TaylorMade Solutions

Six Tips for Consumers to Avoid Becoming a Victim of Cybercrime

/1 Comment/in , /by

I believe that information is power. I know that every person that uses the internet could become a victim of cybercrime. Cybercriminals are becoming much, much better at duping us and getting us to willingly give up our credit card numbers. So, as I started out with, knowledge is power and I want to offer up the following six tips to avoid becoming a victim of cybercrime.

But before I give the tips, let me give an overview of what some of us are being victimized by. And, I want to stress that if you have been a victim, you are not alone. In fact, according to the 2017 Norton Cyber Security Insights Report, 10 million Canadians were affected by cybercrime last year. And the cost of this cybercrime? $1.8 billion Canadian dollars…this is not small change be any means.

So, how were criminals able to get this amount of money from people? Here are a few ways:

  1. Fake tech support via computer pop-ups:

Consumers accessing insecure sites often get pop-ups that tell you that you have a virus, that your computer has been compromised, or even that you have committed some fraudulent activity.  Of course you have not, but these criminals are playing on your fear, emotion and the hopes that you don’t have the technical savvy to realize this is a scam.

So, how can you tell that the site is not secure? One way is to look at the url or web address.

You need to see the secure lock as you see on our website. This is a SECURE site:

TaylorMade Solutions

 

 

This is an insecure site:

  TaylorMade SolutionsTaylorMade Solutions

2. Fake Tech support via phone calls:

If you have been an unfortunate victim of a pop-up scam, and gave your credit card, and/or control of your computer over to the scammers, they could wait a few months and then call pretending to be someone from Microsoft, Google, Norton, ….or any vendor really.  Your information my have been released on the Dark Web too, which makes you an interesting target for criminals. The callers will indicate that there is suspicious behaviour with your computer and they can help you fix it.

The fact is that vendors cannot legally see anything that is happening with your computer. If someone is claiming that they can see what is going in with your computer, either they are lying or they have some sort illegal access…or they are a member of the CIA, FBI, CSIS, MI5 or some other spy agency.

So, if you don’t think a member of a spy agency is watching you…it’s a scam. Hang up. Don’t ever, ever, ever give control of your computer over to a caller. Don’t ever, ever, ever give any credit card information to someone claiming they can fix your computer who has called YOU (or if there is a popup on your computer).

3. Fake Credit Card Breach:

If someone calls claiming to be from your credit card company stating the your card has been used inappropriately, never give any information. The scam is that they will ask for your birthdate, your card number and some other details, maybe even your PIN or the SVC on the back of the card. Never. I repeat. Never give this information. Instead hangup and call the number YOU have for your credit card company and ask to validate a call that just came in. Don’t call the number that the potential scammer gave you. That’s how they get you.

So, what can you do? Here are Six simple tips:

  1. Don’t fall for computer pop-ups. If they appear, either get off the site, or disconnect from internet or shut down your computer or all of these options… Always look and use secure sites. Look for the https: and the lock symbol as shown above.
  2. If you get a call from someone claiming to be tech support, hang-up.
  3. Never give access to someone to remotely control your computer..NEVER.
  4. Never give your credit card information to someone who claims to be helping you.
  5. Remember that vendors, be it Microsoft, Norton, your service provider, etc. cannot see that something “suspicious” is happening with your computer. If someone claims that, they are lying to you.
  6. Keep your antivirus software updated, but don’t think that will protect you from everything. You need to be vigilant and follow 1-5 above.

But what happens if one of this very clever scammers succeeds… and by the way, you would not be alone. Remember that approximately 10 million Canadians were victim to cybercrime in 2017. Here are some things you must do:

  1. Contact your bank or credit card company immediately, if you gave your information, to advise them of what has happened.
  2. Never call the “company” again. Doing so tips them off and thwarts police investigation.
  3. Report the scam to your local police.
  4. If you gave access to your computer, ALWAYS take your computer to a professional who can clean your computer and remove viruses, malware and/or other software installed by the criminal. Not doing so could mean that the criminal installed malicious software that can record your keystrokes to get your sensitive information, or could be a virus or something else that will harm you and your data.

Being on line is no different than protecting yourself in your home. You lock the doors and you don’t let strangers in. Do the same for your online safety.

Want to know more? Contact us for more details.

TaylorMade Solutions, cybercrime

Are Communication Failures Lessening the Impact of Cybercriminals?

/in , , /by

Not a day goes by where we don’t hear of some hack or another where cybercriminals are making a killing. Despite this however, there are a couple of things that appear to be happening:

  1. The average person, consumer or even worker is not connecting the dots to either realize that they are at risk, or that their actions are the risk and the entry point for these cybercriminals. 
  1. Organizations, for profit or not-for-profit, are not heeding the simple warnings to carry out simple tasks such as patching, but they aren’t also being held accountable for the compromise of personal data breaches.

