Scott Schober is the President and CEO of Berkeley Varitronics Systems, a 52-year-old, New Jersey-based provider of advanced, world-class wireless test and security solutions. He is the author of three best-selling security books: Hacked Again, Cybersecurity is Everybody’s Business, and Senior Cyber.
Scott is a highly sought-after author and expert for live security events, media appearances, and commentary on the topics of ransomware, wireless threats, drone surveillance and hacking, and cybersecurity for consumers, and small businesses. He is often seen on ABC News, Bloomberg TV, Al Jazeera America, CBS This Morning News, CNN, Fox Business, and many more networks.
Scott also serves as the CSO and Chief Media Commentator for Cybersecurity Ventures and sits on several cyber advisory boards for various companies.
In this episode, Jason and Scott discuss:
- The deep impact of family influence on career paths and personal growth
- The lessons learned from cyber-attacks and the critical need for vulnerability assessments
- Strategies for creating and managing strong passwords to improve personal and corporate security
- The significance of a proactive cybersecurity strategy and the limitations of cyber insurance
- The vulnerabilities of the elderly to scams and the benefits of digital payment technologies for improved transaction security
Key Takeaways:
- No one is immune to cyber threats; ongoing education and vulnerability assessments are key to security.
- Strong, unique passwords and the strategic use of password managers are essential in protecting against cyber threats.
- Multi-factor authentication is a crucial basic cybersecurity practice for businesses to adopt.
- Businesses should focus on proactive cybersecurity strategies to minimize the risk and cost of cyber-attacks.
- The elderly are at particular risk for scams, making education and safe technology use critical; digital payment methods offer enhanced security against fraud.
“Go back to the basics. What you and I can control, your listeners can control. Take that extra 10 seconds and use multi-factor authentication. If you're a business leader, enforce it. And not just at the IT level, but from the top down. I always say it has to be implemented from the CEO all the way down to the janitor. Everyone has to appreciate the importance of cybersecurity in an organization, including their vendors and partners. The world would be a safer place.”
- Scott Schober
Connect with Scott Schober:
- Websites: https://www.bvsystems.com/ , https://scottschober.com/
- LinkedIn
- Scott's Books: https://scottschober.com/cybersecurity-is-everybodys-business/
Connect with Steve and Jason:
-
Website: Rewire, Inc.: Transformed Thinking
- Email: grow@rewireinc.com
Listen to the podcast here:
Hello, and welcome, everybody to the show. This is your host, Jason Abell of the Insight Interviews, and I've got a guest for you today that, gosh, may be a little bit different than our normal guests, but also, well, heck, you'll see. Very, very valuable and all kinds of leadership insights will be ahead of us today. Today, our guest is Scott Shover. Scott is the president and CEO of Berkeley varitronics systems. What the heck is Berkeley varitronics systems? Well, it's this. It's a 52-year-old company, it's based in New Jersey. They are a provider of advanced world class, wireless test and security solutions. Scott has authored three books; he's working on his fourth, and when it comes to wireless security, cybersecurity, those types of things, Scott is the guy. Scott, welcome to the show.
Yeah, great to be here with you.
Scott, we have got all kinds of questions for you, all kinds of things that we're going to get into, but we start our podcasts with the same question with every single guest to get us facing in a particular direction, and that is gratitude. So, as you and I engage one another today, who or what are you particularly grateful for?
Well, when I reflect back on the family business, since we're family business, 52 years old, it was founded by my father. He retired a number of years ago, but I'm always grateful for, I guess, kind of the inspiration that he's given me. I think back, geez, I started sixth grade. Not many people started their job in sixth grade and here I am, decades later, still working at the same job. Started out, you know, sweeping the floors, cutting the grass painting, learning electronics, I went to Kane University for my undergraduate and got a degree in computer science then New York University. Studied telecommunications and media. Kind of always been surrounded in the family business, and growing up, I've been, you know, a hacker, a gamer, played with robotics, and a lot of that I thank my father for kind of inspiring me to always, you know, shadow over him and learn from him, and I still do to this day. And it's an honor to run a business now for myself. It's been a little more than 20 years that I've been the president of the company and kind of giving it direction and innovating. And, you know, I guess I have ultimate gratitude toward him and giving me the opportunity. Never had to actually create a resume in my life, which is kind of weird or apply for a job. It feels strange, but I do that on the other end. I'm hiring people. Today I'm hiring somebody, hopefully, and going to meet with them. So, it's kind of a different switch than most of the people I talked to in the world of business.
