and that perhaps there was an issue with the lines getting crossed with another cell number when she said, “give me your name, I will screenshot the call history and send it to you to show you that your number is calling me.” And BAM! I knew exactly what was going on. I told her she did not need my name to send me a screenshot since she already had my number. Then I told her I was an attorney and that was the end of the conversation. I do not usually pull the lawyer card, but I knew it would scare her because she wasn’t getting calls from my cell phone. (A fact I later confirmed when I had a diagnostic test run on my phone and I contacted my carrier to see if they were showing calls from my phone to this random number).
This caller wanted to get me to start to give her personal information. Piece by piece, she would get me to reveal personal details about myself through this phone call, and maybe other calls from another number because this person now knows my phone number and my name (and knows that there is a live body on the other end). This is always how it starts and a less, shall we say aware person (or, in my case, a less paranoid person) would likely start to give this person on the other end of the phone information. A name, the town where you live, if you are married or not -- the details start to trickle out.
We, as Americans, have a culture of transparency. This is fabulous. It makes us kind and welcoming, but it also makes us more susceptible to cybercrime and identity theft. And there are certain segments of our population that are more vulnerable to this type of phone scam than others: the very young, or those of a different generation that did not grow up in a time when people stole your identity. The AARP conducted a study on fraudulent telemarketing and found that of the 26% of individuals who are victimized, 57% of those individuals are over the age of 50. So, if you will indulge me for a moment, I will put on my tin-foil hat and dispense some common sense tips to help everyone avoid becoming one of these statistics.
First, courtesy and manners are always in style but that does not mean you have to give a person you don’t know (and can’t see over the phone) your life story. Do not give someone personal details about yourself, including your name. Even if they claim they are calling from a store or service you frequently use. Get their name and call the main number of the establishment and ask for the person. If someone you don’t know is calling you to strike up a conversation, chances are it isn’t because they are interested in making a new friend.
Second, don’t click on links, or respond to an email that was sent to you from someone you don’t know or can’t confirm. Always independently confirm everything whether you receive a phone call or an email. Identity thieves would prefer that you just give them your personal information rather than hack into a system to steal it. Don’t make it easy on them.
And for that matter, take a page out of the European play book: value the personal information about yourself. All those little details make up who you are (and frequently are the secret answers to the questions from your bank to access your accounts), so don’t feel bad about not wanting to share. Also, don’t fill out online surveys or or little social media quizzes. That information can be strung together to make out the complete picture of you And the complete picture of you is VERY valuable to cyber criminals on the dark web. No one needs to know the name of your first pet or your mom’s middle name. And teach those around you not to do these things too. We teach our children not to talk to strangers, so DON’T TALK TO STRANGERS. And don’t just stop at your kids, teach older individuals in your life to be wary of these strangers as well.
Cybersecurity is not just for businesses. If Equifax taught us anything, it showed us that we are all personally susceptible to cybercrime. Employ the same smart techniques at home that you do at work. Because, when it comes to cybersecurity and protecting your family- Luck Favors the Prepared!
* * * * * *
Nothing contained in this blog should be construed as creating an attorney-client relationship or providing legal advice of any kind. If you have a legal issue regarding cybersecurity, domestic or international data privacy, or electronic discovery, you should consult a licensed attorney in your jurisdiction.