Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity: AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Cybercriminals going old-school and Mass businesses in for Bad News come January.

AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Cybercriminals going old-school and Mass businesses in for Bad News come January.

Dec 3, 2019

Welcome!

Good snowy, snowy, snowy, snowy morning everybody! You know, I can't remember too many snowstorms we've had up here that we're this bad. It's kind of crazy. Anyhow, come as it may. I was on with Mr. Jim Polito this morning. We had a chance to talk about two big items in the news. We discussed how cybercriminals using an old tactic and what will happen to businesses in January when the Massachusetts updated privacy law goes into effect. Believe me, guys, this is coming your way. We expect in 2020 to have the majority of states, if not the federal government, forcing these types of laws down our throats. They are reasonable, in some ways, for consumers but are totally destructive to businesses. So here we go with Mr. Polito,

For more tech tips, news, and updates visit - CraigPeterson.com

---

Related articles:

Cybercriminals return to old-school ID theft tactics

Upping your Incident Response Game -- New Regulations coming

---

Automated Machine Generated Transcript:

Craig Peterson
Good morning everybody is snowy, snowy, snowy, snowy morning here. You know, I can't remember too many snowstorms we've had up here that we're this bad. It's kind of crazy. Anyhow, as it may. I was on with Mr. Jim Polito this morning. We had a chance to talk about two big items in the news. Now we talked about the Massachusetts updated privacy law. Believe me, guys, this is coming your way. We expect in 2020 to have the majority of states, if not the federal government, forcing these types of laws down our throats, which are reasonable in some ways for consumers but are totally destructive to businesses. So here we go with Mr. Polito,

Jim Polito
Our tech guru Craig Peters on Good Morning, Sir

Craig Peterson
Hey, good morning. What you made it to the news again? Did you see on the weather channel? They said there was a little bit of snow.

Jim Polito
Oh, yeah, we did, they didn't show Springfield they showed us. So cool. How do you like that? That's pretty good. That's if it has to be for something you know, as opposed to like a murder or something, you know, we'd rather it not be that. Hey, yeah, I read your stuff. I mean, this is fascinating. We got two things we've got to try to focus on today. The bad guys are going back to snail mail. I love that ID. That's the ingenuity of criminals. Then the amended data breach law in Massachusetts, and so we got to get into that, but This fascinates me. Tony and I were talking earlier. You know, we're all sitting here worried about our identity being stolen somebody getting our credit card information or social security number hacking into our phone. But the bad guy says, oh, nobody's paying attention to their mail anymore. Let's, let's rip them off with snail mail. I mean, you gotta, you have to respect the genius of that criminal mind right. Now, how many times have we heard it said. Man, if these guys just put their mind to it?

Craig Peterson
Right if they put their minds good, they're like the real business people because business people always look for opportunities for markets that are underserved and things like that. However, nobody's paying attention to snail mail anymore. Let's rip people off there.

Jim Polito
However, nobody's paying attention to snail mail anymore. Let's rip people off there.

Craig Peterson
So here's how this whole thing works. Jim, you have your information online, and it's you know, starting Everywhere this public records that show the home you own how much you paid for your signature, right? So now they've got pretty much everything they need to fake your identity. You know the mind that was Equifax, right, and everybody else. If they go ahead now and they open a credit card, buy a car, buy a house, they do whatever. Ultimately they know that you're going to end up getting a letter, a US mail saying, which is a statement. It's a statement on that car that you bought it, you know that you have to pay for that house, it's for that loan. So what they're doing is they're saying, well, we got to cover our tracks a little bit better here. So they are filing with the United States Postal Services, mail forwarding notices. Wow, that you're here. The mail that you get sent because they opened the fake credit card in your name or real credit card, I should say your name. That statement is not going to end up at your house, that car mortgage, all of those things are not going to end up at your home. And so what happens now is about three months later, a tow truck shows up in your driveway, ready to pick up that brand new Porsche, whatever it is that you supposedly bought. And that's the first time you even hear about it. Oh, boy,

Jim Polito
It is not good. So that's genius. Because they go out, get a loan on the car, take possession of the car, and then the repo man says, okay, hey, they're not paying their loan. I mean, the repo man gets hired by the creditor and goes out to your house, and it's like, there's you beat up old Chevy. Right in the driveway. Yeah.

Craig Peterson
So they're knocking on your door. What a feeling in your gut, right? With those yellow lights flashing outside, you're trying to figure out what the heck is going on. So the cybercriminals have focused like a laser now on ID theft and Financial Times. We know now that business email compromise is over $20 billion. These guys have stolen cash from businesses. Now, they realize that the consumers who are out there are just not paying attention. It is true for most of these businesses, too, because it's not going to happen to me. I've got this crappy old car in my driveway. Who's going to do anything here? We've heard about some of the scams regarding our homes because so many states have our homes, mortgage information listed on public websites. And so now what they're doing is they know who owns it etc., etc. So they will file paperwork with the county saying, hey, this house is just sold they send in fake paperwork now and instead of your credit bit, you know, maybe you and I, we could buy a $5,000 car, right? If you count the home that so many of us have worked so hard for so many years, think of our senior population in our homes Now, that might be worth a half a million dollars that you know, we paid a lot less than that back in the day. Now all of a sudden, this paperwork gets filed with the county shame that you sold your house for X dollars, and now they have access to hundreds of thousands of dollars of credit in your name secured by your home, and then the sheriff shows up for that one. So this is this has been a real problem.

