When Leonardo DiCaprio played famed conman Frank Abagnale, it awakened many in the con experience. In the movie Catch Me If You Can, DiCaprio (as Abagnale) conned flight attendants (pretending to be a pilot), his future father-in-law (pretending to be a lawyer), and even his father (executing a credit card scheme). In essence, the movie showed that identity thefts work best when it is believable.
Hackers are after you because you are a believable identity. You exist. You are real.
With the internet, Abagnale relied on traditional methods, protecting our identities takes on a whole new meaning and a whole new layer of protection. It requires an active effort to guard them. In this age of intense sharing – our names, birthdays, addresses, weekend plans, shopping lists, and the beat goes on – identity as a proxy for scams has never been more tangible.
Don’t let a hacker become you.
Our transparency has become our biggest weakness, as the ability to take the form of another person – real or fake – permeates our lives. All it takes is the click of a link in a phishing email, the oversharing of one critical piece of information, or the leak of one reused password that allows a scammer to fly under the radar under someone else’s persona.
How do we both embrace our digital identities and protect them?
Take a Zero Trust Approach
Zero trust is a concept that has taken hold in the security community. It may be the buzz word of the decade, and you’ve probably heard it a million times, but it is relevant in today’s measure to stay secure. The fact of the matter is this: you can’t really trust anyone.
In your business, that should be the baseline at this point, but it’s high time we all start adopting this as our baselines. Before giving anyone access to your information, verify that they are who they say they are. Please confirm that your information won’t be shared with people you didn’t intend to share. Your data is currency, and in the wrong hands can cost you in more ways than one.
Think Before You Click
Worldwide, email scams are costing businesses and consumers well over $12 billion annually. This number is a testament to how a simple link click can have a tidal wave effect. The best course of action is to scrutinize every email you get to hover over links before clicking and don’t enter information into forms without being sure that you’re not handing over the keys to your digital identity in the process. Phishing emails are not slowing down either. A few months ago, a phishing simulation conducted by a Verizon DBIR contributor found out of ~16,000 people almost three times as many people not only clicked through a phishing link, but also provided their credentials to the simulated login page. The fake emails contained information about the coronavirus, tapping into fear about any world event is a common trojan horse scammers use, but it can happen to anyone at any time.
A top phishing expert once fell for a phish because he is a champion Amazon shopper and was tired when the email came in and legitimately thought this credit card was declined. Long story short, it wasn’t, and he had to do A LOT of damage control in a short amount of time. Even if you are tired, even if you think it is secure, repeat this mantra after me: think before you click.
Much like we protect ourselves from the risks of the physical world elements with layers, protecting yourself from being a target in the first place is vital. Making things harder for scammers means you are less likely to feel the shockwave of consequences if you fall victim to a scam.
Those layers include keeping your software up to date, using two-factor authentication, and merely slowing down and thinking before acting. The other key to this is to think like a snake: shed your old skin. What we mean by this is take a shredder (or if you don’t have one use scissors and tear your old sensitive documents to pieces.
These days, it takes little effort to believably shapeshift into another person, as the costume and theatrics are mostly no longer necessary. And so, it has never been more critical than right now to see identity as the agent of our futures, the future of our businesses, and then, protecting it fiercely. Make Frank Abagnale proud. He now works for the FBI—he traded his black hat for a white one.
- Catch Me If You Can: How to Protect Your Identity in the Modern Era - October 28, 2020