Not everybody in the C suite went to school for what it is that they're doing. But you did. Sounds like it was the same plane all the way through. When it comes to wireless and cybersecurity, you have seen and done a ton. What extraordinary story comes to mind that you've been personally involved with when it comes to the topic of cybersecurity?
There are a lot of them, a couple standouts. And let me think of what stands out the most. I would say for cyber security, just the fact learning that nobody is 100% safe. And what do I mean by that? I'll take myself as an example. Running a wireless cybersecurity company. I always thought we're safe. This was years ago. And the more educated people, the more I started to get a target on my back. And what do I mean by that? I go on radio or TV or great podcasts like this and talk to people, hey, here's tips, you need to do this and that. Well, the hackers went after me. And it started seemingly innocent. And I said, oh, our Twitter account was hacked, and everybody's had that happen. My credit card, and my debit card got compromised for the company. But then also personally at the same time. Imagine having four of your cards compromised at the same time. Coincidental? I don't think so. Our online store, we saw a lot of our wireless security tools stopped working, repeated DDoS attack by some unknown hacker. It went on and on and we were struggling with problems, and then one morning, I came in and I turn the computer on to check the bank account, $65,000 gone, I said, something is wrong. And that led to a full-blown investigation, federal investigation, letters, paperwork, I had to get the money back, obviously. So, I learned a lot in the process. I always thought, wow, we are a secure company. Guess what? You learn about every company has vulnerabilities. Every person does. So, I quickly got a vulnerability assessment and had penetration testing done to really expose the weaknesses in our company in our organization, so we could shore them up and not get repeatedly hacked. Doesn't mean people have stopped trying, but certainly I've learned if nothing else, it really affects everybody. I wrote my first book Hacked Again, which is really the chronicle detailing how I fell victim to hackers, what I learned, and as I kept dealing with that, it kept on going. I said, geez, it went to the point where it was this big story about hey, Target got compromised, and all these credit cards, and now it’s starting to affect all of our lives. And I started talking to small business owners. And then I wrote my second book, Cybersecurity is Everybody's Business, because it really started to resonate with everyone. People, my friends, family, relatives, coworkers, doesn't matter. Wherever I was, they would say, hey, Scott, did you hear about this breach? What do you know about it? What happened? What do I gotta do to stay safe? And I constantly found myself trying to educate people. In the process of that, I have to keep up on top. I have to constantly be reading articles, talking to people, attending seven seminars to educate myself to stay up with the latest and greatest threats and how to stay safe. So, from that perspective, it's an ongoing battle to learn about cybersecurity and what to do, and hopefully I can disseminate the information I take and to help others.
So yeah, when you become an expert at a certain topic, the goal becomes well, okay, he's a cybersecurity expert, well, let's hack him, right? So, you got a big target on your back. I can definitely see how that would be the case. Well, you mentioned a lot of books that you've written, and I did my research ahead of time, and yeah, you're a go to expert, my friend. One quick Google search and there's all kinds of YouTube video on you. I don't know, every network that's out there being an expert as to you know, what it is that you do for the everyday person like me. I'd love for you to chronicle like, what are, I guess this is a two or three part question, but just start off with the first part. What's an everyday person like me need to be aware of or concerned about when it comes to this topic of Cybersecurity, Wireless Security?