The lack of accountability is very significant and we as consumers need to hold their feet to the fire and require that regulations, laws and enforcement occur.

So, why is this? I think that there are a few reasons that the message for action and taking precautions are not getting through. They include:

  1. We continue to use language that people don’t understand. This definitely tops my list. I see it when I speak to business people all of the time. I talk about cybersecurity issues or risks and they just don’t get it. One of the first comments is: we outsource our IT. Or, we operate in the Cloud, so it’s not an issue.

These comments definitely demonstrate that they are only seeing cybersecurity as an IT or networking issue. It’s much more than that and we need to educate our front line defence! Our human resources! And to arm them properly, we need to find a common language that people understand, not just the people in the “biz.”TaylorMade Solutions, cybercrime

Rather than refer to cybersecurity breaches, we need to help people see the criminal aspect of what is happening and that there are some easy steps to take to help protect each of us from them. For example, how many people lock their homes when the leave? Heck, how many of us keep the doors locked all of the time? It’s a matter of personal protection. Protecting our families and protecting our property. We now need to think about online safety in the same way. We need to lock the doors (our computers and internet access from criminals) and ensure that ensure that our windows are also closed and locked. If by chance a lock doesn’t quite work like it used to (continuously update our versus protection and software patches), we replace it immediately.

      2. When we do talk about cybercrime, we paint the picture of the villain in a hoodie in a dark basement. This is an old and outdated picture. Reality is, cybercriminals are often the people you least expect and can quite frankly be anywhere in the world, including next door, or in another country on the other side of the world. The point is, they aren’t likely lurking in a basement, but rather in comfortable quarters living off the ill gotten gains of people who might just be a little too trusting. Maybe you, maybe your neighbour, maybe a family member.

So, what is the solution?

In my opinion we need to go back to basics. Communications 101 actually. Who is our audience? What are we trying to tell them in order to get them to change behaviours? What language should we be using so that they understand? In other words, stop with the tech talk or cybersecurity industry talk. Speak to them in their language. And finally, where are they consuming information so that we can reach them?

These are simple steps that we can do. We just need to do them.

Do you have other ideas? We would love to know.

Do you need help implementing your internal Comms Plan or even developing a Privacy Breach Plan? If so, let us know.

TaylorMade Solutions

Three Reasons To Stop Using Auto Direct Messages

/in , /by

Have you ever followed someone on Twitter and shortly after received a direct message thanking you for following? Of course you have. The real question is however, what was the content in that message? Was it a nice personal and specific message to you? Or, was it an “auto direct message” with some obvious attempt to sell you something and very generic? Something like: “Thanks for following. Check out my book or product. Or, follow me here (as in Facebook or Linked)”. If it was the latter, you are not alone. It’s really easy to set up those auto direct messages. However, is it really what you want to be doing? No! It is not in my humble opinion. In fact, it’s long overdue to to stop using auto direct messages.

More than a decade into social media and people still want the easy way out when building an audience or selling a product or service. I suppose I can’t blame them. After all, it is a busy world and using multiple social media, maintaining websites and using traditional marketing can be very time consuming. Like anything social media should be executed properly. This means first having a digital strategy that is part of an integrated marketing strategy and of course ties into your corporate objectives – whatever they may be. But let’s look at three reasons that you and your business should stop using auto direct messages.

  1. Auto Direct Messages Don’t Make People Look Sophisticated TaylorMade Solutions

Perhaps when Twitter first emerged and people used direct messages also affectionately known as DMs, it was pretty awesome to get an instant response after following someone. That time however, has come and gone. Rather than look sophisticated or super busy, you actually come across as taking short cuts. One of the original intentions of Twitter was to foster engagement. To build relationships with people that you couldn’t otherwise connect with in person. Additionally, if you are a loyal customer and love a certain brand, it was a way to connect and build a relationship.

2. You are Likely Spamming People and Breaking Anti-Spam Laws

Around the world laws for privacy and digital communications are changing.These laws often don’t only apply to a person or entity in the country in they live and/or operate a business in, but they cross geographic borders and digital boundaries. For example, the Canadian Anti-Spam Legislation, also known as CASL has specific laws government social media communications. The General Data Protection Regulation (GDPR) which covers Europe also has very specific rules for #privacy and while it has been in effect for a few years now, come May 25, 2018, full enforcement and penalties come into affect. This law is not just for Europeans, but for ANY business with customers IN Europe.

