Feb 14, 2020
Welcome!
Today there is a ton of stuff going on in the world of Technology and we are going to hit a number of topics today. There are some scams that are getting more and more prevalent with Airbnb and VRBO that we will talk about. Also, phishing scams using the Coronavirus as a way to trick you into clicking. The ACLU is filing suit against DHS. China is stealing our Intellectual Property. Shadow IT becoming more and more of a problem and even more on Tech Talk With Craig Peterson today on WGAN. It is a busy show -- so stay tuned.
For more tech tips, news, and updates visit - CraigPeterson.com
---
Related Articles:
Is it possible to secure our Elections using Technology
The security mistakes made by the Iowa Democratic Party in creating their App
Coronavirus bringing out opportunistic Hackers
Extensive US Intellectual Property theft by Chinese being investigated by FBI
Scammers have found a fertile field in Airbnb
DHS wants to track illegal aliens using available cell-phone location data. ACLU says Whoa!
Shadow-IT: Employees putting Business at Risk
Ransomware rings adapt to business declarations by Revealing Stolen Data
---
Machine Automated Transcript:
Hey everybody, welcome, welcome. Craig Peterson here on WGIR,
you can also hear me every Monday morning at 737 with Jack Heath,
where we discuss some of the latest topics in technology. Of
course, nowadays, you can't talk about technology without security,
which is what I've been doing in my business now for about 30
years. I was coerced into it. Maybe one of these days, I'll share
that whole story with you. It can get to be kind of a long one. But
today we are going through some of the problems that I've seen out
there lately. I have on my podcast this week that you can get at
Craig peterson.com slash Iheart, Craig peterson.com slash Iheart. I
spent quite a bit of time talking about recent problems people have
been finding with Airbnb with VRBO, and I go through some of the
problems I recently have had with both of those services. And I
think it's well worth listening to because I've gotten to the point
right now where I will not use either Airbnb or VRBO, I don't think
ever again. My experiences with them have just been so
overwhelmingly negative, anyhow you'll find that online, and you
can subscribe there as well at Craig peterson.com slash I heart.
That like is going to take you to the I heart app. You might be
listening to me right now, in fact, on Iheart streaming on these AM
and FM stations. If you are, kudos to you, but you can also get all
of my content by going and subscribing, Craig peterson.com slash I
heart, and I'm also on every other major podcast streaming platform
that's out there. But first, I just want to make mention of this
other article that came out last month in January. It's talking
about computer literate millennials and Generation Z. These are the
people that grew up with the internet. They've had the internet
pretty much their whole lives. They've found meaning the Federal
Trade Commission found that people ages 39 and under are more
likely to report fraud than the 40 plus crowd. Now, here's the
thinking here. It isn't that the younger kids millennials and
Generation Z, it isn't as though they are less afraid to report
that money stolen from them. It appears that they are more likely
to fall victim to fraud. 25% more likely. Now the millennials are
less likely to fall for a scam over the phone and people over 40,
but 77% More likely, Millennials are 77% more likely to get duped
by email scams and 90% more likely to lose money on a fake check
scam. Now, the thinking behind this is that those of us who are a
little bit older, we hold the whole internet thing with a little
bit more skepticism than our children and grandchildren do. Because
we know that there are scammers out there and we've heard all the
horror stories, whereas the younger kids are looking at it as well.
It's the internet, and they just give their stuff away. We already
know that there are studies that show that the millennials will
give their email address or weigh in trade for a single donut.
Okay. They don't value a lot of this stuff. And, you know, to me,
well, it's a little bit concerning, and it should be to you. But
let's get into the latest scam that's out there right now. It isn't
the Airbnb scam, which has been out there for a few years now. As I
said, hey, I've been burned, what, four or five times by this
overall personally. I am jaded, and I just don't use it anymore
period. It's a real shame because there are some good people out
there. But this has to do with what's been happening with the
Coronavirus. It is a huge deal. We had one day this week, where
15,000 new cases were reported. The Chinese changed how they
tracked and diagnosed cases. So they're saying hey, listen, it's
you know, it's Change. Don't expect this to indicate that more
viruses are spreading out there. And frankly, I look at it and say,
Well, maybe there are there aren't. But what we're seeing are some
rather sophisticated phishing scams going on. Phishing, of course,
this is the one spelled with a Ph. It is where an attacker tricks
you into doing something. It might be
clicking a link. It might be responding to an email. It might also
be a phishing scam over the phone or, you know, SMS a text one
which is called smishing. A whole new type of phishing this going
on right now. Well, last week, IBM and Kaspersky now Kaspersky is
an anti-virus company. They are also trying to stop the general
spread of malware. They are a Russian firm, and the State
Department and FBI have warned us about using their software, but
they do have good information. When I see Kaspersky combined with
IBM, a company I do respect, then that does kind of make my ears
stand up, if you will. IBM and Kaspersky caught hackers in Japan,
trying to spread malware through emails. And the emails had links
about the coronavirus outbreak that started Of course and won China
last month in January. And now adding cell phones to the list. Of
course, Cisco, to the list, they have found phishing emails from
cybercriminals, purporting to be from the Center for Disease
Control, as well as the World Health Organization and what they're
trying to do the bad guys his deal your email credentials and other
information. The emails are coming from several domains, including
CDC dash gov.org, which, of course, is not the real CDC website. So
be very careful if you are trying to find out information about the
CDC, or about the spread of Coronavirus about flu in general. For
instance, in my home state of New Hampshire, we have I think it's
seven deaths so far this year reported g attributed to the flu in
general, not the Coronavirus. Every year about 12 to 16,000 people
in the United States die from the flu. So far we've only got 14
cases reported of Coronavirus So, at this stage everybody, this is
nothing to get all freaky worried about. Okay, so calm down. If you
want more, go to CDC.gov. CDC Centers for Disease Control cdc.gov.
And it tells you what to do now this Coronavirus has an official
name now it's called Covin-19, co vi d dash 19 because there are
multiple versions of Coronaviruses and viruses. And we have had a
report in the past about Coronaviruses, and they have killed people
previously. So you'll see right at the top of the CDC, gov website,
information about the Coronavirus and it spread. It is a
respiratory disease. It is potentially fatal. It doesn't seem to be
any more fatal than some of the other viruses that we've had. So
let's put all of this in context. And when you get an email from
someone saying hey, Look at this, click on this link, it's going to
get you information about the Coronavirus, it's going to let you
track the spread of, etc. don't respond. And you, if you get a text
message, don't respond. I got one because I'm a member of the Great
and Powerful media, right. I got one last week that was sent out to
members of the media saying, Hey, we got this new tracking site.
You just can't be cautious enough when it comes to this. So if you
go to CDC Gov at the top, you'll see the description here about the
Covin-19. And you can click on that, and it'll show you a global
map about where it has been reported what is happening. I'm looking
at one. It's about one day behind it looks like right now for
Covin-19. But you can see all of the countries that have been
reporting it and then you can also So look at the hard statistics.
People under investigation in the United States exactly how many 14
positives you'll see that there. Of course, it changes daily. How
many negative how many pending? The people are under investigation.
Remember, the airplane full of workers from the State Department
that came back from China. They have now been under quarantine for
more than 14 days. They released them all from quarantine because
it turns out that nobody had that virus, so just because you have
the flow doesn't mean it's Coronavirus. More cases over on the left
coast and the Midwest, which is kind of surprising to me than there
are on the East Coast or the Mid Atlantic, etc., etc. So have a
look there. Do not respond to emails or texts or phone calls. Okay.
Just be very, very careful. Hackers are imitating this sort of
thing. Then the other side of this is they are sending out
messages, seeking donations, and they're asking for Bitcoin
donations to the World Health Organization. I can tell you right
now, the World Health Organization, the CDC, they are not taking
Bitcoin donations, okay? Don't go and donate, right. Again the CDC
gov.org is the bad guys cdc.gov is the good guys. The scam page is
elementary. it might have taken the scammers just a few minutes to
put together. It's very effective. It looks legit. And the FBI and,
of course, also Homeland Security are taking down these pages as
soon as they can, but they can't always get rid of them right away.
