5. Hi I'm From the FBI and I'm Here to Help!
Look very involved over there, Joe. I'm just shaking your head. Man. What what
Speaker 2:are you shaking your head about now?
Speaker 1:It's how insecure, like, FBI is. I was going through just trying to find this one particular hack where FBI got hacked. It's hard to find amongst all the clusters of it. There's one particularly I was like
Speaker 2:When when the FBI got hacked?
Speaker 1:Yeah. They keep getting hacked. That's what I'm saying. And these are the guys we gotta trust. Hey.
Speaker 1:We wanna have this, this, you know, global what do you call it? What's the big, conspiracy theory thing that's already being implemented, rolled out?
Speaker 2:I I don't know which
Speaker 1:which of you Like a global passport global, like, identity that ties into your, medical Oh. Into your Oh, yeah. Your bank accounts, but it's gonna be, like, globally centralized management.
Speaker 2:Get into that.
Speaker 1:You know everything about everybody. Well and so, basically, that's what we our system in the US is. It's just that, you know, the FBI has and they just keep getting hacked.
Speaker 2:So Well, coincidentally, Joe, that's a title of our pod or our episode.
Speaker 1:Well, that's that's interesting. Hi. I'm from the FBI. I'm here to help. Jeez, man.
Speaker 2:So that, and there's a version of this for every almost every industry, I think, but I used to be in aviation. Right? Yep. And in there, that was the first time I heard it. It's, fry hi.
Speaker 2:I'm from the FAA, and I'm here to help. And that was just a running joke because you never wanna hear from them.
Speaker 1:Right.
Speaker 2:They're never there because it's a good
Speaker 1:Are they ever helpful?
Speaker 2:No. No? Never. Never. It was like
Speaker 1:the They never lent a lent a wrench or
Speaker 2:a No. No. Not to my knowledge. So it was kinda like a bad word.
Speaker 1:Yeah. And it's so yeah.
Speaker 2:Hi. I'm from the FBI, and I'm here to help because literally that's what we're gonna talk about is their helpful services that they provide for free
Speaker 1:Hey. Without your consent. Now those at home can't read the asterisk, that just came out of your
Speaker 2:mouth there.
Speaker 1:Yeah. Gigantic asterisk just floated out sitting around right above us.
Speaker 2:Well, let's get into it. So, this FBI thing and I'll read the headline. FBI active defense measure removes malware from privately owned firewalls. How charitable of them, Joe? What are your thoughts here?
Speaker 1:This is, ridiculous. Tell us why. So let's go back a few years, ago. There was a Russian, gray hat hacker. Gray hat.
Speaker 1:So you have different hats. You got the red, the white, the gray. The bald. Yeah. The bald, the bearded.
Speaker 1:So yeah. So, you know, you got good guys and bad guys. Right?
Speaker 2:But which is which? What are those colors line up to? I'm let's let's
Speaker 1:I mean, usually, you got the red hats.
Speaker 2:You got
Speaker 1:well, okay. Let's actually, let me pull up.
Speaker 2:The red hat Alright. To me, all I can think of is Linux.
Speaker 1:Yeah. That's true.
Speaker 2:Yeah. I don't know. I mean
Speaker 1:I'm trying to pull it up.
Speaker 2:We need to bog down on that. So gray hat, though, we're talking about, like, a kinda good guy. He's a
Speaker 1:good guy. He's a good guy.
Speaker 2:He is a good guy.
Speaker 1:So he did the same thing. Micro tick, it's a very popular router, something especially, like, overseas, but even here in America, it's a very highly bought brand.
Speaker 2:What what was this guy's name? Do you know?
Speaker 1:I don't think it ever came Alexi was his, he's got a couple of pseudonyms to go the or Okay. Surnames to go.
Speaker 2:And he's from, which He's Russia. Country or Russia. Okay. So we got a good good guy Russian. Go on.
Speaker 1:Yeah. I know heresy. Right?