Great question. I think the number one thing to realize is, we're all vulnerable. If a hacker wants to get into our account, they can successfully get into our account. That being said, there's layers of security. So, if you, as an average consumer, want to implement several layers of security, you will make it hard enough to the hacker moves on to the next easy target. They go after the low hanging fruit. It's proven year after year that this works. And it's doing simple things that you or I can do. A lot of times we think, well I gotta go spend money and buy virus software and hire someone. No, not necessarily. Just implementing best practices, which you'll find most people don't do. That's kind of the irony of it. Everybody talks about it yet every time I present an audience, I say, show of hands, you know, who here has a password that you know this long? Who here reuses that same password over multiple logins ? And guess what, more than 50% go, yeah, okay, I reuse part of the password or some of it. What's the big deal? Well, when a hacker compromises Jason's password, what are they going to do? They actually take it. They're lazy. They take that password that's compromised, they put it into an automated software tool. That tool will take that same password with your login credentials, which is probably your email address or your name or whatever, and it automatically will go out to 1000s of the common websites and try to get in as Jason, and so in a matter of seconds if they have your one password and you reuse that password anywhere, they're into all your others. And I’ll tell you a true story, short story. When my first book was written, I was talking with a friend, I have a close friend and always preaching to him, importance of password, importance of password. Don't ever reuse the same password. He kind of laughed like Yeah, Scott, you're paranoid, you're paranoid. And he had a trip international, was coming into an airport, and he said, could you pick me up? Yes, sure. Send me your itinerary. Got it. And I wasn't thinking. I didn't look at the itinerary. But when I looked at it closer, it was that day to pick them up. And I'm like, oh, what time do I have to go? I thought it was after work. It was like 1am at night. I'm like, geez, I gotta go pick him up at the airport. 1am or whatever. I text him back, yeah, I'll be there. I didn't realize it was so late or whatever. And then I got frustrated. This is really an inconvenience for me. I said, I think I'm going to send him a lesson. I'm gonna have some fun with him. I looked down his itinerary and I saw his United frequent flyer number and I said, oh, look, see if I can get into his account. So I go on to you know, United, login, put his name in, and I said, what would his password be? I said, let me socially engineer it. I know him, he's a friend, I've known for years. And I said, let me take a few minutes and just think everything about him. He likes this, he likes to travel, and what's his favorite thing? Hockey. Oh, my gosh, he's addicted to hockey, he watches every game. What's his favorite player? I know his favorite player. Now, let me just try this. Put in his favorite player’s name. First try, got into his account. I said this is embarrassing. I said, okay, I'm no expert in that sense of guessing passwords, I just happened to think about it and kind of socially engineered it by knowing someone. I said, but more importantly, let me go on to another account. He works in the financial sector. Let me see if I could log into a financial account. I know the bank he goes to. What are the chances of this? And what are the chances that he has multifactor authentication setup? So first try, I got in. He uses the same password. When I got back, I told him, you gotta read the chapter I wrote in my book about passwords and not reusing the same password. And he said, why should I do that? I said, I'll tell you when I pick you up at the airport, because I know somebody's account that just got hacked, not telling him it was him. I pick him up the airport and explain whole story. And I said, how many accounts do you have with the same password? He goes all of them.
Oh boy.
I said, oh my goodness, because he re-used the passwords. And that kind of always stood out in my mind, and everybody I talk to I find still does it. Why? Because it's so hard to remember a long, strong password.
Right.
What do you do? Password Manager. Get a password manager. Create a 16-character long password, and again, longer is more important in some ways than obscure. People don't realize that having a 16-character password is far more secure than just having some obscure thing five and dollar sign, question mark. And a password manager will create a long, strong password for you, and it will store it safely. Keep it encrypted. It's better than doing nothing. Scribbling it on sticky notes and everything that we all tend to do. So, little things like that are what you and I can do that actually make us a lot stronger. Another example: security challenge questions. You ever get that? You're logging on to your bank. What high school did you go to? Guess what? I could find out what high school Jason went to in about one minute. So, don't be honest. That's an opportunity for you, as a user to be dishonest. You could put password 123 as the high school you attended and that would be 10,000 times more secure than the actual high school you attended. People don't think like that, but use that as an opportunity. Again, getting back to layers of security. Send the hackers away to go to easier targets. So, I always like to encourage people just to the basic things to start with. If you're not doing the basic things, they're going to eventually get in, you're going to be part of a data breach or compromised via Yahoo, Gmail, whatever, or some other company and now your information will be sold out on the dark web, and then they'll keep chipping away until they'll steal your identity or break into your bank account. Whatever the case may be.