And companies we got to be proud. We've got a chain, train our
employees not to follow up on these scams. So again, that's part of
why I publish my newsletters. I report on the biggest scams that
are going on. I try and keep it down to just a few a week. You can
share them with your employees, share them with your family, but
you have to get them to share them. Go to Craig peterson.com slash
subscribe. Now, we're going to talk a little bit about this whole
thing with the ACLU and their current fight. I spoke about
something similar to this a couple of years ago, man, maybe
actually the first time was probably about ten years ago. There are
companies out there, and they gather information about us. They're
called Data brokers. And I have visited some of these data brokers
sites themselves. I mean physical site, where the company operates
where they have their data collections, to help them with security
problems that they have. And to help prevent problems from
occurring, right. That's what I do for a living full time. And it
was probably ten years ago, the radio show that I talked with some
of these companies. But what they do is they take what's called
open source information that's used a lot by government or
investigations. And you can use open-source information yourself.
All you do is go to Google, for instance, and do a search. That's
the open-source information. It's anything that anyone can gain
access to, without having to be a police officer without having to
go and really kind of, you know, get a court order kind of be
surreptitious and how you gather that's open source. So the data
break brokers will take all of that, and that can include depending
on States your living driver's license information. It can include
information about the mortgage for your home. It can include you
know the ownership of your home, and it can include just all kinds
of stuff. And that becomes very, very difficult to control. Because
all of your information is out there. It's available for free or
for cheap on the internet. So these data brokers, they might buy it
from the county, they might get it an open-source. Some of these
documents are going to contain like your mortgage is going to
contain your signature. The deed to your home is going to contain
the signature, the automobiles that you own. There's going to be
UCC filings with the Secretary of State's office, detailing what
cars you own, who the lien holders are, and how much money is
involved, all of this stuff. So it all gets pulled into these days.
databases I mentioned on the show a few months ago, a couple of
months ago that we were out in Las Vegas at a wedding. And of
course, you know, doing work while I'm out there sitting on the
couch, doing work for some of our Las Vegas clients when there was
a knock at the door. Who's there? Well, it's an insurance
investigator investigating an accident that had a fatality. And of
course, the insurance company had been asked to payout.
They came to this home because they had information that the person
involved had contact with someone at this address, which indeed she
did. It was her sister, and the driver had been responsible for
this fake fatal death. The driver listed was one of my sisters in
law, who had died six months before the accident. It was all fake.
The insurance investigator showed my wife all of this information
she had that they had purchased from one of these data brokers. It
had listed my deceased sister in law's relatives, everybody every
address she had ever had. It had names and contact information for
some of my kids as well. Now, it was not all correct or organized.
When I've looked at the data brokers' information about me, only
about half of it is right, but the other half is entirely
incorrect. That's still the case because they had a lot of utterly
false information. People that they said were relatives that
weren't. People we'd never heard of before, they identified as
direct relatives of hers. The insurance company purchased all of
this information from a Data Broker, in collections, this is called
a skip trace. It's called a skip trace for people who jumped bail,
etc. Man, we should talk about this whole bail thing, and the
idiocy and New York state that is spreading countrywide dog, the
bounty hunter and his wife Beth had been fighting this for a long
time because it's making us much, much less safe. But anyhow,
that's not a topic for today's show. It's not a political topic,
because it's undeniable what's already happening with the increase
in the crime rate, New York anyways. What the government is doing
now and this is part of what I was warning about a decade ago, is
the federal government, the FBI, the NSA, the CIA, of the IRS, you
name it. They are limited in how they can collect information, we
kind of already knew that, right? They knew that they had to get a
search warrant for certain things, right? They can follow you
around if you do not expect privacy, etc., etc. So obviously,
federal government agencies can use open-source information to see
what you're doing online. But how about the closed source stuff?
How about this information that the data brokers are collecting?
Some of it comes from the people who lent you money. Some of it
they're getting from places where you have to pay to get that
information. What's happened here now is that the ACLU has filed a
suit, according to The Wall Street Journal, against Homeland
Security and Homeland Security through its Immigration and Customs
Enforcement Agency. As well as Customs and Border Protection, is
buying Gilo geolocation data from these data brokers. It's using it
to investigate suspects who have allegedly committed immigration
violations. So let me boil all that down into plain English.
You might be using games on your smartphone, and you might be using
all kinds of apps on your smartphone. If you have a smartphone, you
probably are, frankly, not using 90-95% of those apps that you have
downloaded. But many of those apps are tracking you. And that
information is being sold to data brokers. So think about that for
a minute. Remember that free app and how you've heard me and many
others for so many years. Say, hey, you're not the customer. You
are the product. But what's happening here now is that the ACLU is
saying to the federal government, hey, you cannot, you cannot buy
this information that you are not allowed to collect yourself. You
cannot buy it from data brokers or these app developers who are
selling it. Interesting question, interesting problem, isn't it?
What should they do? What should you do? What can you do?
It is going to play out in court. I suspect it's going to come down
on the side of the Department of Homeland Security because this
information is generally available to anyone willing to pay for it.
So now the government stepped forward, saying we are will pay for
it. By the way, it's down to local law enforcement as well, who, in
many cases, are also buying information from the data brokers. Have
you ever set up a company Amazon account? Have you ever set up an
account for a company account for Uber? Maybe it's not a company
account. Perhaps it's your account that you're using for Uber or
something else? How about using something like Constant Contact to
send out emails to your customers? How about salesforce.com, where
we've seen a shift over the years from what used to be kind of the
glass castle, where you had a central computer room in that
computer room was a mainframe. And those mainframes were
astounding. They still are. And that mainframe in that glass room
was controlled by professional Information Technology people,
people that knew what they were doing at least at the time, right?
Then we started seeing some changes. You remember the apple two and
VisiCalc Visicalc was kind of the killer application. And if you
wanted to do numbers, then you bought an apple, you purchased a
little apple two. And you then pulled data and people were asking
that glass house, they were asking it, Hey, can you give us data
because we want to put together some spreadsheet. People put
together spreadsheets without really understanding the implications
of the numbers they were using without understanding how to audit a
spreadsheet to make sure that the figures included were correct.
They didn't understand the double journaling. They didn't
understand the cross-referencing of the information. They started a
bit of a movement away from that glass house from that glass castle
from it. They said hey, we could figure this out, why are we going
to pay it all of this fake budget money to do something for us and
we can do it for ourselves and do it cheaper. Frankly, that's a
problem I still face with many organizations, if you can believe
it, who think they can do security themselves, which is impossible
for almost any organization. In this day and age, any small-medium
business must have full-time external professionals who are helping
your internal IT people. The internal IT should be doing what they
do best, which is helping your business use information technology,
to its best use, assisting people to be more efficient, finding new
ways of doing things, etc. Instead of that, what most businesses do
is they have these various silos, like sales and marketing and
accounting. And each one of those silos, those lines company does
things their way. So the sales guys, they're out, and they said,
Hey, we're going to use Salesforce. And we're going to tie that
into Constant Contact. And then you have your accounting people
saying, well, we're going to use QuickBooks Online. Or maybe
they're going to use one of Oracle's accounting systems. And then
the manufacturing people say, Well, we are going to use this
particular era p program, which is going to be great for
manufacturing. And we've decided that we're going to use Survey
Monkey to collect information from our customers from our vendors.
You see where I'm going, each one of these lines of business is
going out there and making what are in actuality, information
technology decisions. They're making decisions about what type of
technology to use, which is one level, but then the next Next Level
is they're using it. And they're putting the business's information
at risk. It is a huge, huge problem. It's something that I'm going
to be addressing with some of this training that I have coming up
with a couple of these tutorials correctly tackle these problems.
And so if you're on my email list at Craig Peterson comm slash
subscribe, you're going to find out about these, and I'm going to
give you some great cheat sheets and other things. But all of those
again, Craig peterson.com slash subscribe.