Speaker 2:I didn't say that. I didn't say that. For the record, I didn't say that. I'm just I'm just getting the facts out there, guys. You interpret them how you want.
Speaker 2:So a good guy, Russia.
Speaker 1:So MicroTik had this, glaring hole, that hackers can get in and they could pretty much ruin your entire network. It's a very popular, home router. So he found the vulnerability, searching it, just did a quick scanner, and hopped into a whole bunch of I think it was he claimed over a100000 maybe. I think something like that. Either a100000 or a1000000 or so.
Speaker 1:It was a very broad It was a lot. And he would go in and update it and block, this vulnerability. It was basically like outside access. It's the same thing that's, you know, hurting every other firewall now. Right.
Speaker 1:Even the big guys, but it's particularly for these microticks. So he would hop in, and then patch it, and the community was in uproar. That, you know, FBI,
Speaker 2:I I Because he was providing an active service.
Speaker 1:Well, he was doing exactly what the FBI did just recently, I guess, is which is, hopping into somebody's router, hacking into them, and patching them. Right. Probably from the same vulnerability of just external access from admin. Let me kind of read through this. But, yeah, doing the exact same thing that's going on here that they're applauding themselves for and patting themselves on the back.
Speaker 1:Where back then, I think it was, it wasn't that long ago, like 2017, 2018, something like that. Couple years, 3 years.
Speaker 2:So if we just go ahead and, like, get inside the brain of Joe, I clearly, I think it's dripping from your mouth that you do not approve of the FBI doing this. No. What do you think of your, your Russian pal doing this?
Speaker 1:Well, it's it's the same kind of thing. It's it's,
Speaker 2:So you also disagree with him doing that?
Speaker 1:Yeah. I mean, there are a myriad of reasons why I would want to stay on a particular patch or leave my router exposed for a certain thing. Could be honeypot. It could be just security research. It could be, you know, I need to access this router because I've got, Yeah.
Speaker 1:A server in the mountains that I need to be able to hop into remotely and not be physically in the Alps or whatever. There are there's a ton of things.
Speaker 2:No. There are. And it's so interestingly though, your Russian friend did this because there was a need apparently in his mind That he felt. Yeah. FBI does this because there's a need in their mind Sure.
Speaker 2:Which tells us that there's a lot of vulnerabilities out there that are not getting passed, and that is bad for the community at large. Yeah. I mean Agreeable.
Speaker 1:Yeah. Definitely.
Speaker 2:Yeah. So how the tactics of how we fix this problem, yeah. I don't want the FBI hacking into my shit until
Speaker 1:No. Not at all.
Speaker 2:But changing things. Yeah.
Speaker 1:Exactly. That's exactly what's going on.
Speaker 2:You wanna send me a letter, mister FBI, and say, hey. We've noticed your router is unpatched, and it needs this. I'd be curious. Don't do it by this date, we will go ahead and do it for you. Like, even that, that's something.
Speaker 1:Yeah. I'd be curious to see what kind of, message besides, like, maybe a Twitter post that the FBI did to update the user that they hey. We we broke into your your router.
Speaker 2:I bet they did. I don't know.
Speaker 1:So I doubt they did anything at all.
Speaker 2:I guess we could read that whole article and find out. I just I'm a headline guy. I look at headlines. I just wanna talk about it. Well, because alright.
Speaker 2:So here's why. You're you're a conspiracy theorist, Joe. I I think we know that about you by now. Not that that's a bad word. I am a or, whatever.
Speaker 2:I'm just gonna say I hate the media with a passion. I don't believe anything I read that comes out of a a reporter's mouth or pen.
Speaker 1:Oh, man. I don't even trust a Google search or a a No. Go search
Speaker 2:for that
Speaker 1:matter anymore.
Speaker 2:No. It's wild. I do look at the headlines. I might skim an article, but then I go straight to the comment section, and I wanna know what people are saying about it. Because that's interesting to me.