I've got 38 more questions just based on that story. Scott, all right, but I'll just ask a couple of them and then I want to get into what else the normal, you know, regular person like me can do. I mean, okay, do not reuse the same password, got it. I heard that. Use a password manager. Got it, kind of. Like, I think I understand that. Are passwords soon going to be a thing of the past? I hear you on everything that you're saying, but my gosh, I do have mostly separate passwords for different things, but every single site that I'm on, business and personal and everything, requires a different password. It's impossible to keep track of it all. So, is that going to be a thing of the past one day? Like, is there, I don't know, do you techy people have a way, I don't know. What's gonna happen with the whole password thing? Or are we stuck with them?
Yes and no. It's like anything else. People say money as we know it's going to be gone, everything will switch over to cryptocurrency. Has it happened? Not really yet. Mag stripes on our credit card. 20-year-old technology, people are skimming it stealing our credit cards day in day out at the ATM. Guess what? It really hasn't gone away. So as much as I'd love to say, no more passwords, I hate them and I have to manage them to some degree. I have a little more than 200 passwords I actively manage all the online accounts I do and we do a lot with the government. And I actually handle it several different ways. Number one, password manager. I like Dashlane, but everybody has their own preference. I don't want to ever say have to use this or don't use that. What I do like to say with Dashlane, it's the only Password Manager company I know of personally, that has not been compromised yet. I'll leave it at that.
That says a lot.
Great stuff, easy to use. Affordable. Go to PC Magazine. Every year they do a top 10 Password Manager list, and they recommend who's the best in their opinion. So, I always encouraged people do your research, find one that's easy for you. Affordable. But it really is more important that it just gives you the discipline to create and store long, strong passwords. Once people get over that hurdle, then they're happy. I use a black book, again, but implement layers of security. What do I do with the black book? It’s locked in a safe, locked office, locked building, alarms and cameras, layers of security to keep my passwords secure.
For people that don't know, describe a black book.
A black book, a little notebook, just happens to be black, and I write down, you know, this is for the website. I have LinkedIn. Here's my name. Here's my, you know, security challenge question and the answers to them. Here's my long and strong password. Despite what you hear often, change your password every 30 days or every three months or every six months, it's hogwash and does not make things stronger. In fact, it actually makes it worse. It increases the likelihood that you might be compromised with your password, because now you got to rerecord it, write it down somewhere and update the password manager. If you have a long and strong password and you haven't been compromised, it's for good reason. It means it's long and strong. Leave it. It is secure. Just like if you have a door lock on your house, nobody's broken in and it's a secure lock, leave it. You don't change it. Do you change your alarm code to enter your house? If it works, you remember it, leave it. I always say if it's not broke, don't fix it. Same thing in the world of cybersecurity. So, despite all the experts touting change it every 30 to 60 days or this or that, it doesn't help. One other area is there are other things if you're using browsers, and not to get too deep and dive of tech, but some people that are comfortable, I'm on Apple. Safari has got a great browser, it is secure, and it is encrypted the passwords, and they have a keychain, which means in the Apple ecosystem, all those passwords will stay secure, encrypted and safe. Is it 100% secure? Absolutely not. So, there are accounts for me like banking, and other things where I will not use a keychain or password manager. I will write them down because it's near and dear to me that I control those things. So, everybody's got to adjust to their circumstances, and how many passwords they have and the level of security. What's the value of the crown jewels that you're trying to protect? Once you assess what the value of it is, you could decide on what level of password and security you need to implement to protect that.
