Some of you may be aware of some of the reasons I came to join guardDog.ai in 2020 as Director of Business Development (and am now EVP). I was running a public relations agency, sending out vital information to thousands of constituents and followers about the clients I represented. An arena where reputation (and regulation) is key.
And – you have guessed it – my agency was one of the 1390 small U.S (United States). businesses (according to Security Magazine) that were hit in 2020 with a ransomware attack. Before I knew what had happened, a fraudulent message over my name and company masthead had spun out from my desk to 4,000 of my trusted contacts. At that moment, the war against cyber hackers got real and my journey to guardDog.ai became very personal.
And I am far from alone. Security Magazine goes on to report that ransomware attacks like the one that hit my small business rose by 92.7% to 2,690 in 2021. And the numbers keep climbing – consider this story from one of my own team members who had this experience last week, in June of 2022:
“As a small business owner, I am often on the run, maintaining my business from my phone and computer. So, I ended up having a common password I used with a couple different combinations on a couple of different sites. Unfortunately, one of the sites (a popular business for buying/selling/exchanging clothing) experienced a breach in which many personal passwords were identified, stolen, and sold.”
“My small business uses a text messaging solution to communicate with our customers,” she continued. “We have a designated phone number our texts come from so our customers can save us in their phone. The Hacker was able to access this account via the clothing site password they purchased.”
I know what we are all thinking yet we’ve all done it – how did her business account password get affected by the hack of a retail website for women's clothing exchange?
Queue back to her story: At 3:54 p.m., she hears an email chime. It is about her Bank of America Debit Card: “Due to an upgrade on our system you are required to reactivate your card starting 4427****** within 4 hours at www.*****.com to avoid loss of funds.”
“Right away I logged into my account and reached out to support and changed my password on that account,” she says. The next part will give you chills:
“The hacker and I were in my account at the same time as they were trying to send messages to my customers. I was communicating with live chat as I could not get a hold of my account representative. I would create a message telling customers not to click on the link and the hacker would immediately delete it. Any information I was sharing in chat with the representative the hacker was seeing as well.”
Then the finale. Hacker: “Anna I have hacked your account. Pay me 10K or I will delete your subscribers.”
“I did not engage with the hacker and continued to try to kick them out of my account and warn my customers not to respond to his call.”
“It felt like a nightmare. No matter what I did within my own account, I was being blocked by the hacker.”
After 15 min and with the bank’s help we were finally able to deactivate my account which kicked the hacker back out. We also made the scam link a dead link so no one could fall for it. And were able to get a message out to our customers”
‘DO NOT CLICK on the link just texted to you from The Lady Bag. The text and link above are a scam’
Our Small Business’s text solution had been compromised. Thankfully, our customers’ data is now safe.
But the moral of the story for my team member is this:
When it comes to Cyber Security hygiene, do not miss the easy hits. Pay attention to password security, always. You should always use a different password and never repeat a password in case of a breach. And protect your business with your browser’s password creation system.
Now she is back to building trust with her customers and learning from this experience as I learned from mine. Cyber security is more pernicious than ever, every one of us should learn from Anna’s experience and my own before the inevitable ransom attack affects you.
Practice cyber security hygiene by protecting and respecting your password protection. You are never too busy to protect your business and your personal security with this one extra step.
And as you take that step, you should also be protecting your home and business networks with guardDog.ai.