Speaker 2:It still isn't true, but at least it's interesting. Yeah. But, yeah, I I rarely read all these articles because it's everything's slanted in one way or another. Yeah. But conceptually, yeah, there there is there are 2 problems here the way I see it.
Speaker 2:1 is that we have so many unpatched systems out there.
Speaker 1:Mhmm.
Speaker 2:And then 2, that the solution, according to the powers that be, is to without access or or without authorization, break into our systems and fix them for us.
Speaker 1:Yeah.
Speaker 2:Like, at what point are they fixing them for us, just in a way that I don't know. Now now I'm gonna get into my conspiracy theories. Yeah. So that's that's kind of an issue. So what I mean, the solution, we we still have to have a solution.
Speaker 2:We're gonna have a better solution. If we're gonna beat up this solution, which is not a solution, what,
Speaker 1:I mean, that's fair. I mean, just starting with don't let's think about this as a house. Let's say your house is the door is closed, the windows are closed, but maybe the front door is not locked.
Speaker 2:My kids no. I'm not gonna
Speaker 1:yeah. So let's say I don't wanna publicly say that
Speaker 2:my kids leave my front door open.
Speaker 1:And that address again. Yeah. You know, I don't want the FBI at all, first of all, not opening my door.
Speaker 2:It's so a bet let me let me maybe up your analogy a little bit. It's like you've got your doors locked and your window's closed and latched, but you forgot to set your alarm.
Speaker 1:There yeah.
Speaker 2:The FBI comes in, unlocks your front door, and if they can't, they break it down with a promise to fix it.
Speaker 1:Yeah.
Speaker 2:Go in and punch in your code that they shouldn't know
Speaker 1:Right.
Speaker 2:And set your alarm for you.
Speaker 1:Yeah.
Speaker 2:And That's kinda how I see this.
Speaker 1:And it's true. And here's the other questions you've got in the back of your mind when that happens. What else did you do? Correct. Yeah.
Speaker 2:Yeah. What information did you get? What are you
Speaker 1:gonna do next? Select. Yeah.
Speaker 2:This one was nice and friendly. Thank you. Yep. Now that you know how to get into my house Right. What are you gonna I don't know.
Speaker 2:So
Speaker 1:And assuming yeah. Assuming they didn't just, you know, make a mold of your key and throw in Right. You know, whatever they did.
Speaker 2:Right. So I don't I mean It's scary.
Speaker 1:Slippery slope for sure.
Speaker 2:It is. You know, and if we had absolute confidence in the ones that had authority over us, that would be one thing, but that's also Yeah. You can't.
Speaker 1:Well, and that was my thing was I was like, wow. That's garbage. So let me look up I I was thinking of this one particular hack where, their mail servers got hacked, and I couldn't even find it through the list of of the FBI being being breached. Their servers because there's
Speaker 2:so many of them?
Speaker 1:Yeah. I mean and so I did find that one. This was last year. It was 6 months ago. Their exchange server got hacked.
Speaker 1:It got breached. Well, it wasn't their exchange. It was it was a well, I'll see and I don't even have it pulled up anymore. But basically what they did was they breached these mail servers and started getting out I'm sorry?
Speaker 2:Wait. Who who breached what? Say that again?
Speaker 1:Some script kiddies, just trying to look for some street cred. They didn't do anything malicious. They just they they breached these mail servers so and then began sending out emails to their, lists that they also breached of US citizens from, you know, from the fbi.gov saying as much as, hey. We breached your systems blah blah blah.
Speaker 2:Now So spoofed emails are actually sending from the FBI?
Speaker 1:Actually, from the, the their domain.
Speaker 2:Okay.
Speaker 1:And I wanna say it's fbi.gov. Interesting.
Speaker 2:Yeah. And scary.
Speaker 1:Yeah. Oh, yeah.
Speaker 2:Yeah. And these are the ones who are saying, hey. We're here to help.
Speaker 1:Yeah. Exactly. Oh, yeah.
