Tech Talk Newsletter – October 2016 – Social Engineering

it support newsletter

Featured Article

The One Hack No Tech Can Stop

You can defend your data with all the latest and best technology. But if just one team member gets tricked into giving away the keys to the castle, it’s game over. Hackers know this. And that’s why so many use social engineering to break in.

And it’s not just the big companies you hear about on the news.social engineering On February 3, 2016 a suspect posing as the CEO of Magnolia Health Corp. obtained a spreadsheet with sensitive data about their employees. On February 23, someone posing as an employee of Central Concrete Supply Company obtained confidential W2 records and disappeared with them.

In a 2011 survey, Check Point Software Technologies found that nearly half of the companies surveyed reported one or more social engineering attacks resulting in losses ranging anywhere from $25,000 to $100,000 per occurrence.

Unfortunately, there just aren’t any whiz-bang tricks or tools that will automatically prevent a clever “social engineer” (SE) from breaking in. The keys to protection are awareness and vigilance. To help you know what to watch for, here are five common ploys – and how to deflect them:

Familiarity – In this type of scheme, the hacker becomes familiar to an employee. Social networking sites can reveal an employee’s schedule and favorite hangouts. The hacker might then frequent the same bar or restaurant. After a drink or two, some key fact may slip out… The best way to bust this ploy is to be careful to not get lulled into a false sense of security around people you haven’t thoroughly vetted.

The Consultant – A social engineer poses as a consultant for hire. Once they get the gig they can scoop up all the info they need from you and your team because of their seeming authority. Watch for this especially with IT consultants. Do NOT trust blindly. Vet every consultant, and never give all the keys to the kingdom. Just because someone has the skills to fix your server or network doesn’t mean they won’t steal your data. Vet thoroughly, and, as Ronald Reagan said, ‘trust but verify’.

Piggybacking – The SE waits by a secured door for someone to use their passcode and enters right behind them. Or the SE strugglessocial engineering with a heavy box and asks a legit employee to hold the door open for them. Being kind and helpful, the employee helps the SE right into the building… free to do as they please. To foil this one, never forget the dangers of allowing a stranger in without proper clearance.

The Interview – Key information often escapes during interviews. A smart social engineer will gain an interview and deftly pick up all the information they need to hack into your network. Make sure any data provided during an interview offers nothing in the way of secrets. Keep the conversation light, or even superficial to avoid leaking critical data.

Angry Man – You may have seen this on TV… Somebody has an angry tone on the phone, or is grumbling to themselves as if they’ve just had an argument. We all tend to avoid people like that. Enough people avoid them and the way is cleared into the heart of the company – and your data. Don’t go along with it. When you see this exploit unfolding, call security.

The key to preventing social engineering attacks is a well-trained workforce. You and your people may be your company’s greatest asset. Yet without regular, proper training, human beings can be the weakest link in your company’s data defenses.

Here’s how to protect your network from a costly cyber attack

As a fellow business owner in the Saint Joseph area, I’d like you to take advantage of my extensive research and experience in protecting data networks for small and medium companies. My business owner’s guide, The Top 10 Ways Hackers Get Around Your Firewall And Anti-Virus To Rob You Blind steps you through 10 ways to protect your company from the coming deluge of cyber attacks we can expect over the next several years and beyond.

Call us today at 816-233-3777 or email codyc@tsconard.com to get yours, FREE. We look forward to sending you this valuable guide right away.


Help Us Out And We’ll Give You A kindle fireBrand-New Kindle Fire For Your Trouble

We love having you as a customer and, quite honestly, wish we had more like you! So instead of just wishing, we’ve decided to hold a special “refer a friend” event starting now through the month of November.

Simply refer any company with 10 or more computers to our office to receive a FREE Computer Network Assessment (a $300 value). Once we’ve completed our initial appointment with your referral, we’ll rush YOU a free Kindle Fire as a thank you (or donate $100 to your favorite charity… your choice!). Simply call us at 816-233-3777 or email us at codyc@tsconard.com with your referral’s name and contact information today!


Guest Article

The Myth of Multitasking… And What To Do Instead

By Mark Sanborn

mark sanborn“My kids are natural multi-taskers!” a friend exclaimed. She bragged that they could listen to music, watch TV and do their homework all at the same time. She might have been proud of their efforts, but she wasn’t accurate about their abilities. Research has concluded that it will take her kids longer to do their homework and likely they won’t do it as well.

We think of multitasking as the ability to successfully perform more than one activity at the same time. It has become a seemingly ubiquitous phenomenon like walking in the park while talking to a friend. But there is a difference: walking doesn’t require our cognitive attention, so we are free to concentrate on our conversation. Other situations are more complex.  For instance, it’s a different matter to read a book and listen to a lecture.

In reality, what we commonly refer to as multitasking is the rapid shifting of attention from one task to another that creates the illusion we are performing them concurrently.