3. It’s Not All About You

Let’s think about our followers as more than just a number or someone that you can push your wares on. Instead, it’s about relationships. And, while some people still don’t believe that social media is about relationships, there are many more of us that believe that you can’t and shouldn’t use social media like we used old school print media. We need to build trust with our audience. We need to be authentic. When I follow someone and there response is thanks, buy this from me or add to my follower count on this other channel, it screams disingenuous  intentions to me. It is the same thing as someone introducing him or herself to you at a party. They barely get a hello my name is X and you are already selling them “something” they may or may not need or want. The rule of thumb in any business is to form a relationship. An auto DM is not even close to doing that.

There are many other reasons not to do auto DMs and I would like to hear your reasons.

As a small business it’s not always easy to navigate the social media strategy needed. If you need assistance, we can help – keeping in mind #privacy legislation. Reach out! We are here to help.

ThermaRay

SEO and Inbound Marketing in Construction Industry

/in /by

[Editor’s Note: This is a guest post by two St. Thomas University Students: Alexandra Swift and Allison Bruder. It was completed as part of a course assignment in the fall of 2017]

In this interview with ThermaRay’s president Kevin Kilbride, we explored the topics of inbound marketing, search engine optimization and global marketing. ThermaRay was founded in 1985, and since then has been providing sustainable heating solutions with a wide range of electric radiant systems, including our radiant ceiling, architectural series, floor warming, underfloor warming and earth thermal storage products. The topic of this interview was inbound marketing, and ThermaRay’s use of this tactic in marketing both in Canada and globally.

Mr. Kilbride explained that ThermaRay is not fully focused on inbound marketing because they haven’t been able to find a vehicle that will drive potential customers to their website the way they would like based on their industry. The problem with their online search catalogue was that if you don’t know what you’re looking for, how are you supposed to search it and go find it? In this question and answer, Mr. Kilbride explained his company’s use of SEO and other inbound marketing strategies specific to ThermaRay.ThermaRay

What forms of social media does your company use?

We have a LinkedIn page, Facebook page a web site of course and I have a Twitter account. The website is the real focus for us. We also occasionally use YouTube to direct people for project installations. There are also a number of search engines, that are used as a resource. As well as online courses that are used to offer courses internationally.

What form of social media do you find the most effective?

Our website by far is the most effective. We use YouTube to direct people to see the odd project installation but that’s it. There are other forms of social media when you are in the business-to-business sector – online searchable catalogues, on-line courses that have been the most effective for us. Our website is the most effective because when people need the services we offer, such as homeowners, they often just google what they need and find us.

What steps do you take prior to sending out messages for marketing?

We tailor the message according to the audience. So an email blast to architects will be based more on the design aspects than say to an engineer who wants to know how it was installed and what problem did it solve for him. A potential problem that comes along with sending out messages is the area of spam email. You can buy databases but with junk folder filters and in Canada at least, spam being illegal it is very difficult to do email blasts. The way we can do it is via our presentations. Attendees on-line or face-to-face have to sign in and that gives us permission to send them emails, newsletters etc… until they unsubscribe. Yet I still hear from organizations willing to sell us a database of targeted individuals. Assuming it’s legal in the use to “spam” most people don’t like it and you’ll end up with a negative view of your company. This makes for a strong case to have an inbound marketing program.

What channels do you find most effective?

Website SEO works well for us. We rank in the first page in Canada in the US by using keywords that the industry is using in search engines.

What is your primary audience?

We have several audiences. In the construction industry, we work with architects but we also have to work with their mechanical engineers who are responsible for the heating, ventilation and air conditioning. So even though we sell the idea to the architect, we have to sell it to the engineer because he can squash the use of our product. In the residential side, we sell primarily to the homeowner but again the builder and electrical contractor are influencers so we have to be sure they are on board as well.

You mentioned that your company is not as focused on inbound marketing, why is that?

Other than SEO, we have yet to find a vehicle that will drive potential customers to our site. The problem we discovered though using an online searchable catalogue is that if you don’t know what you’re looking for, how do you know to go look for it? So if you need doors or windows, that’s an easy find. But how do you know when you should be using a radiant heating system instead of a conventional heating system? There is an education component here. So as well listed one maybe on some of these type of searchable product lists, you have to know what it is you’re looking for. When someone does, they tend to use Google and that’s how we get found out.

ThermaRay is a company based out of New Brunswick, but has expanded worldwide. How did you reach such a large consumer base from this small province?

We’re still a pretty small player, but that gives us an advantage. We are more nimble, more responsive to clients. We’ve had some success with local dealers promoting our products and we get the odd international customer looking for what we have. We have also worked with Opportunities New Brunswick to help grow our market.

What do you believe is the number one-way people hear about your company?