Speaker 2:From the FBI, I'm here to help you. Well, we don't have our own house in order, but I'm here to get your house
Speaker 1:in order. I mean yeah. I mean Yeah. Not even we started, but yeah. That's our
Speaker 2:So I mean, it's it's hard for me to not go into a sales pitch right here. Like, I mean, seriously, there is a legitimate problem out there. Yeah. It's bad enough that the federal government has decided that, us private citizens either can't or won't do it ourselves Yeah. So they're going to do it for us.
Speaker 2:Right. One solution could be that we just stay on top of this.
Speaker 1:Yeah. Right?
Speaker 2:If my firewall is up to date, then neither your Russian friend nor the FBI is going to need have a reason to, not that they can't, have a reason to break into my firewall and update it for me out of the goodness of their heart. So I'm gonna go ahead and try to keep my stuff in order so that at least I'm not throwing out those red flags.
Speaker 1:Right.
Speaker 2:Right? So, yeah. Yeah. Quick let's go to commercial break here. Hey, guys.
Speaker 2:Go to www.mastercomputing.com/discovery and book a discovery web meeting with Justin Shelley, your host of the podcast, Unhacked. We'll at least keep these red flags off, like Yeah. Let's not roll out the red carpet to people and say, hey. I'm over here. Come on and Yeah.
Speaker 2:You know? Whatever. Alright. Alright. I think we beat this one to death.
Speaker 2:Unless, do you have any other final thoughts on the, FBI being
Speaker 1:I mean, I would just yeah. It's we're just ranting. Absolutely. Yeah. I I can rant today.
Speaker 2:I can rant. Just give me a beer, a couple shots of whiskey, and No.
Speaker 1:Yeah. Well, actually, let's just go down the list of, breaches from the FBI.
Speaker 2:No. Go ahead. Read a few. Read a few. I've got it pulled up.
Speaker 1:No. I don't.
Speaker 2:No? Okay. Another thing so while while I'm I'm saying how important it is and, maybe it's not as related as I wanted to make it, but I've got a headline here. Again, I don't read much about it other than the headline. 6 antivirus apps were caught spreading malware that steals banking information.
Speaker 2:Shocker. Well, yes. It's to you and me
Speaker 1:Yeah.
Speaker 2:That's not so shocking. But if I'm a guy who doesn't live in the world of cybersecurity Right. And I hear that my antivirus program is spreading viruses
Speaker 1:Yeah.
Speaker 2:That's kinda terrifying because if if the stuff we put in as a protector isn't protecting us, what do we do?
Speaker 1:That's fair. That's fair.
Speaker 2:You know? So as a layman, that is terrifying news. I don't wanna throw them under
Speaker 1:the bus. Does it list the different companies that you got?
Speaker 2:Let's see.
Speaker 1:Because I know a lot of these shops, like a Best Buy or something like that will when you go buy a computer, it'll come with software or they might have a disk for their particular antivirus that they're marketing. Right.
Speaker 2:It doesn't say. So I'm gonna go on
Speaker 1:a limb and say, no. I'm not.
Speaker 2:Never mind. Threat actors are Russian, of course. God. Russia's everywhere these days. Big bad
Speaker 1:Russian Yeah.
Speaker 2:I'm not I'm not arguing it, but I'm just saying it's interesting because we've known this for a very long time. Now all of a sudden, Russia's in the headlines. Right.
Speaker 1:Yeah. Russia, China, Russia. Definitely hackers.
Speaker 2:Well, we've been blocking their IP addresses for years. Oh, yeah. Yeah. So it it says SharkBot is the name of the banking malware posing as antivirus. So without going in and deep diving on this, I think that they are just making up these alleged security programs and getting people to install them.
Speaker 2:I see. What's going on.
Speaker 1:You see? You've got, like, a you've got, like, a phone app that you can download. Right. And it's not actually, like, a a Mac Not really.
Speaker 2:I think that's what it's saying. Yeah. That it that yeah. So, you know, but, again, if you don't know what the right anti malware is
Speaker 1:That's true.