Most of our listeners are leaders in business in some degree or another. Mostly C-Suite, maybe the next level down, manager, leaders. What are things from a business standpoint, so you gave us a couple of easy one, two, threes as far as like, hey, you know, the password protection. Don't use the same password. Layers, black book, those types of things. As business owners or people that are responsible for, you know, the cybersecurity business and I know that this starts to get into a whole ecosystem, a whole web of things here but are there like those low hanging fruit like hey, if you're in charge of that, or if you're a decision maker in this arena for your organization, these are like the top two or three things that you should automatically be doing? What would that be?
Yeah, first thing on my list and again, I go back and look at most of the major breaches that happen to like fortune 500 companies, be it at Target, JP Morgan, Chase, and the list goes on and on and on. Most of those are tied in with passwords but more specifically to your point for business leaders, remote accessing. So, you've got a network within your organization. You spent tons of money to keep it secure. You train all your people. They're doing all the right things. But guess what? Now you have a third party outside. And they're remotely connecting in, and it could be anybody, you know, a vendor that you use this or that. Make sure that they're using multi factor authentication, two factor authentication, again, another layer of security. Not just the basic name, and password to access remotely, but that they also have a unique passcode. One time, it could be texted to their phone, it could be emailed to them, they can call a number and get it. Lots of different ways to do it. Again, can that be compromised? Absolutely. But, it's 100 times more secure than just basic username and password, and that's what people don't realize. Too many people focus on, oh, well, multi factor authentication has already been compromised, why bother using it? Well, no. Yes, it has been compromised, but again, if something's 100 times stronger, use what works and what simple. It works and it's simple and it's proven an added layer of security. If that was implemented across the board, just with remote workers, the world would be a safer place, I guarantee it. And a lot of these big breaches that cost billions of dollars and brand damage and everything else wouldn't have happened. But people still are not getting- go back to the basics, what you and I can control-your listeners can control, and take that extra 10 seconds and use multifactor authentication. If you're a business leader, force it. Not just at that at the IT level, but from the top down. I always say it's got to be implemented from the CEO all the way down to the janitor. Everybody has to appreciate the importance of cybersecurity in an organization, as well as their vendors and partners and the world would be a safer place.
If a business owner heard that and they weren't doing multi factor or two factor authentication and they were to do it, what percentage, and I know I'm just asking you to top your head, so I get that, but from your expertise, what percentage would they be helping themselves? In other words, I'm an organization that doesn't use two factor authentication, and then I become an organization that does use it. How much stronger percentage wise did I just make my company there?
I would say significantly stronger in that there's probably about 60% of the organizations that are doing it now. So, I would focus in on, look at those 40% that are not doing it, what are they opening themselves up to? They're opening themselves up. Probably the number one threat that's out there, and it's exploding, is ransomware. So when you've got somebody that's got remote access to your network, they get on your network, they work laterally, they place malware, which is a strain of ransomware in particular, that's going to go there. And then they're going to exfiltrate the data, pull all the data off the network, so they have it now, then they'll go in encrypt everything on your network, so you can't access it, and then they're going to put their hand down and say, hey, give me a million bucks, I'll give you the magic key to unlock it and give you your data back. And when you say no, you're going to call law enforcement, they go okay, fine. I've already exfiltrated and pulled everything off your network. Your salary, social security number, private information, intellectual property. I'm gonna go to the dark web, and I'm going to post it and sell it to the highest bidder and go to your competitors and sell it. So, they kind of got you, you know, one two punch, so it kind of forces you to cave and pay the ransom, or bring in insurance, law enforcement, negotiate the ransom, which has got to be paid in Bitcoin. They're doing all their communications securely encrypted. Bitcoin as a cryptocurrency, keeps them at a level of anonymity, so it's hard to catch them. So you kind of see the pickle you put your in yourself in. However, if you were one of those 60% of the people that just used multifactor authentication, two factor authentication, you probably wouldn't be going down that road. So that's why I say if you do the basics that don't really cost you that much, implement it top down within an organization, then we could talk about more secure things later on. I mean, obviously, you want to have a backup of everything and make sure it's immutable, which means you can't modify it or alter it in any way that it's done regularly. You know, you brush your teeth every day, you backup your data regularly. Most companies, they don't do it. They go after it when it's too late. So, I always look at a company and start out with the basics. Once they have the basics done, move on to the next level, to the next level. And keep in mind the majority of companies now either have to, depending upon their industry, or soon will have to have cybersecurity insurance. To have cybersecurity insurance, you have to check the boxes. If you are not doing those things and kind of self-compliant, when it comes time to put a claim in, oh, we just got hit with a million dollar ransomware claimm they're gonna go sorry, you're on your own. You didn't backup your data. You didn't shred your sensitive documents. You're not using two factor authentication. You're not using a good password manager. Blah, blah, blah. So, you're kind of setting yourself up for failure and you're paying a premium for the cybersecurity insurance policy. Why do that? Make sure you get educated and comply and take the time upfront. Again, it's not the spend of money, it's the time. That's what most business leaders mess up. They don’t want to spend the time or distract employees from their daily job. Sometimes you have to do that to get them to really stay cybersafe.