All of those different lines of business, all of those different
functional responsibilities within an organization larger small,
are adding up and adding up hugely. And there is a massive problem
behind this. Now you know, that I use one password, and I recommend
it, and we typically Use one password in conjunction with Duo to
help secure login information. But because one password is used so
frequently by companies to keep track of logins, they have kind of
a unique view into the risks of all these different accounts. And
what we're talking about where these lines of business are making
Information Technology decisions that they're not qualified to
make, and frankly, in most small-medium companies, there's probably
no one in the organization that's fully qualified. Still, at least
it has a better idea, but then a marketing person or an accounting
person would have. So this is called shadow it and it's absolutely
something that we have to be careful of and we have to watch for
and if you are one of these people who is using one of these
third-party services, and you have not informed your IT person. Do
it right now. All right, thanks. Okay, hey, we have a lot more
content that you can get online. Just go to Craig Peters on.com.
You'll find it right there in my weekly newsletter that you can use
to help educate other people inside your company. Maybe family,
maybe friends, and indeed, educate yourself and the things that you
need to know security-related or just the newest and latest
greatest technology. Now I got an email here just while was
Facebook a couple of weeks ago a message about a story that I had
reported on about Tesla before, and I try and answer those I dig
them up I get them for you. But I want to make sure you are
subscribed at Craig Peterson comm slash subscribe, so you get all
of that. Thanks for being with me here, WGIR, and we'll be back
Monday morning with Jack Heath at 737.
Hey, welcome back Craig Peterson here on WGAN and online Of
course, Craig peterson.com. If you want to, you can subscribe to my
email list you'll find out about the free tutorials that pop up
training, courses, everything that I do to help make you and your
business more secure. So again, Craig Peterson, dot com slash
subscribe. I got to read this to you right now. I decided to cancel
through Airbnb and tell them about what had happened. He went off
at me, berated me for not handling in it privately, and told me I
was acting in my self-interest, and belittled me. I ended up having
to pay the first full month even though I stayed one night. His
listing is still up, and a review posted after my state also
mentioned the silverfish. Isn't that something? Now, this is from a
report that came out from vice. Now you might be familiar with
vice.com. There's a lot of decent stuff up there. But I want to
tell you a little bit about my own experience I've had with Airbnb
and VR Bo now VR Bo is vacation rentals. It's it has been used
more, I think, by businesses from what the stuff I've read than it
is by individuals. But I have had bad experiences with both of
them. Every time I have had an Airbnb, I have had a bad experience.
So let me tell you what I mean by a bad experience. For instance, I
was out of Vegas at a conference, and we thought, you know what,
let's try Airbnb. I'm the tech guy, right? I need to understand
this. Why wouldn't I go ahead and use Airbnb in make sense, right?
So here the tech guy goes, and we poke around read reviews we read
ratings. We found an apartment, not far at all, I mean like half a
mile from the convention center. We thought, okay, this is going to
be perfect. It says it's right by the strip we could walk over
there, hop a cab or, or grab a ride and enjoy The Strip, and then
the morning we can just walk over the convention center. We're not
going to have any problems parking because it said it is an
apartment. Let me start with parking. By the way, parking is
another thing in the second Airbnb story. There was no parking. You
had to park a half a mile away sometimes because people were just
parking in the parking lot of the apartment building. There were no
reserved parking slots for the apartment. So there's number one โ
number two. When we go into the apartment, and it's quite nice. We
find out that it has two bedrooms. We had only booked one bedroom
because that's all the listing talked about the one-bedroom.
We get there, and we find, okay, so this is our bedroom over here.
Well, the bedroom did not have an ensuite bathroom. The bathroom
for the bedroom was across the hall. So there we go, we get in
there and okay, fine. So our bathrooms across the hall, and we end
up going to bed. We enjoyed it was a nice place relatively clean,
quite old. It was probably a 40-50-year-old apartment. In the
layout that you would expect there in the southwest where there's
kind of a courtyard in the middle, and it's a little two-story
thing and, you know, kind of reminded me when I lived in LA back in
about 1980 late 70s early 80s. You know it's that part was quite
nice. You know brand new shag rug in there, well you know not
brand-new but quite new and clean. That part result was good. We go
to bed and then we there we hear just tons of commotion because
somebody else who didn't speak English very well had come to stay
at the apartment as well. We hear them going into our bathroom,
using our towels. They are very, very loud talking on the phone,
and they get a hold of the owner right of this Airbnb. They got the
same impression we did, which is there's one-bedroom in this place.
So they had an ensuite bathroom. We did not, but they were using
our bathroom the whole time and our towels, there's only one set of
towels. It wasn't a great experience at all. They kept us up for
quite a while because they were just so loud. Now you know me, I'm
not an outgoing guy. You might not believe that, but I'm a little
bit of an introvert. And as an introvert, I didn't want to go out
and confront these people who were I'm guessing, or you know, from
Asia, they were speaking Chinese or Korean or Japanese, I have no
idea. I just didn't want to mess with it. So we get up in the
morning, we and everything is okay-ish. We go to the conference and
then that night, I guess these people only there for one night.
That night, we had the whole place to ourselves, which is okay.
Knowing that with Airbnb, I rate the place after I stay there, but
the owner of the place rates me and so there have been a lot of
issues of retaliation when it comes to Airbnb. If you stay at one
of these places and you don't give them this glowing five-star
review, then you're not going to get reviewed while and other
people might not want you to stay at their place. So I gave it a
reasonable rating. I can't remember what I gave it, you know,
places clean and, and, you know, it was a nice place and there is
another bedroom. You know, just kind of hint into anybody reading
this. It isn't going to be dedicated to you and maybe your loved
one you're staying with and left it at that. That's my first Airbnb
story. And then my second Airbnb story, as I mentioned, had a lot
to do with parking as well. And in this case, it was in the Toronto
area, up in Brampton, and we rented a place on Airbnb, you know, I
figured, well, we'll give another chance, see what happens. It was
a three-bedroom place, and they said it sleeps like eight or
something like that. What you did if you include the fold-out
couch, and so we figured, okay, we need some parking. So I had sent
them a message saying, hey, it's going to be myself and a couple of
my kids and some grandkids. You know, I want to make sure that
there's plenty of parking. Is it? Oh, yeah, plenty of parking,
buddy parking, no problem. And so we get there, and there is one
parking spot. And it's in one of these. I don't know if you know
much about Canada and how they build their housing there. But one
of the reasons I'm not that fond of it, right. I grew up there. It
was these townhouses that are built right on top of each other, you
know, the zero property line homes there. Three, four, or five of
them attached. The only place you can park is in the little garage
place. Well, the garage itself was full of stinking
trash. Who knows how long it had been there. You couldn't use the
garage. It had hared the driveway with the condo next door to you.
It had one parking spot. I had my car, my daughter's car for her,
her husband, and a couple of her kids. And then one of my other
kids also drove up there. We had to find a place to park. Now the
good news was that the whole neighborhood was under construction.
They were able to park in the mud. in one area where construction
wasn't happening right then, of course, the next morning, what
shows up big dump trucks, excavators, everything else to work
across the street from us. That wasn't fun. Let me tell you that it
was not fun. We were quite worried about our cars, with all of this
heavy equipment on this little narrow street designed for one car
to go down the street when cars park on the street. We have to go
right now when we come back, and I'm going to finish what happened
with my air mean being being being a story, as well as my VR Bo
story. And we got a whole lot more to cover. We're going to get
into this Homeland Security thing with the ACLU and more but stick
around, listening to Craig Peterson a course on WGAN online at Greg
Peterson dot com is where you'll find me. Make sure you subscribe
so that you get all of my free tutorials, training courses.
Everything, Craig Peterson dot com, stick around.
Hey, welcome back. Craig Peterson here on WGAN and of course
online, at Craig Peterson dot com. I was in the middle of telling
you my stories about Airbnb. If you have ever thought about staying
at Airbnb, or VRBO, or any of these types of places, right,
obviously you're not staying at a website, but you're booking
through a website, somebody's home, somebody's rental, whatever it
might be then this is for you. I have done it for personal reasons.