Speaker 2:Put on your phone, your computer, whatever Yeah. And you just find one that looks good. It's got good reviews Yeah. And it's free. Yeah.
Speaker 2:The added a bonus of it's free, guys. Everything free is of great value.
Speaker 1:Yeah.
Speaker 2:I think I've said before, if something is free, you, user, are the product. You are for sale. Yep. They're making money somehow. They're not writing these programs for free because they're just bored.
Speaker 2:Right. Like, I don't For
Speaker 1:the best of society. Rant.
Speaker 2:So so I mean, again, I'm gonna say, this is not a DIY system, and I'm I'm not really trying to make this podcast a commercial for our services. I don't care. Go go go to my competitor. I don't I don't give a shit. But you gotta have somebody watching this stuff for you.
Speaker 2:You cannot do this on your own and know your industry. I'm talking to business owners here. If you wanna be good at your craft, you can't be good at everything else too. You can't. I am not an accountant.
Speaker 2:I'm not gonna go to school to become an accountant. Even though accounting is one of the most important things that can happen in a business, I'm still making somebody else do that for me. Yeah. I'm gonna be good at what I'm good at. So, dang, I'm full of rants today.
Speaker 2:Let's, let's go to some tips, Joe. So I've I've got one, and I think you sent 1 in just random I kind of awareness. This is now gonna be my awareness campaign. The the most common way for people to get breached is some sort of a phony email. Yeah.
Speaker 2:Something comes into my inbox, it looks legitimate, I take the action they want me to take, and now they have my credentials. Right? In a nutshell, isn't that how almost every breach happens? Yep. They're looking for credentials.
Speaker 1:Yep.
Speaker 2:May not even download any malware right there.
Speaker 1:Well, nowadays, because, security has gotten so well, this is the next step the hackers do is they just put a link in there. Yeah. You can't block every email that comes in with a a link. Yeah. You know, you can blacklist some links, but most of the time, people have or they they they kinda hide where the web the site went.
Speaker 1:And almost all the time, it's the the hyperlink itself says, you know, microsoft.com.
Speaker 2:Right.
Speaker 1:It's just In a picture, but the reality is it's actually going to a different place or
Speaker 2:It is, but even the place it's going to is so they're they're so clever at how they create these URLs that they link to
Speaker 1:Yeah.
Speaker 2:That it can be microsoft.com.
Speaker 1:Right.
Speaker 2:Hacked site.com. So you see microsoft.com in there, you think think it's legit,
Speaker 1:but it's not. That's actually
Speaker 2:a a subdomain or whatever they call that. Blanking on the right term there. That's not it. But, whatever. So here's this email that I got.
Speaker 2:This one was directed to me. My current email address, so it's a we've gone through a couple iterations. We had the hyphen, now we don't. This is my new email address, and it's from account team, and it's got the Geek Squad logo right in there. The subject is the item you've ordered has been added to your shopping cart.
Speaker 2:Big old graphic Geek Squad tech support, we are renewing it for you. Like and so at first, first glance. Right? I'm busy. I'm sorting through 5,000 emails, and I see this.
Speaker 2:I kinda stop. I'm, what the hell did I order from Geek Squad? Yeah. I'm not saying it's impossible that I did, but doesn't sound right. And, also, what are they about to charge my card for?
Speaker 2:Because I get all kinds of renewals that I don't want, so this got my attention. On further review, the email address that it came from, accounts team was the, the name, you know, that that they want you to look at, but the actual underlying email address, jack900558@gmail.com. I don't think Geek Squad's sending out emails from that. No. So it wasn't real hard to sniff this one out, but, you know, I just kinda wanted to bring up again, just get people talking about it because the whole rest of this email, it looks relatively legitimate.
Speaker 2:It has, an alleged shopping cart. It's got a customer support phone number to call. I've got an order number. I've got all the information I need to, to confirm this. Now oh, to cancel the subscription, you can call 88 and then there's a phone number.
