Today, we talk with Carrie Kerskie. Carrie Kerskie is a highly sought-after national speaker, author, and consultant on cyber security culture, identity theft, and fraud. She is the author of two books, Your Public Identity; Because Nothing is Private Anymore and Protect Your Identity. Carrie’s the host of Privacy Mentor Podcast. As a media favorite, she’s been featured in numerous publications such as Consumer Reports, KrebsOnSecurity.com, and MarketWatch. She appears regularly on NBC, ABC, and FOX.

• Technology is associated with so much unknown, constantly changing and fear of listening to “antivirus software”

  • Difficult telling what’s real and what’s not

  • Malicious pop-ups

• Assumption that “everyone should know”

  • Remote access software allows them to look at browsing history, especially dangerous when you have passwords stored in your browser

  • Allows hackers to really understand/know personal information

• These fraudsters are really good at what they do, right?

  • This is their full time job

  • Hackers go to school to learn how to do this

    • In Nigeria, you can get a college degree in “how to do the Nigerian scam”

    • These are opportunities for individuals, particularly in impoverished areas

  • Run like corporations (entry level employees to CEOs)

• In today’s world, you can’t get off or stay away from technology. You speak about shifts to keep privacy intact and be able to use technology, can you elaborate on this?

  • Really, it boils down to “the human factor”, which is still the weak link

  • 3 simple shifts, which we call the “CQ” (Cyber intelligence)

    • First, your personal culture shift: your social interactions around technology

      • There is a fear and embarrassment culture around technology

      • People become fearful to ask for help- we need to change this!

      • We need to change this culture of fear to a culture of empowerment

        • Talk to your friends, family and neighbors

        • One of the biggest advantage these criminals have is that we don’t talk about it

      • Importance of security: if it’s easy for you to login, it’s easy for the “bad guys” to get in

    • Second, a mindset shift: shift from a mindset of convenience to a mindset of privacy

      • We are in a convenience mindset: there’s an app for that

      • Always looking for short cuts and ways to outsource

      • The more convenience you have, the less secure your information is

        • Think of it like a sliding scale

      • Anything that is free, you are the product

        • Your information is the product and that’s what you’re giving up for the convenience of a free app

      • Make long passwords: minimum of 12-14 characters

        • Make them unique for each online account

        • Don’t recycle passwords

          • Hackers will use “credential stuffing” to plug the same password into multiple accounts and see if they get a hit

    • Third, your habit shift: how you use technology

      • Validate or eliminate

      • Anything you receive, before you ACT (call, open a link, etc), validate!

        • Verify that person or organization is the one that sent it to you

        • Pick up the phone and call (look up the phone number from the organizations website and call!)

        • If you can’t verify the original sender, eliminate it!

          • If it’s that important, they’ll find another way to contact you

  • Where do you keep your passwords? What’s the best way to keep passwords?

    • Paper and pencil! You can’t hack it!

      • Hide it, lock it up, put it somewhere someone can’t find it

      • Not under your keyboard!

    • Password managers are also available, may be more convenient

      • Look for 2 things:

        • Encryption in transit: protecting your passwords as they move from your device to the password manager server

          • Scrambles the code so it can’t be intercepted

        • Encryption at rest: when your passwords are stored on the password manager server, should the server get hacked, your password is scrambled

          • Must be an encryption key that puts passwords and characters back in order

    • Another resource: Digital vaults

      • Some reside in Switzerland (phenomenal privacy laws)

      • More than just passwords: can upload files

      • Your own individual vault is encrypted (in addition to the server encryption)

      • Can establish a beneficiary

        • If anyone needs any access to your passwords or your formal documents, allows them to do so

• If you had to tell our audience one thing to do today to start protecting themselves, what would you say?

  • In the big picture—think about privacy vs. convenience!

Contact information

Email:  ck@kerskie.com

Phone: (239) 435-9111

Website: https://carriekerskie.com

Tip Sheet on Identity Threats: https://kerskie.com/tipsheet 

Follow Carrie on social media @CarrieKerskie

Listen to Privacy Mentor on Apple, Spotify, and more