I have done it for business reasons as well. I told you the
beginning of my story in Toronto, and I told you the last segment
about my story in Las Vegas. We didn't have the parking, and the
kids are all worried, and I was concerned about our cars getting
destroyed by the heavy equipment. Were we going to have to move
them because they were working on the lots across the street? It's
incredible how fast the housing is going up there and how expensive
it is to it's, it's just not how pricey it is. We get inside the
place. Now, remember, I said that the garage was full of trash
which was, and it stunk to high heaven, which it did. Okay, so some
of that leaks into the house, which makes the house kind of smell
too, which is just plain old, no fun. We get into the house, and I
go and sit on this folding couch. And remember, the house is
supposed to sleep eight, and it has a fold-out sofa. I sit on the
couch. It reeks of BO, body odor. Right? I mean reeks.
One of the first things I have to do is I want to make sure that
they know that this is a problem so that maybe they can take care
of it. I call, and I don't get any answer because it's the weekend,
right? Nobody's around. We head out to the local grocery store, and
we get some odor killer stuff, and we bring it back, and we drench
the couch in it. And we're able to get rid of most of the BO you
know, and its underarm smell is what it is. Someone with some nasty
underarm odor was sitting on that couch. They put their arm up on
the back of the sofa and left all of their BO behind them. Then
they did the same thing on the couch itself and somebody supposed
to sleep there, right?
Oh, it was just incredible. Then we go upstairs and upstairs that
we noticed that the fire alarms had tape all around the sides of
them. Now, if you're not familiar with the way firearm alarms work,
they have to be able to have air flowing through them to sense that
There's smoke in the air or carbon dioxide, carbon monoxide,
whatever the type of detector is. And it had been it had tape all
around it. Now it looked like it was painters tape right that blue
tape that you use as you can pull off that isn't going to leave
residue behind. So maybe it was the painters perhaps it was the
owners, I don't know, perhaps it was a previous occupant, but I
warned them about that as well as saying hey listen, your fire
alarms are not going to work because it blocks the airflow on the
fire alarms by this tape that's on them. I never got a response on
anything there. So what do I do when it's time to leave a review?
Well, I said the place was in perfect shape. It's brand new. I had
to do a little bit of cleaning. The cleaning crew in because the
carpets upstairs all had the markings of a, you know, a vacuum
cleaner. You can see the wheel marks on the floor and everything
else. So you see it's not as though a rip them a new one like I
have seen done before. And you never get to see your ratings by the
way from these Airbnb owners. Okay, so there's a second one not
neither one of mine were nightmares per se, but they both had
significant problems that I was afraid to report on because I know
that turnabout is considered fair play and who knows what these
owners are going to say.
Then I tried a VRBO, but they are older. They've been around for
something like 30 years, and it's vacation rental type stuff,
right? So VRBO, okay, we'll try it out. So we try it. We booked a
place, and I wrote to the owners. Hey, there's we're going to have
three cars, or two cars can't remember what it was now. Is this
going to work for us this okay, I want to make sure this parking is
I've had issues before? I never got a response from them. But, you
know, they ran my credit card through so I figured, okay, well at
least that part is done. I show up with the family in tow. And
we're going to have this great time together. I'm going to be
working, and they can stay in and just enjoy the place you know, a
new city, a new location is going to be great. Guess what? VRBO had
canceled my reservation without telling me without informing me,
without crediting me. Well, it turned out that they didn't end up
crediting me after all the credit card, but here I am waiting for
the place that I can't get in. I called up VRBO to say, Listen, I
never got a code for the door or anything else. What should I do
here?
Oh, no. Well, I see that reservation was canceled. I never canceled
the reservation. Oh, no, sir. It was canceled, like the day after
you booked it. I said, wait a minute. I never canceled it. Well,
okay. Well, then the owner must have canceled. Why didn't I get
notified? Oh, you didn't get notified, sir? Really? It says they
sent an email. I went through all my junk mailboxes and everything
else and yep. Okay. I got a notice of cancellation. Oh, man, what a
pain that one was. Well, we can find another place in the area
you're in right now. We'll make sure you get a refund. I said,
Listen, I'm here. I don't have A place to stay. What am I supposed
to do now? And they just say I'm sorry, sir. You know, I'm sorry,
We'll make sure you get credit. That's all they would do. For me,
it was absolutely a nightmare. Three experiences personal
experiences for me. One of them a nightmare. One of them on the
edge of a nightmare. Another one that could well have been a
nightmare but was a mere inconvenience. You can probably guess by
now what my thinking is about Airbnb and VRBO. That's what got my
interest in this article about this poor guy who was scammed, okay.
He was trying to stay in Montreal, and the owner asked him to pay
for their stay, outside of the Airbnb app. I've seen that happen
many, many times. Because that way, the owner does not have to pay
the Airbnb fees, okay? But if you do that now you have very little
recourse against the owner, then you know, I've done some
chargeback. Lately, now my company if someone buys a course from
us, and they're not happy, and we will immediately refund their
money because we just don't want them to be upset or disappointed.
Because again, you know, our whole thing is to nourish you back to
health when it comes to security stuff, right, get that
transformation done. I have had some nightmares personally trying
to do a chargeback for things that were never delivered, or that
got charged inappropriately. Or where I canceled the service. In
one case, it was like it was over $1,000 a month for the service,
and I canceled it. They charged me the 1200 dollars anyways. I went
to my credit card company, and they said, well, we'll have to
verify it with the vendor first.
So what? I canceled it. I had to fight with a credit card company,
and then when they checked with the vendor, and the vendor said,
Okay, well, it's fine. We'll take chargeback. You used to be able
to do this at the drop of a hat, and I guess they've abused it,
right? I think that's the bottom line on it. But man, oh man, so
we'll get a little bit more into this vise story. I guess its
turned into an Airbnb, VRBO, what to do if you want a vacation
rental or if you want to rent a place while you're on a business
trip. And then we'll get into some of the more of the articles
here, in the next hour. You're listening to Craig Peterson, of
course, on WGAN and online.
Hi everybody. Craig Peterson back here. I don't know if you guys
know what Airbnb's roots were. It started as an air Bed and
Breakfast. It was intended for the very young generation to be able
to go to concerts and things and just get an air bed in somebody's
apartment or home. That's what Airbnb is all about air bed and
breakfast. That was the whole idea. And I'm not so sure they've
come a long way from those days. I spent the last few segments, in
fact, in talking about my horror stories, we've been trying to use
Airbnb. There's another one I did not mention in Florida, which was
not a horror story quite the disappointment for this house. That I
think while I'm quite confident in this house that we rented. It
was for a family reunion. So we rented this house that slept like a
dozen or something like that. All of the beds were just terrible.
You know, the cheapest mattresses that are known to man. You shift
your weight at all, and the squeaks loud enough to wake you up. The
sheets are the cheapest ones you could imagine. It was an Airbnb as
well. It was pretty obvious that the set up for this place was for
porn videos. You go into the garage, and the whole garage is one
massive shower with I can't remember for six showerheads in it. And
then a little bit of workout equipment. I mean a tiny bit of
workout equipment. It sounded awful. Okay. And so there you go
there, there's all of the Airbnb and VRBO, experiences I can
remember. My sister rented the one in Florida for the family, and
she did not stay there. She stayed with my mom. It was quite
revealing, frankly, so disappointing. I never shared these stories
before, but it was because of a story that was in a vice.com, and
you'll find this up on my website and Craig peterson.com. They put
a little note out saying, Hey, does anybody have any stories about
Airbnb, Airbnb scams, and they said, this is Anna Marian, who wrote
this that nearly 1000 people sent them emails with their stories.
They looked at all of the stories they put together some patterns.
A former vice senior staff writer by the name of Alec Conti shared
her story about a disastrous vacation to Chicago, and she ran into
what she's saying are a bunch of grifters, and frankly a nationwide
scam. I no longer use Airbnb at all or VRBO at all. I have been
sticking with hotels. If you're interested, I typically use
hotwire. I don't use the star ratings of the hotels. I rely on the
ratings that are posted by the people who stayed there. I think
that's the best feature of hotwire, frankly. I don't care what
hotel it is. I just want to stay at a decent hotel. I even used
hotwire throughout France and Belgium. It worked great. We found
some just wonderful spots that we would never have found if we were
just looking to stay at the Marriott or the Hilton or whatever it
is, right? So Conti's investigation revealed some serious problems
with Airbnb. Now you might have heard about this problem with
Airbnb. After all, it hit the news late last year of these party
rentals after a death happened. I think it was in San Diego at one
of these party rentals. Somebody rented a nice house. Essentially a
lot of these places get destroyed by the partiers, right there.