Well, Scott, it sounds like it's most things in life, right? Like, you're going to deal with the cybersecurity thing, whether you do it proactively or reactively. And typically, just like most things in life, health, relationships, sales and marketing, when you do it proactively, it's going to cost less in time and money and resources than if you have to deal with reactively, where now okay, we have to stop everything that we're doing from a business standpoint, and we got to deal with this ransomware thing or whatever. And by the way, in the meantime, we can't even conduct business because they shut us down, you know, type of thing. So, yeah, proactive. I'm just, I'm just listening to you and I'm like, okay, proactive versus reactive. Yeah, sign me up for the proactive part.
Oh, definitely. I've done a series of lunch and learns, probably close to 10 of them for one particular insurance company. They bring me in and they fill the room 30 to 50 people. It's realtors and accountants and bankers, like their potential clients that they want to educate. And they honestly have said, can you give them a one hour presentation that will scare the crap out of them?
Yeah.
If they don't do something proactive.
Right.
I said, I don't want to scare the crap out of them. I'll tell you what, I'll tell them what really happened to me and some basic things that they could and should be doing that will make them safer, and if that resonates with them, maybe there'll be inclined to get cybersecurity insurance. And all cybersecurity insurance does, it doesn't solve the problem. I think people don't realize. It really just helps balance the risk. And that's part of cybersecurity. You're really analyzing always, what valuables are you protecting? What are they worth and what's the risk factor there that you might be compromised? So, if you can offset the risk a little bit, it helps. It really does, especially when you have a major cybersecurity breach and suddenly you realize, oh, no. I have to notify all my customers. I gotta write letters, and I gotta contact them. And oh, wait, I'm liable for this much money. Oh, and I still have to pay my deductible and I still got disruption of business and my brand, and my shareholders of my employees and my customer, you start to do all this.
Yeah.
It's scary. So, I think being like you said, proactive, upfront makes a big difference.
There's a lot of different places that we could take the conversation, but one of the books that you wrote, and it's behind you right now, Senior Cyber, you've got an entire book for seniors in any listener, and you and me included, we have elderly people in our lives, and oh boy, are they vulnerable in all kinds of, you know, different arenas of life. But when it comes to tech, that just seems like easy pickins to me. What are some top things that maybe we haven't already talked about, because the assumption is that passwords and those types of things, but is there anything else that might be in that book that our listeners could listen to and go, hey, Mom, hey, Dad, hey, grandpa, grandma, like, these are the things that we really want to make sure are checked off? Anything come to mind?