There’s no #1 method. We use SEO, we have an online course that is recognized by the American Institute of Architects so that gives us some credibility, we then do presentations to groups of architects and engineers and some plain old face-to-face selling.

ThermaRay has been involved in a few trade shows, how do you think these have helped your company’s marketing? And what do you think would be more effective?

There are consumer trade shows but there are also business trade shows. There are local ones and national ones. However, not every show has the same caliber so they are not all as effective, they tend to be very specific. In regards to trade shows, there is some give and take, it depends on the show and the product you have. I will generally not do a trade show unless I have interest in the local market. The problem with trade shows is that they are very expensive and you have limited time to talk to someone, so with a simple product it is more effective, but when your product is specific, you do not always get the chance to have a deeper conversation with a potential customer. Instead of a trade show, some larger companies have started hosting small events for their customers with drinks and food, these provide a more relaxing setting and allows for more time to connect and explain things.

Have you ever used Google Analytics to track your company’s search engine traffic? What do you do with this information?

Yes, we use them quite a bit. We overhauled our website earlier this year and we noticed a drop so we’re going to focus more on tweaking the word search on the site. We also use the analytics to find out what words people are using for their searches. Just because we call our product x, it may go by a different name by the general public. So for example, we have a floor warming system but the bulk of people call it floor heating so we want to know that.

[Editor’s Note. We thank Alexandra and Allison for the work they did and contributing to our blob.

Why I Will Never Wish You Happy Birthday Again on Social Media

/2 Comments/in , , /by

Not a day goes by that I don’t see friends or family celebrating their birthday. I know it is their birthday because I see both the reminders on social media – Facebook and LinkedIn – and the countless scores of people who are sending their best wishes. In fact, I used to be one of those people!

I will however, never wish you happy birthday again on social media! And here’s why:

I actually care about you. Now of course those doing the well wishing care too. Don’t get me wrong. The fact is however, that social media is the primary method that cybercriminals now use to learn about you. It’s called social engineering. And knowing what I know now, I opt to not help cybercriminals.

Some of you might be saying: “What the heck is social engineering and why do I care?”Social Engineering/CyberCrime

It’s a great question. I am glad you are asking and you should definitely care. There are of course many definitions. Some formal and others not so much. For simplicity sake, social engineering is psychological manipulation of people into performing actions or divulging confidential information. In the age of social media however, manipulation might not be an issue. After all social media is meant to be sharing platforms where we can express ourselves, share information about our family, our jobs, our vacations and even what we buy or do.

For years we have been encouraged to share…maybe even overshare. Every detail of our lives can be found on our social media profiles. And while this is a great way to keep family and friends up-to-date with what we are doing, there is a dark side.

In fact, social media is now one of the best sources for criminals to obtain countless bits of information about you, your family, your employer and even your friends. They can then use this information to:

  1. Spoof you and create fake social media accounts in your name and/or fill out credit applications. This of course is known as identity theft. The ramifications can range from less than desirable to very serious.
  2. Send phishing email to your colleagues at work attempting to:
  • get more details on your organization,
  • try to secure false payments, or
  • have a virus or ransomware deployed when a link and/or attachment is clicked by your trusting coworkers who think you are emailing them.

These have all been very effectively used by cybercriminals not just globally, but locally.

So, how can you protect yourself and your employer? Here are 10 simple tips:

  1. Ensure your privacy and security settings are as strong as possible.
  2. Review your privacy settings on a regular basis, say three times a year. Set a calendar reminder.
  3. Never show your birthdate on your social media. Never.
  4. Never list your martial status on your social media. Never.
  5. Don’t list your family members.
  6. Never accept connection requests from people you don’t actually know. This applies to LinkedIn as well.
  7. Never put your home address on social media.
  8. While we tend to put a lot of information about ourselves on LinkedIn, don’t put personal information on this profile.
  9. When you receive an email from someone you don’t know, never click on the link or open an attachment that maybe included. This includes email from couriers, Canada post, Revenue Canada, etc. Think twice and never click.
  10. When you do receive email from some you DO know, but aren’t expecting it, think twice before clicking on the link or to open the attachment. Don’t be afraid to call the person you know or send a new email ( don’t do a respond) asking if he or she sent you an email with a link and/or attachment.

These 10 simple tips will help protect you and your employer against the actions of cybercriminals. And, I do think it is our responsibility to help protect our employers. Research has shown that cybercrime is expensive and some businesses can’t recover, so doing our part is helping to protect our jobs.

We all must remain vigilant. It is an unfortunate part of using social. Like anything criminals find new ways to leverage technology to try to gain from.

If you would like to learn more, connect with us. Be Prepared! Be Trained! Have a TaylorMade Solution!