There are drugs and heavy drinking, and in this one case, that hit
the news. There were gun shootings. Okay, that's a very, very bad,
bad thing. So Conti apparently, and again, you can find this
article on vice.com traced her scam back to a company that used
fake profiles and fake reviews to conceal a whole bunch of
wrongdoings. Let's get into this okay because property switches are
one of the biggest ones will tell you about what those are the
units of sawdust on the floor with holes in the walls, this whole
bait and switch game which goes into these properties, switches,
and stuff. It's awful. When all else fails, there are these clumsy
threatening demands for five-star reviews to hide the evidence of
what they've done. Sometimes multiple scams are involved. You know
it the hackers aren't just coming after directly our money by
trying to hack our businesses by trying to fool us into clicking on
links or doing things that we shouldn't be doing, right? These
scammers are all over the place. After this story that came out,
Airbnb promised to "verify All 7 million listings on this site by
December of this year 2020". Frankly, there's no way that they
could do this. There's no way you could send investigators to all 7
million listings. He said, Well, we're going to have to take more
responsibility for stuff on our platform. Yes, you will. You have
to provide a firewall. Not just a firewall of the reviewers, the
people who stay there and review can see the reviews that come in
from the owners of these properties. That's not going to solve the
problem. You need to make it so that there can not be retribution
by the bad guys that have given Airbnb a bad name. Now I got to
mention that my sister the one that booked that Airbnb for us in
Florida, my sister has a house that she rents out in Park City,
Utah, on Airbnb, and one of her daughters keeps it clean. I know my
sister is not engaged in scams. I know that my niece is somebody
who takes responsibility for things. I'm sure she keeps it clean. I
don't want to paint the whole Airbnb, a website and people who are
renting with a black brush here, I don't want to paint the whole
rental market, including the VRBO with a black brush, but I've got
to say 100% of the time I have had what I think are scams on both
platforms. Now, that's my personal opinion, based on a handful of
stays, and I know a handful of stays does not represent every
listing on the platforms, right. I understand that. However, its
the verification process, we're talking about here. I don't know
that he's ever going to do it. How are you going to review and
verify all 7 million listings on the Airbnb site within 12 months
by December 2020? I don't know how you're going to do it. So let's
go through the biggest scams according to vice.com number one,
which they say is exceedingly common. It's across hundreds of
emails. It's the bait and switch where Airbnb users were promised
one apartment and arrived to find something very different.
deceptive photos a bore no resemblance to what they found when they
got there. My kids found this too. They rented some places in Italy
when they did a tour, and you know, black mold everywhere just
terrible. Okay? Other times and they were persuaded by those to
switch apartments or houses entirely.
It is a widespread thing where they say, hey, due to unforeseen
circumstances, as a pipe broke, I'm going to have to move you to
another one of our properties. Now under the rules for Airbnb, the
owner does not get penalized if they push you to a property due to
quote, unforeseen circumstances unquote, like a pipe break. But it
turns out some of these people are using that unforeseen
circumstance again and again and again. And they're showing up to
their rental defined the new locations filthy, unfurnished on a
different part of town. And they're saying that in a surprising
number of stories, the original house was full of a weird amount of
bear beds laid out and bizarre configurations, kind of sounds like
that porn place my sister rented for the family in Florida, doesn't
it? So here's one of the quotes I rented a place near Glass beach
and a few weeks part of my trip. When I reached out to confirm the
booking, the Lister told me she had a septic problem in the unit,
and she would see if she'd put me if she could put her up in a more
prominent place nearby. It never materialized, but she refused to
cancel my booking, saying the first time that her computer wasn't
working and the next time weeks later that her father just passed
away. I had to complain to Airbnb that she refused to cancel the
booking, so they canceled it, but I was unable to write a negative
review. According to Vice again, they're saying the plumbing scam
seems to rest on the idea Airbnb won't penalize a host if the house
is uninhabitable. Okay, that's what I was saying. I've seen this
before. So this goes on and on this whole bait and switch thing.
Okay, next one, getting the guests to agree to move houses and the
plumbing scam is often kind of segway into getting you to agree to
move houses. Okay? So they will say, supposed to be this, you know,
here's this complaint supposed to be quaint, quiet property in
downtown. They get delayed by the homeowner stating that we'd need
to change properties the last minute since it was only a quick
two-night visit we weren't opposed.
The new quote larger location was this scummy little apartment
complex on the other side of town. Another one - Booking the Airbnb
to multiple people at the same time. That's what happened to us in
Vegas. When my wife and I showed up at this apartment through
Airbnb, perhaps the most socially awkward Bait and switch is this
one renting an Airbnb where you believe you booked the whole
residence only to arrive and find a whole bunch of strangers there.
That happened to us in Vegas. Multiple people told us they came to
see other Airbnb guests at the house, or in some cases, people who
seem to live there. It just goes on and on. Next one - money scams,
paying outside the app. I mentioned this one early. It says it's a
straightforward scam. Be careful.
There's no be careful here, as there is no reason to do that. Fake
damages - Man, I've heard about this from multiple people before
mine. How can Airbnb police this? Did the guests damage the place?
Okay. Oh man scam scams, you'll find more about this online. My
advice? Use a hotel you trust us out of the hotel booking site, you
believe. And I already told you, I use hotwire because I don't care
what the brand is. I just want a good hotel, and I use the ratings
from the people who stayed. Stick around. We'll be right back.
Hey, welcome back, everybody, Craig Peterson here on WGAN and
online at Craig peterson.com. Hey, have you thought about how to
follow along at home or on the road during the week? The easiest
way to do that is to listen to my podcasts. Why not? I put it out
there are multiple things, including this weekend show, but many
other things that I include during the week, and you can subscribe
to that as well on your favorite podcast platform. And it says
Craig Peterson dot com slash iTunes. If you are an iTunes type of
person or Craig peterson.com, slash tune in or slash I heart. Okay,
I am kind of all over the place today. I appreciate everybody who
does Listen to me and comments on things during the Week. You'll
also find me on LinkedIn and Facebook and YouTube, but it is kind
of over the place as I talk about some of the biggest stories of
the week. Now we were just talking about scams that seem to be
coming from Airbnb and VRBO, of course, but there is a lot of scams
going one. We are going to get into one right now tied into the
coronavirus. But first I just want to make mention of this other
article that came out last month in January. And it's talking about
computer literate millennials and Generation Z. These are the
people that grew up with the internet. They've had the internet
pretty much their whole lives. They found meaning the Federal Trade
Commission has found that people ages 39 and under are more likely
to report fraud than the 40 plus Crowd now here's the thinking. It
isn't that the younger kids and millennials and Generation Z, it
isn't as though they are less afraid to report that money has been
stolen from them, it appears that they are more likely to fall
victim to fraud 25% more likely. Now the millennials are less
likely to fall for scams over the phone than people over 40, but
77% More likely, Millennials are 77% more likely to get duped by
email scams and 90% more likely to lose money on a fake check scam.
Now the thinking behind this is that those of us who are a little
bit older, we hold the whole internet thing with a little bit more
skepticism than our children and grandchildren do. Because we know
that there are scammers out there. And we've heard all of the
horror stories, whereas the younger kids are looking at it as well.
It's the internet, and they just give their stuff away. We already
know that there are studies that show that the millennials will
give their email address away in trade for a single donut. Okay, so
they don't value a lot of this stuff. You know, to me, well, it's a
little bit concerning, and it should be to you. But let's get into
the latest scam that's out there right now. It isn't the Airbnb
scam, which has been out there for a few years now. As I said, hey,
I've been burned what, four or five times by this overall,
personally. So I'm just to the point I just don't use it anymore
period. It's a real shame because there are some good people out
there. But this has to do with what's been happening. Now it is
happening with the Coronavirus, and this is a huge deal. We had one
day this week, where 15,000 new cases were reported. Supposedly, it
was due to a change in the way China was tracking the Coronavirus
and diagnosing people. So they're saying, Hey, listen, it's you
know is just a change. Don't expect this to indicate that more
viruses are spreading out there. And frankly, I look at it and say,
Well, maybe there are there aren't. But what we're seeing are some
rather sophisticated phishing scams going on. Phishing, of course,
this is the one spelled with a Ph. It is where an attacker tricks
you into doing something. It might be clicking on a link. It might
be responding to an email. It might also be a phishing scam over
the phone or, you know, SMS a text one which would be called
smishing. A whole new type of phishing this going on right now.