Yeah, yeah, absolutely. And just to set the stage, why did I write Senior Cyber? Here I am a tech guy, deep in the in the in the weeds of tech and then I kind of got out of it. It was because my grandfather 99 years old when he passed, but he worked at Bell Labs for 40 plus years, he was an engineer, and extremely technical. He was on the computer every day, trading stocks on a hand radio. He was a techy guy and as he got up into his 90s, he fell again and again for repeated scams. And to your point, what type of scams? Phone scams are very effective against elderly. And unfortunately, he was victimized several times. Sometimes he lost money and other times he caught it in time. But often, elderly are embarrassed. They don't want to ask for help from their son or their grandson. They're too proud. They have a little bit of trouble hearing sometimes so they'll be like What was that again? And somebody that talks fast and socially engineer something on the phone and easily convince them. They also grew up in a generation, it's a little bit different in that there's a level of trust, implicit trust. When they were a kid, the phone rang. It was one house phone, you picked it up on the second ring, hello, how may I help you?. There were certain decorum that was done. So, when an elderly person is by themselves, they're trusting, they're lonely, their phone rings, they're inclined to pick it up, and they tend to believe people a little bit more. I don't want to say they're totally naïve, but some are a little bit more naïve, and I think when you look at all of those factors together, the dynamics for a cybercriminal to socially engineer information out of them, it's very effective. And what type of scam? It could be anything, but just to make it up on the fly, I could say, you know, if I'm calling you and just said, hey, Jason, this is a bank XYZ, I'm from the fraud department and we just had suspicious activity on your account. I've got some information here. You're still at this address? Yes. Okay. Thank you for confirming that. For your security, I really need to confirm your bank account the last four digits I have here are blah blah blah. Could you give me the other digits to your bank account so I'm 100% sure? Okay. And one final piece of information so we could stop the cybercriminal, what's your social security number, Jason? Okay, thank you. All right. Now, let's look at your account here and see if we could stop this activity so they don't take your money. And the person on the other end of the phone is kind of picturing all this and they're nervous. But the person is courteous, they're kind, they may also say, hey, I just sent you an email to confirm who I am, from bank XYZ. You can click on the link there. And the link is a redirect to a fake website. They spoof the number and they put a 1-800 Number bank XYZ on the phone, so it looks like everything adds up. They're friendly. They've got the, you know, familiar sound bank XYZ says. So, all of those things are check off boxes in the seniors' mind to say, it must be credible. I don't want to lose my money.
Right.
So those type of scams are very prominent. Romance scams are one of the biggest as of late. I've talked to a lot of seniors lately that have fooled for romance scanned. They're lonely, their mate dies, they go on to a dating site. Next thing you know, they get pulled into a situation where they have romantic feelings, they're going to meet somebody, but they just oh, by the way, I just need a little money, I got into an accident, I got beat up, I lost my job. My Social Security check didn't come whatever the scam is, and the list goes on and on. So, I uncover those type of things in Senior Cyber in hopes that I empower seniors to feel comfortable on the internet, on computers using technology, but also the communication that they communicate. They have a trusted individual, maybe it's their daughter or their son, maybe it's a close neighbor, that anytime there's anything that's a little suspicious, they stop and call them. Anytime there's a sense of pressure to do something a quick decision, I tell them stop. Don't respond or ask questions. Say we're all you're with bank XYZ, you know what? Before anything else happens in case we get cut off, let me get your name and your phone number again. What's your title again? Wait a minute, what's that extension? What's your email? Jot those things down?
Yep.
And then take that and then share that with your trusted individual just to vet that information to make sure they're not a scammer.
So good.
Those little steps are in the book hopefully I did take it to a different level, despite whatever we will the publisher say, I made a really big font. Not just because my site's going, but seniors have trouble reading books with the tiny font. I blew it up. Actionable items.
So smart. Man, we covered so much ground today, Scott, and I'm so appreciative. I'm thinking of things that I'm personally going to do from this conversation that I have the feeling our listeners will have very similar takeaways. As vast as our conversation has been, and it's quick, but we've covered a lot of territory, anything that I haven't asked you that, you know, under this umbrella of what we've been talking about so far, you'd like to cover before we end today?
