What, you don’t have a cyber super hero identify? Cyber villains are on the loose and armed like never before. Equifax + Alteryx = your mere mortal identity information is on the loose. And the cyber villains are using everything they can find in the wild to launch their attack!
If we take a page from the latest super hero films from DC (Wonder Woman and Justice League) and Marvel (Spiderman: Homecoming and Doctor Strange), we can see how having an alternate identity can help you protect your real identity and do your part to rid the world of the cyber villains that lurk in the shadows.
You and your family are prime targets for global cyber villains looking to empty your personal investment accounts along with any business-related banking accounts.
Learn from other victim’s oversights so that you are not next! Here is how it started for one victim…
First, the cyber villain, The Imposter, selected his target, the highly reputable and well-known Dr. Civilian. The Imposter then contacted the doctor’s internet server provider and social engineered the customer service representative that he was locked out of this email account. But before he could do this, he searched the internet for previously leaked personal information on Dr. Civilian.
Once in the doctor’s email account, The Imposter determined where he held his investments and which credit card company he used. With this information, the villain then social engineered the investment company representative to transfer all of the assets into The Imposter’s account.
While Dr. Civilian did not have strong authentication set on his accounts, his investment company did leave him several voicemails, since the transaction was abnormal based on the doctor’s previous activity. This time, the cyber villain was thwarted by a single phone call made by Dr. Civilian between seeing patients.
Unbeknownst to Dr. Civilian, The Imposter was also manipulating the customer service representative at the doctor’s credit card company. Once again, the doctor received a message that new credit cards had been ordered and would be shipped to a new address that was not on file. The villain was thwarted again. Or so he thought…
Because of the account compromise, the company issued Dr. Civilian new credit cards. The Impostor logged into the doctor’s online shipping account and changed the destination in his favor.
Several days later, after not receiving his cards, the doctor became suspicious. He called his credit card company to find out why the credit cards had yet to arrive, only to find out that shipping address had been changed and the delivery signed for. Various large purchases had also been made in his name.
Dr. Civilian had enough. He had patients’ lives to save, and no more patience for The Impostor. It was time for Dr. Civilian to become… The Protector. His first task was to assemble his cyber hero utility belt.
But what did he need? Cyber crime fighting gear, of course.
- His first tool was a password storage utility. The Protector used the safe to auto generate strong, unique passwords for each of his account.
- His second tool was Multifactor Authentication (MFA) enablement. This way, next time someone got hold of one of his passwords, it would not be enough to compromise his account.
- Next, The Protector called his financial institutions and had them enable voice and phone printing, along with lowering limits on all transfers. Now, with this third tool in place, The Impostor’s malicious future attempts would fail.
- Fourth, The Protector changed all of his security question answers to nothing that would resemble the truth. Because of prior security breaches, true identity information could easily be found online. He stored the untrue answers in his password storage utility.
For his final addition to his cyber hero utility belt, The Protector committed to tell all who would listen how to protect themselves from the evil cyber villains everywhere.
Here are some tools to help you assemble your own cyber hero utility belt…
- For secure password storage tools, take a look at LastPass, PasswordSafe, LogMeOnce, or KeePass.
- To manage your MFA accounts, try Google Authenticator or Microsoft Authenticator.
- Voice and phone printing is a bit more difficult, because it is out of your direct control. Call your financial institutions and ask them to enable these features on your accounts (thank you Pindrop). Then lower your transfer limits.
- For your new answers to your security questions, use you cyber super powers to change your security answers to something illogical and keep them in your password storage tool of choice.
And lastly, spread the word and remember to use your cyber super powers for good!