Well, last week, IBM and Kaspersky now Kaspersky is a Russian
anti-virus company. They are also trying to stop the general spread
of malware. The State Department, the FBI, Homeland Security, not
to use Kaspersky software, but they do have good information. So
when I see Kaspersky, combined with IBM, a company I do respect,
then that does kind of make my years and help if you will. Still,
IBM and Kaspersky caught hackers in Japan, trying to spread malware
through emails, and the emails had links about the Coronavirus
outbreak that started, of course, in Wuhan China last month in
January. Now adding Sophos and now, of course, Cisco to the list.
They have found phishing emails from cybercriminals, purporting to
be from the Center for Disease Control, as well as the World Health
Organization. And what these bad guys are trying to do is to steal
your email credentials and other information. The emails are coming
from several domains, including CDC dash gov.org, which, of course,
is not the real CDC website. So be very careful if you are trying
to find out information about the CDC or the spread of coronavirus
about flu in general. For instance, in my home state of New
Hampshire, we have I think it's seven deaths so far this year
reported g attribute To the flu in general, not the Coronavirus.
Every year about 12 to 16,000 people in the United States die from
the flu.
So far, we've only got 14 cases reported of Coronavirus. At this
stage everybody, this is nothing to get all freaky worried about.
Okay, so calm down. If you want more, go to cdc.gov. CDC Centers
for Disease Control - cdc.gov, tells you what to do now. The
current Coronavirus has an official name now. It's called covin-19
co vi n dash 19. There are multiple versions of Coronaviruses,
which is why they identify each with a number. We have had a report
in the past about Coronaviruses, and they have killed people
previously. So you'll see Right at the top of the cdc.gov website,
information about the Coronavirus and its spread. It is a
respiratory disease and potentially fatal. It doesn't seem to be
increasingly more fatal than some of the other viruses that we've
had. Let's put all this in context. And when you get an email from
someone saying, hey, look at this, you click on this link, to get
information about the Coronavirus. It's going to let you track the
spread of etc. don't respond. If you get a text message, don't
respond. I got one because I'm a member of the Great and Powerful
media, right. I got one last week that was sent out to members of
the press saying, Hey, we got this new tracking site. You just can
to be cautious enough when it comes to this. So if you go to CDC
Gov at the top, You'll see the description here about the covin-19.
You can click on that, and it'll show you a global map about the
location of reported cases and what is happening. So, I'm looking
at one, and it's about one day behind. It looks like right now for
covan-19. But you can see all of the countries that have been
reporting it. Then you can also look at the hard statistics. People
under investigation in the United States, exactly how many 14
positives, you'll see that there. Of course, it changes daily. You
can see how many tested negative and how many pending, the people
are under investigation. Remember, the airplane full of workers
from the State Department that came back from China. They have now
been under quarantine for more than 14 days. They release them all
from quarantine because it turns out, nobody had that virus. So
just because you have the flow doesn't mean it's Coronavirus. More
cases over on the left coast and the Midwest, which is kind of
surprising to me than there are on the East Coast or the Mid
Atlantic, etc., etc. So have a look there. Do not respond to emails
or texts or phone calls. Okay? Just be very, very careful because
the hackers are imitating this sort of thing. The other side of
this is they are sending out messages seeking donations. They are
asking for Bitcoin donations to the World Health Organization can
tell you right now, the World Health Organization, the CDC, they
are not taking Bitcoin donations, okay. So don't go and donate.
Right And again, the CDC gov.org is the band guys CD see.gov is the
good guys. The scam page is straightforward. It, you know, took the
scammers, maybe just a few minutes to put together. It's handy, and
it looks legit. And the FBI and, of course, also Homeland Security
are taking down these pages as soon as they can, but they can't
always get rid of them right away. And companies, we've got to be
proactive. We've got to chain train our employees, not to follow up
on these scams. So again, that's part of the reason for my
newsletters. I report on the biggest scams that are going on. I try
and keep it down to just a few a week. You can share them with your
employees, share them with your family, but you have to get them to
share them. Go to Craig peterson.com slash subscribe, and you'll
get those as well stick around. We'll be right back on WGAN.
Hey, welcome back, everybody. Craig Peterson here on WGAN, and thanks for joining us today. Hopefully, you picked up a lot of good information. We're just talking about the CDC some of the scams that are out there right now from the Coronavirus, including one involving Bitcoin, which kind of surprised me. We talked a lot in the first hour about the major scams on Airbnb, where you can rent apartments or homes for a day or a week or a month, almost anywhere. It's really quite neat. But the major scams have been going on there and how I've seen them personally and why I will never use it ever again. If you want to listen to that, just go to Craig Peterson comm slash tune in, you can subscribe right there. Listen to me, live by the way on tune in when I'm on the radio. He And when I'm on with canon Matt, the morning drive every Wednesday at 737, every Wednesday morning, as well. And those are all on tune in. Now, we're going to talk a little bit about this whole thing with the ACLU and their current fight. I spoke about something similar to this a couple of years ago, man, maybe actually the first time was probably about ten years ago. There are companies out there, and they gather information about us. They're called Data brokers. I have visited some of these data brokers sites themselves, I mean, physical sites, where the company operates where they have their data collections, to help them with security problems that they have, and to help prevent problems from occurring, right. That's what I do for living full time. It was probably ten years ago, the radio show that I talked with some of these companies. What they do is they collect open-source information that's used a lot by the government for any number of things from financial transactions to investigations. And you can use open-source information yourself. All you do is go to Google, for instance, and do a search. That's the open-source information. It's anything that anyone can gain access to, without having to be a police officer without having to go and really kind of, you know, get a court order kind of be surreptitious and how you gather that's open source. So the data break, brokers will take all of that, and that can include depending on the state you're living, driver's license information, it can include information about the mortgage for your home. It can include you know the ownership of your home, and it can include just all kinds of stuff. That becomes very, very difficult to control. Because all of your information is out there. It's available for free or for cheap on the internet. So these data brokers, they might buy it from the county, they might get it an open-source. Some of this information will contain data from your mortgage, will contain your signature, the deed to your home is going to contain the signature, the automobiles that you own. There's going to be UCC filings with the Secretary of State's office, detailing what cars you own, who the lien holders are, and how much money is involved all of this stuff. So it all gets pulled into these databases. I mentioned on the show a few months ago, a couple of months ago that we were out in Las Vegas at a wedding and of course, you know, doing work while I'm out there and I'm sitting They're on the couch doing work for some of our Las Vegas clients. And there's a knock at the door. And who's there? Well, it's an insurance investigator investigating an accident that it was a fatal accident. And of course, the insurance company had been asked to payout. So they came to this home because they had information that it that the person involved I had a contact with someone at this address, which indeed she did. It was her sister, and apparently, the driver had been responsible for this fatal death. The driver listed one of my sisters in law. She had died about six months before the accident. So obviously, it was all fate. The insurance investigator showed my wife all of this information she had from one of these data brokers. It listed my deceased sister in law's relatives, everybody, every address she had ever had. There were names and contact information for some of my kids. However, it had a lot of incorrect information, including supposed current addresses and voting information for relatives deceased for over two decades. When I've looked at the data brokers' information about me, about half of it's correct, but the other half is completely incorrect. And that's still the case because they had a lot of completely incorrect information. People that they said were relatives that weren't people we'd never heard of before. They said these were direct relatives of hers. At any rate, they had purchased all of this information from a Data Broker. In collections, this is called a skip trace. It's called a skip trace for people who jumped bail, etc. Man, we should talk to about this whole bail thing, and the idiocy in New York state that is spreading country-wide dog, the bounty hunter and his wife, Beth had been fighting this for a long time because it's making us much, much less safe. But anyhow, that's not a topic for today's show. It's not a political topic, because it's undeniable what's already happening with the increase in the crime rate in New York anyways. What the government is doing now is what I was warning about a decade ago. That is that the federal government, the FBI, the NSA, the CIA, of the IRS, you name it, they are limited in how they can collect information, we kind of already knew that right? You know that they had to get a search warrant for certain things right. They can follow you around, without any expectation of privacy, etc., etc. So So obviously, federal government agencies can use open-source information to see what you're doing online. But how about the closed source stuff? How about this stuff that the data brokers are collecting? Some of it they're getting from the people who lent you money, some of it they're getting from places where you have to pay to get that information. So, what's happened here is that the ACLU has filed a suit, according to The Wall Street Journal, against Homeland Security. Homeland Security, through its Immigration and Customs Enforcement Agency, as well as Customs and Border Protection, is buying geolocation data from these data brokers and choosing to investigate suspects who have allegedly committed immigration violations. So let me boil all that down into plain English. You might be using games on your smartphone, and you might be using all kinds of apps on your smartphone. If you have a smartphone, frankly, you're probably not using 90 95% of those apps that you have downloaded. But many of those apps are tracking you. And that information is being sold to data brokers. So think about that for a minute. Remember that free app and how you've heard me and many others for so many years say, hey, you're not the customer. You are the product. Well, what's happening here now is that the ACLU is saying to the federal government, hey, you cannot buy the information that by law your organization cannot collect. You cannot buy it from data brokers or these app developers who are selling it. Interesting question, interesting problem, isn't it? What should they do? What should you do? What can you do? It is going to play out in court, and I suspect it's going to come down on the side of the Department of Homeland Security because this information is generally available to anyone willing to pay for it. So now the government stepped forward, saying we are will pay for it. By the way, this goes down to local law enforcement as well. In many cases, they are also buying this information from the data brokers. So let's stick around when we come back. We're going to talk about shadow IT. If you don't know what it is, it's a problem if you're in business.