Jim Polito
We must keep an eye on the second you notice, Hey, I got an email in a couple of days. Yeah, you might want to pay attention.

Craig Peterson
And keep an eye on your credit. Now, every credit card that I have has a free service where they will update at least monthly your credit score. You don't have to do anything more than that. So you checked your credit score with your credit card company. It does not hurt your credit rating to check it with your credit card company because they want to check that, anyway, right? So keep an eye on that, and your credit score changes. Make sure it's for a good reason because if these guys take out a loan in your name, it is going to show a hard hit on your credit score, and it's going to show a new loan, and you got to start handling this immediately.

Jim Polito
We're talking with our good friend Craig Peterson our tech chalk guru. At the end of this segment, we're going to explain to you how you can get your hands on this information from Craig free, no-obligation, he will not annoy you. BTW, it's nice to have him on your side, because when there's a significant data breach, he's always got the answers on what to do. And speaking of data breaches. So in the Commonwealth, I guess we have a law addressing how companies should deal with a data breach. And that law has been amended, correct?

Craig Peterson
Yeah, we are seeing these data privacy laws getting put in place all over the world. Now, of course, you probably heard about the GDPR, which is the one over in Europe, and California just came out with theirs, and it's going into effect next month. That is almost the same as the European law, and the Commonwealth decided they would update their le to be as draconian as possible. Now, what's going to hurt everybody here, frankly, is the businesses, and it could hurt them in a very, very big way. Because most companies are not handling data appropriately. Here's what that all means. There's an update to the law here in Mass, and they are trying to highlight the importance of having a documented process surrounding all the aspects of security and risk mitigation. What to do after a breach. You're supposed to take reasonable steps to notify people of the attack, and this is already in the law. We've got to have something they call a WISP, which is a comprehensive written information security program. And they have updated the notification process in there as well. Now what is quite scary to me about this is that seventy-seven percent (77%), according to IBM Security, of business organizations do not have a company-wide cybersecurity incident response plan. So that means, as of day one, seventy-seven percent (77%) of organizations here in the Commonwealth will be out of compliance with that law. It is a very, very big deal, okay. And this is the kind of the LeapFrog problem we've had forever with technology. Technology goes ahead, and the laws lag. Then laws get put in place, you know, with all kinds of stupid requirements that aren't necessary, but you know, it's a knee jerk lawmakers trying to do something. Then technology tries to catch up. As consumers, there are a lot of good things that this law does. Do I want to have businesses that contain all my information to know about? So what we did, Jim, about a year ago, I offered a cyber health assessment to companies for free. We had, like, 1000 of our listeners apply for these things, it took a few months to get them all done. Yeah, it was phenomenal. I will extend that offer again if there is a company, a small business out there that wants us to do one for free for them. I will tell you, everyone I did showed significant issues. I expect that to be the case, you know, 77% by this IBM study, I can see, okay, because they're going to cross the board. If we get into the Small Business space, like less than 10-15 people, forget about it. There is no way they can comply with this law. They don't even know what to do. They don't know what they have. And they're going to get nailed. The smaller companies, who have been hammered by this so far, have been put out of business. Bye-Bye. All right.

Jim Polito
It is a huge issue, and all of this information is available. All you need to do is text My name, Jim to this number

Craig Peterson
855-385-5553. So. just text and JIM if you want to get on my list or if you're interested in one of these cyber health assessments, text CSAAP at 855-385-5553

Jim Polito
Standard data and tax rates apply as usual. You're like, you know what you're like Santa Claus coming with a big sack full of all of that vital information to protect us, Craig, and we appreciate it. Thanks, Jim. All right. Talk to you next week. Craig Peters on everybody. Don't forget the standard data and tax rates apply. But you should do that. He will not hound you. He will not hack you. He will not sell your information. Okay. Very important. Final Word.

Craig Peterson
Thanks, Jim. All right. Talk to you next week. Craig Peters on everybody. Don't forget the standard data and tax rates apply. But you should do that. He will not hound you. He will not hack you. He will not sell your information. Okay. Very important. Final Word.

Jim Polito
All right. Talk to you next week. Craig Peterson, everybody. Don't forget the standard data and tax rates apply. But you should do that. He will not hound you. He will not hack you. He will not sell your information. Okay. Very important. Final Word.

Craig Peterson
All right, everybody. Here's what I want you to do. Now. If you are a business owner, if you work at a business, double-check with the boss. Maybe the IT people, but I'd say the boss. Ask them, "Do we have a comprehensive incident security plan for our business?" Because if you don't, then you're in big trouble. It isn't just what we're talking about here, which is governmental regulation and oversight. No, no, no. We're also talking about your insurance companies who now require one of these company-wide cybersecurity incident response plans and comprehensive written information security programs in place to pay out the insurance claims. Make sure you have these in place. Hey, I can help you with those. I got tons of stuff, and I am thinking about putting together a course on how to do it. Let me know if you think it might be worthwhile. Just send an email to me at Craig peterson.com. Alright, everybody, thanks for being with us. Take care. Bye-bye

Transcribed by https://otter.ai

---