One short thing that stands out in my mind and affects a lot of us lately and I've seen a lot of pushback, I ask people about their payment methods and I hear everybody says oh my credit cards have been scammed again, this and that. I had to get a reissue blah blah blah. And I'm asking, well do you know how it happened? And most people say I have no clue. Well, most of the time, it's when you go to a gas station or when you go to a retail outlet and your card goes into the machine, people are skimming it. Skimming Technology is everywhere. So what I always encourage people to do is if you're not doing it, consider switch over to digital payments. And what does that mean? Google Wallet or Apple Pay. Both of those, without diving deep into the tech, are 1000 times more safe than using our traditional credit card, because they use a one-time token that's encrypted. It never transmits your banking information. It's not sending that credit card information through the ecosystem of payment. It goes back to the issuing bank. Does some checks and says, yes, this is Scott. Yes, this account is associated to it, it puts the transaction through and it's secure. It's safe, it's easy to use, yet I still hear people again and again it’s too techy, it’s too complex. It's not hard. Yet they think that their chip and pin credit card is secure and safe. Not really. Magstripe on the bottom, if you swipe it, it can get compromised in one second. Cybercriminals will steal that with a skimmer that they put inside of the terminals. Chip in pen, there's what's called a shimmer that reads the contents of a chip on your card. They then in turn reproduce that on a fresh card that has a mag stripe on it. They can't reproduce the chip, but they could steal your chip information, your credit card information, and burn it onto a magstripe card, take the mag stripe card and go shopping on your nickel. So, I don't think people fully realize the dangers of it. What safer than using just the chip in the front? Tap and pay. Has been compromised? Yes, it has. So again, there's layers of security. If you have to go to the top, what's the most secure and safe? Apple Pay and Google Wallet. And what do we have on us all the time? Our smartphone. You can't beat it. It's convenient and it's secure. So, if there is nothing else anyone gets out of this, at least consider using that. And it's getting accepted more and more everywhere.
I will say this, just to kind of I don't know, verify or give a personal anecdote, you know, I started using Apple Pay here for those of you that are watching this. I've got my Apple Watch here. I heard a very similar answer. Gosh, it's probably been at least two years ago, and I was like, okay, fine, I'll set up the Apple Pay. By the way, very easy. And every day more and more merchants accept, you know, Apple Pay or Google Wallet. Two years ago, not as much. Now, I don't want to say everybody, but almost everybody. I tap my watch, I tap the thing, done and people smart people like you are saying it's 1000 times more secure. And I will say this, I have had my credit card data stolen, not in the last two years, you know, prior to that, but not since I use that. So, I don't know, it is a small sample size of one but I can definitely confirm you know exactly what you're saying. Scott such good information. I have a feeling I may have audience members that want to reach out to you. If people want to connect with you, what's the best way to make that happen?
Sure. They can visit certainly my company's website, it's BVsystems.com. I also have a personal website, Scott Schober.com. And I think there's a little box on there, you can contact me, and I actually do respond to requests that people say are security questions. I'm not going to charge you money. I'll do my best to answer it. Get you the answers or put you in contact with somebody that can get to the answer if it's not myself. So, I encouraged people reach out. And then certainly if they want to check out my bookstore on Amazon, certainly you could always buy that and love the feedback. To me, that's the most important thing. Tell me that I'm doing good or doing that and how I can do better. So I'd love to hear the feedback from people out there so I can constantly improve at least the education on what I'm trying to do, helping people stay safe.
Scott, you did not disappoint my friend. Thank you very much. This is the president and CEO of Berkeley Viatronix systems. Scott Schober Scott, thank you very much. I can't wait until this airs and I can't wait to be a little part of your ecosystem that are helping people be more secure. So, thanks so much, Scott.
Thank you, Jason. Thank you. Stay safe, everybody.
Thanks for reading. If you got any value at all from this episode, a little nugget all the way up to some big, huge insight, please do us a solid by subscribing, recommending, rating, and reviewing us on Apple Podcast, Spotify, or Google. That stuff matters to us, and it allows us to continue interviewing more awesome people.
Important Links
- Apple Podcast – The Insight Interviews
- Spotify – The Insight Interviews
- Google – The Insight Interviews
- LinkedIn: Jason or Steve
- Grow@RewireInc.com