Hey, welcome back, everybody Craig Peterson here on WGAN. Thanks
for joining me and for spending part of your Saturday with me. If
you're listening to this on a podcast at Craig Peterson dot com
slash tune in, thanks for joining me, some listen to me while
they're driving to and from work and find the various segments of
my show, which are about ten-ish minutes long, really work well
into their day. So if you're doing that, thank you if you're not,
please do consider it. I try and keep everybody up to date with the
information that you need to know. And that leads us to what we got
right now. Which is shadow IT. Now I bet there is not a company out
there. Well, maybe there's one right because you just can't put
always say or you know everyone that I say almost every company out
there has a shadow IT problem. So let's start by kind of defining
what's going on. Have you ever set up a company Amazon account?
Have you ever set up an account for a company account for Uber?
Maybe it's not a company account. Perhaps it's a personal account
that you're using for Uber or something else? How about using
something like Constant Contact to send out emails to your
customers? How about salesforce.com? We've seen a shift over the
years from what used to be kind of the glass castle where there was
a central computer room in housed a mainframe. Those mainframes
were truly astounding. They still are. That mainframe, in that
glass room, was controlled by professional Information Technology
people. People that knew what they were doing, at least at the
time, right?
Then we started seeing some changes. Do you remember the AppleII
and Visicalc? Visicalc was the killer application if you wanted to
do numbers. You bought an Apple, you purchased a little Apple II,
and you then pull data. People were asking the professionals in the
glasshouse, "can you give us data because we want to put together
some spreadsheets." People put together spreadsheets without really
understanding the implications and use of the numbers. Without
understanding how to audit a spreadsheet and to make sure that the
numbers used got correctly used. They didn't understand the double
journaling. They didn't understand the cross-referencing of the
information. That started a bit of a movement away from that glass
house and the hassle from it. They said, Hey, we can figure this
out. Why are we going to pay it all of this fake budget money to do
something for us, and we can do it for ourselves and do it cheaper.
Frankly, that's a problem I still face with many organizations, if
you can believe it. Many think they can do security themselves,
which by the way, is near impossible for almost any organization.
In this day and age, any small-medium business must have full-time
external professionals who are helping your internal IT people.
Your internal IT should be doing what they do best, which is
helping your business best use information technology, assisting
people to be more efficient, finding new ways of doing things, etc.
Instead of that, most businesses set up these various silos, like
sales and marketing or accounting, and each one of those silos,
those lines of business do things their way.
The sales guys, they're out, and they said, Hey, we're going to use
Salesforce. We're going to tie that into Constant Contact. Then you
have your accounting people saying we're going to use QuickBooks
Online or maybe one of Oracle's accounting systems. The
manufacturing people say, Well, we are going to use this particular
ERP program, which is going to be great for manufacturing. We've
decided that we're going to use Survey Monkey to collect
information from our customers from our vendors. Do you see where
I'm going? Each one of these lines of business is going out and
making what are in actuality Information Technology decisions.
They're making decisions about what type of technology to use.
Which is one level, but then the next level is they're using it.
They're putting the business's information at risk
It is a huge, huge problem. And it's something that I'll be
addressing with some of this training that I have coming up, and a
couple of these tutorials specifically tackle these problems. And
so if you're on my email list at Craig Peterson comm slash
subscribe, you're going to find out about these, and I'm going to
give you some great cheat sheets and other things. But all of those
again, Craig peterson.com slash subscribe. All of those different
lines of business, all of those different functional
responsibilities within an organization larger small, are adding up
and adding up massively. There is an enormous problem behind this.
Now you know that I use one password, I recommend it. And we
typically use one password in conjunction with do to help secure
login information. But because one password is used so frequently
by companies to keep track of logins, they have kind of a unique
view into the risks of all these different accounts. And what we're
talking about where these lines of business are making Information
Technology decisions that they're not qualified to make, and
frankly, in most small, medium businesses, there's probably no one
in the organization that's fully qualified. Still, at least it has
a better idea, but then, a marketing person or an accounting person
would have. So this is called shadow IT, and new one password
research is showing the risks behind it. And they surveyed 2100 us
adults working In an office that has an IT department, now, almost
everybody uses a computer for work, right. And so these 2100 that
they looked at all use computers at work. And they found that
two-thirds of the respondents have created at least one account in
the past 12 months, that their IT department doesn't audit. But
it's worse than that. It's not only that the IT department hasn't
looked at the account. They have not vetted the company behind it
to make sure that they conform to the regulatory security standards
required for the company. In fact, in two-thirds of the cases, the
IT department doesn't even know that user accounts were created and
are in use accessing company information. So one of the things when
we go in, remember I mentioned earlier that we kind of try and
nurse a company back to health. Getting their security, health, and
IT on track. What we'll do when we go in is we will start auditing
the shadow IT accounts. What are people using? Whether it's a
Dropbox account or you know, a photo-sharing site, whatever it is,
what are they using? There are some fascinating statistics here
that are coming out of one password. Only two and a half percent of
the people surveyed. Two and a half percent of the respondents said
that they use a unique password every time! Even the most basic of
security precautions are not in use by people who are creating
accounts on third-party websites. Isn't that amazing? And They're
putting company information up on some of those websites. I'm going
to make a note of this right now because frankly, it is scary to me
to think about this. Maybe we'll try and do a Facebook Live, or try
and do a YouTube Live and let you guys ask questions live there.
Let me see I want to put that in here so that I'm less likely to
forget about it. Alright, noted. So stick around. We're going to do
a wrap up when we get back. Couple more stories from this week all
of that right here. Thanks for being with us. I am Craig Peterson,
and we'll be right back on WGAN. And of course, online as always 24
seven, hopefully at Craig Peterson dot com stick around, because
we'll be right back.
