We're living in a world where spam, phishing and cyber theft are all too common. Unfortunately, last month, I became a victim.
We’re living in a world where spam, phishing and cyber theft are all too common. At some point or another, you’ve probably been on the receiving end of an email starting off like this: “Sorry, but my email account was hacked, please don’t click on any strange links that were sent…”
Unfortunately, last month, I became a victim—my inbox was hacked and hijacked.
Fact is, modern computer systems are so complex and there are so many different flaws waiting to be exploited. All it takes is a skilled hacker with a criminal mind and an anonymous bank account. In just a few clicks, they can create an expensive data breach that’ll rack up thousands of dollars in losses and cause an endless amount of aggravation.
Here’s my story.
An anonymous hacker hijacked my inbox using complex coding skills and illegal cyber tools. The hacker spent a few days quietly observing my activity and seeing what projects were being worked on. Then, using my personal email avatar and pretending to be Meny Hoffman, the hacker emailed my office staff and instructed that $17,000 be wired to a third-party bank account.
Although the wire was initially sent out, I caught wind of it right away and immediately notified Chase Bank about the theft. My banker attempted to stop the transfer, reaching out to the financial institution on the receiving end and calling multiple managers, but it was too late. The $17,000 wire was already in progress and deemed unrecoverable.
To make a long story short, after running back and forth between banks, computer experts and law enforcement agencies, Chase Bank decided to uphold its reputation for first-rate customer service and sent the $17,000 back to me, opting to work toward recovering the lost funds on their own.
While I’d like to publicly recognize the efforts and dedication of Chase Bank, my reason for telling you this story is to relay a few Ptex Practical Pointers that you can apply to your own internal processes and prevent this painful episode from happening to you.
Never Ever Click: Don’t click on links in emails that may appear suspicious or are questionable. Many phishing attempts lead you to misleading websites that ask you to log in—and then steal your password when you try. If a link looks odd, delete it immediately and then notify the person who sent it.
Better Double Up: Consider using Multi-Factor Authentication (also known as 2-Step Verification), which requires both a “password” and an “answer” to a question for obtaining account access. Multi-Factor Authentication is available on Google and can be used as a powerful deterrent to prevent account theft.
Don’t Be Predictable: Some people find it convenient to use a single password for multiple websites—including personal email accounts, financial services, social media and more. Bad idea. Switch things up and use different passwords for each entry point. This way, even if one website password gets hacked, the others will remain secure.
Create Internal Processes: Implement an across-the-board system within your office that requires a double verification to authorize any large funds being wired or sent out, and to flag any transaction over a specific amount for immediate review.
As much as we rely on technology to accomplish so much in the world of business and beyond, it behooves us to recognize there are dishonest people out there who don’t necessarily share those sentiments. So be sure stay vigilant, keep your eyes open, and feel free to spread this timely message of awareness to all your friends and associates.
Ultimately, it took a $17,000 hacking scare for me to learn my lesson. I sincerely hope this post will do the job for you.
Onward and upward,
Meny Hoffman
P.S. Do you have a hacking horror story of your own to share? I’d be intrigued to hear about it. Feel free to comment!