Nancy K. Napier Ph.D., in her article, The Myth of Multitasking said, “…much recent neuroscience research tells us that the brain doesn’t do tasks simultaneously, as we thought (hoped) it might. In fact, we just switch tasks quickly. This rapid switching of tasks makes us prone to error and ends up consuming more time than if we undertook one task at a time.

Workplace demands often create the perceived need to continually switch tasks. That makes people less effective. The ability to do a thing well and quickly requires full attention, and the myth of multitasking prevents that from occurring.

Success in any area is a function of the capacity to pay attention. Isaac Newton, for example, credited his success and discoveries as “owing more to patient attention than to any other talent.”

So what can you do? Here are some suggestions:

  • Stop fooling yourself. You’re not truly multi-tasking, you’re task switching. And that’s fine if that’s what you want to do. But there is a better way.
  • Block uninterrupted time to work on important projects. Aim for at least 30-60 minutes without phone calls, walk-ins or other distractions.
  • Choose to focus your attention on one thing at a time. For example, at your next meeting, try listening to others rather than glancing at your smartphone or jotting unrelated notes.
  • Give people your undivided attention. While it sounds cliche, it is difficult to do, but the payoffs are big. Not only will you improve the interaction, but you’ll demonstrate the regard you have for the other person.
  • Consciously avoid demanding others to multi-task. Don’t interrupt a colleague involved in another activity to make a request. Pick (or schedule) times to interact when the other person isn’t distracted by competing demands.
  • Read Cal Newport’s book, Deep Work. It is one of the best books I’ve read in recent years and will provide many insights and tactics you can use to beat the myth of multitasking.

Mark Sanborn, CSP, CPAE, is president of Sanborn & Associates, Inc., an idea studio dedicated to developing leaders in business and in life. Mark is an international best-selling author and noted authority on leadership, team-building, customer service and change. Mark is the author of 8 books, includ-ing the best seller The Fred Factor: How Passion in Your Work and Life Can Turn the Ordinary into the Extraordinary, which has sold more than 1.6 mil-lion copies internationally. Learn more about Mark at www.marksanborn.com.


Useful Tidbits

Could your next laptop be immune to malware, update in seconds (rather than minutes or even hours) and cost only $300? That’s what you get with Google Chromebook. The fact is, if you spend most of your computing time in a web browser, you don’t need a whole lot of software. And you certainly don’t need to pay thousands for a laptop. Chromebook is a stripped down, lean machine, with very little fancy hardware. No rocket science is needed to fire it up and keep it running fast. Just get online and go. Whether you spend your time on LinkedIn or Facebook, or just need a way to check email and work in Google apps, a Chromebook might be the best laptop for your money. PCmag.com, 07.27.16


These 3 apps help you pack like a pro – in 30 minutes or less. TrackDot tracks your luggage so you know where it is at all times. No more time wasted worrying if it’s lost. DUFL is a storage and delivery system that lets you keep all the clothes you travel with in its warehouse. That means virtually no more packing. Just use their app to pick the items you want for your next trip and they’ll be waiting for you when you arrive. PackPoint helps you keep packing lists and select just the right items you’ll need for each trip. Based on weather, location and planned activities, PackPoint suggests what to bring and lets you view your list across all of your devices. Inc.com, 07.13.16


Are you seen as an esteemed leader – or a madman talking to yourself on LinkedIn? With an average household income of $85,000, LinkedIn users are an audience worth wooing. Yet if your posts aren’t being read, why bother? Here are three ways to get read – and be seen as a leader. 1) Clip popular article titles from LinkedIn’s Pulse. Store them in a text file and model yours after them. 2) Promote your posts to influencers in your niche. Quote influencers and tag them when you publish. Odds are, they’ll promote your article to their audience. 3) Recycle and reuse evergreen content from your articles for months or even years. Do these three things to be seen in a better light on LinkedIn. Entrepreneur.com, 05.03.16


Turn Google into the ultimate to-do app. If you get a kick out of trying every new productivity app and strategy, you could spend long hours getting very little, well… actually done. Yet with a trio of Google apps, you can spend less time futzing and more time doing. Calendar lets you drag and drop to-do items into actual date and time slots with reminders. Which means they’re more likely to get done. With Keep you can store notes and reminders. You can type, handwrite or voice record them, then add them to Calendar. InBox lets you breeze through email, turning each message into a to-do or Calendar item with a reminder. Oh, and did I mention, all three apps are free? Wired, 07.27.16


Want to attract top talent? Here are three tech tools to lead the brightest and best to your door. TopTal (toptal.com) has a knack for collecting the cream of the crop in each niche. It screens them for you, saving you time and money. AngelList (angel.co) lets you post a profile with your company’s mission, culture and values. Make your profile amazing and promote it to attract the best candidates. Facebook, Twitter and Linkedin are still top watering holes where you can build a following. The best people hang out where they can improve themselves. Add a blog, podcast or social networking group where people can better themselves and the best players will appear in your audience. SmallBizTechnology.com, 07.12.16

social engineering