Hi guys, Craig Peterson, here back on WGAN Thanks for joining
me. If you're listening to one of my podcasts, thank you very much
as well. We've got a lot going on. I have not been producing as
much content or shown up as much on Facebook Lives, or YouTube
lives, lately, because I've just been so busy with my team here
putting together some great tutorials. You are going to love these
also we are working on some course materials. You can only get that
if you are on my email list. Craig Peterson, dot com slash
subscribe. I'm not one of those guys who is sending you emails
every day โ trying to get you to buy something. I want you to
understand what's going on. And if I am in the process of releasing
free tutorials, or even paid courses you might get well, you will
get more emails from me because I don't want you to miss those
things. But this isn't one of those things. We're going to get a
constant stream of emails from me. I'm not going to overload you.
But again, Craig Peterson, dot com slash subscribe, so that you
don't miss out because you will miss some critical stuff. And some
training you won't get anywhere else guaranteed. So earlier in the
show today, in fact, the first hour I spent talking about these
scams from Airbnb, they are horrific. And I told you about some of
my own stories, all of them bad, some of them quite literally
horror stories. And I really would love it if you would listen to
them so that you can find out what I do to book and now when I'm
going somewhere, and I need a place to stay.
I also talked about the ACLU it's fighting against the Department
of Homeland Security's new effort here to try and track people
through their smartphones using information that any company out
there can get about you. Okay. So I'm not sure that this is good or
bad, because I don't think anybody should be tracking us. But
that's an entirely separate issue, right? How shadow it could put
your organization at risk is what we were just talking about a huge
deal. I went through some scams that are going on right now
surrounding the coronavirus and how they're getting money from
people and hacking people through them. And I want to talk right
now about the FBI investigations that are going on. I know over the
last couple of weeks, I've helped the FBI open a couple of
investigations, because of some real hacking that's been going on
from Iran, from China, from Russia against small businesses. These
are companies that have said to me before, literally, no, I'm too
small - Why would anybody care? Well, they do care because it's a
foothold. They care because you have intellectual property, they
want to steal. US intellectual property that might help them if
they're ever in a kinetic war with us, or even if they're just in a
cyberwar with us, right. What they want to do is hurt our economy.
What they want to do is shut us down. And what are the best ways to
do that? Well, let me tell you a China does know they are indeed
experts at some of this stuff. So the FBI is in the process right
now. And according to the future, really cyber warfare and the
future of technology. According to ZDnet, there can now be
millions, maybe even billions of dollars at risk by not properly
handling information security. And to me, this is a horrifying
thing, because I see it every day.
I know, there are some people out there that are saying, Craig,
you're not going to talk about it again. Look at what my
conversations with Ken and Matt this week. I asked them if they're
using password managers, which is, as I mentioned, the last
segment, the essential thing you can do with cybersecurity. And you
know what their answer was? No. No, well, and the statistic we just
saw, where they're not using unique passwords, only two and a half
percent using unique passwords on the website, again, an essential
thing you can do, and about 98% of those who responded to this
poll. We're not doing it.
So there was a conference last week in Washington on the topic of
Chinese adventure. Structural property from us tech firms, as well
as the academic sector. And we've spoken about both of those
before. Because there have been so many problems, right? Where the
academic sector, they are stealing our ideas before they even
become businesses, and they're going into businesses. They're
working in our universities in conjunction with the Department of
Defense. They're just getting so much information. But some of the
highest officials from the FBI, the Department of Justice, spend
their time about four hours they were given at this conference,
raising a sign of alarm, putting the private academic sector on
alert about the threats that they are currently facing over ID
theft. It's a very, very big deal that deeply concerns me, and it
should concern you too. The Feds are worried about China in
particular. Now, as I mentioned, we see right now, and we help the
FBI open some investigations into actual Iranian hacking going on,
which we've never seen before. My company hasn't ever seen it. But
we always see Russian and Chinese. That's just ongoing. Right. But
according to John DeMars, the Assistant Attorney General for
national security, who opened the conference, said the threat from
China is real. It's persistent. It's well-orchestrated, it's well
resourced, and it's not going away anytime soon. The FBI director
said the cases have been filing up since 2018, which is when the
Department of Justice launched the China initiative program, where
they started to try and counter as well as investigate Beijing's
economic espionage. So here's a quote from him. The FBI has about
1000 investigations involving China's attempted theft of US-based
technology in all 56 of our field offices, offices, and spanning
just about every industry in sector. That's from director Ray. And
some of those thousand are through us through your host through me.
Because I have seen them trying to get into I mean directly into
and succeeding, getting into some of our clients now, they weren't
clients, when the Chinese succeeded in getting through. We cleaned
up the mess after the fact its part of what we do at mainstream
where we are trying to nurse our newer clients back to health,
okay, but I've had a part of this thousand, Believe me, I know what
I'm talking about here. And that's why I am just focusing on this
so much lately. You know, I used to do, my radio show is mostly
about commercial or consumer stuff, just Basic, oh, isn't this a
cool new gadget and I still do some of that, right? You've heard me
talking about that. But now I end up spending a lot of time talking
about cybersecurity because I think everybody needs to understand
this a little bit better. But this article is up on my website. As
I said, Assam Zd net, it just goes through the details here, what
they're doing the business partnerships, investigations The FBI is
doing in China is rewarding IP theft. They're encouraging it. quote
here from Adam Hickey as Deputy Assistant Attorney General, there
are certainly a lot of cases where we don't have evidence beyond a
reasonable doubt that the Chinese government has procured or
sponsored the theft. But we see patterns with theft rewarded after
the fact. They've got a whole structure set up to encourage
industrial espionage. We know that's been also happening in Russia.
We have seen some of the Russian stuff. The entire Skolkovo project
that the Clintons were involved in that they got millions of
dollars from was aimed at stealing hypersonic missile technology
from the United States. The Russians were able to do through the
Skolkovo project, and now can shoot down some of our non-hypersonic
cruise missiles, thanks to the technology that they stole directly
from us through industrial espionage. And with the help of the
United States State Department. Now, that's not the current state
department. That's when Hillary Clinton was in charge of it. Okay,
man, we could go back. We can go back anyways.
insiders are also playing a big role. That's why you've got to be
careful about the hires from the universities. Okay. These Chinese
hackers aren't acting alone. anymore. They're using all kinds of
insiders, including useful idiots, which is what they call them. Do
you remember that in Homeland? The show Homeland, which has, I
think there's their last season is out right now. It's just
starting over on Showtime, a phenomenal series by the way. I
enjoyed it. In one of the episodes, a US senator, who was fighting
some of the legislation that the Feds were trying to push through,
found a wall with names and pictures. Under his name was the label
UI under his name by the bad guys. When he saw it, He asked, "What
does this UI under my name mean?" Upon where he was told, it stands
for Useful Idiot because he was an idiot. We've seen that so many
times with people in Congress and the Senate. Our representatives.
don't understand this stuff. We've seen it so many times, with
business owners who just don't understand it, how much at risk they
are, and then once the They're hacked. their businesses are over.
They are gone. How many times do we talk about that anyway? I'm, I
guess I'm kind of lecturing now. cross that line. Yeah, I get it.
Right. But we've got to be making people aware of what's happening
there. Multiple CEO summits meeting with academics across the US.
I've been thinking about maybe trying to put together some summits,
here, a virtual summit as well as real summit. We're probably going
to try and do that this fall, but certainly by the end of this
year. Because we have to help CEOs and everybody else understand
what's the risk, why is it a risk? What should we be doing about
it? Okay. It is all stuff you need to understand. All right. Well,
I hope you enjoyed today's show. I hope that you got something out
of it more than anything else, or electronic technology we're using
for a lecture. I talked about this week, and I was on TV talking
about that on the radio talking about that. Hopefully, you caught
some of those interviews. You can catch most of it. I don't have it
up yet. I got to get it up over on Craig peterson.com. We try and
include it as well. In our weekly newsletters, try and keep you up
to date. Use it for training in your organization, whether it's a
business, whether you're just sharing it with family, but you're
going to get all of that from me, just by subscribing to my free
newsletter. It is information-packed. Okay, if anything to complain
about, it said there might be a little too much information
sometimes. But I want to get it into your hands. Subscribe now.
Craig Peterson calm slash subscribe. I am not going to be scamming
you spam you or anything else. Thanks for joining me today. I'll be
back Wednesday morning with cannon Matt at 730. You're listening to
Craig Peterson
Transcription by otter.ai
---
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553