Speaker 2:Should we should we dial that? I'm not going to right now, but it might be kind of fun to call that number and, Yeah.
Speaker 1:Let's get on that list.
Speaker 2:Listen to the Geek Squad sell me whatever it is that they're trying to sell me because you know this isn't going to the Geek Squad. No. So you gotta be careful, guys. When you call a number that was in an email, that's just another way that they're they're hacking you. This is social engineering, but they're they've got you to, at some way, at least, think, hope, or fear that they are who they say.
Speaker 2:And then you call to confirm, and some dude on the other end of that call center is really good at posing as who you think
Speaker 1:Right. They are. It reminds me of popular one a few years back, and I think it's still around. I'm sure it is. You go to a site, maybe you're looking at for a game or or, you know, watch watch some sports or something.
Speaker 1:That's where I saw it most often. But I would get calls for this is they would have a pop up that you could close and says, you know, you've been you've been attacked by a virus. Call this number Yeah. For Microsoft telk support. Correct.
Speaker 2:Microsoft. Same thing. Yeah. Hi. I'm from Microsoft, and I'm here to help you.
Speaker 2:Yeah. You
Speaker 1:know, $500. Yeah. Just put, you know, Biden gift cards, send it its way. Yeah. Buy a gift
Speaker 2:card. Yeah. Yes. Yes.
Speaker 1:Your bank's been hacked. Let me just just log in to your bank account. Let first get me remoted in and log in to your bank account,
Speaker 2:and,
Speaker 1:I'll take care of it for you. Those kind
Speaker 2:of things. People are people are very helpful. Hey.
Speaker 1:Well, and if if you don't know any better, like No.
Speaker 2:I know.
Speaker 1:You know? It's so scary.
Speaker 2:They call it social engineering because they are they're very good at programming people. Getting them engineering an environment, a situation, a fear, an emotion that gets you to take the action that they want you to take. They're really good at this stuff. So alright. You threw 1 in there too.
Speaker 2:You gotta you gotta
Speaker 1:and yeah. This is one from
Speaker 2:you? Yeah.
Speaker 1:That was me. Okay. Yeah. Tell us about it, John. Yeah.
Speaker 1:So the same thing. This time, they actually did, they did adjust the email address. So this one came from support at efile.com. Or at least that was the and with the username mail storage. But then you actually get in and you know what?
Speaker 1:That's not actually they were spoofing the address. So it wasn't really them, but but even any anyhoo, it wasn't even efile they were pertaining to be. They were pretending to be Microsoft. They said, you know, you're out of storage in your OneDrive account, and they've got their email address, you know, that they breached that's in this cut cut copy paste. If you run out of space, it warns, you won't be able to send or receive emails starting today.
Speaker 2:No. Take action now. You can't even wait till tomorrow.
Speaker 1:Well, and then here's the sneaky one is, you know, clear the cache, you know, to free up some space. It's got a little hyperlink to clear your cache.
Speaker 2:Yeah.
Speaker 1:Oh, weird. That and then and then copyright. It's got the copyright with the, the name of the business, and Microsoft Corporation. You know, it's got all these
Speaker 2:Right. They make the signatures look like they're coming from the company. Right.
Speaker 1:And I mean, this whole template, everything looks like it's legit Microsoft email. All the font, all the, you know, just the the logos and everything. I mean, everything there looks legit.
Speaker 2:Down to that very simple click here button to solve all your problems.
Speaker 1:And then you go look at the button and, hey, go figure it's going to,
Speaker 2:pull. So I suppose you hovered over it and No.
Speaker 1:I I I got the headers and whatnot. I I got the actual the I read the matrix code for
Speaker 2:the screen. Yeah. And it's going to some place Well, it was
Speaker 1:it was a brief site. So it was a legitimate website Right. But with a sub domain that, you know, this website's been hacked. Somebody, a hacker went in and created a a hidden page within that.
Speaker 2:Yeah.
Speaker 1:For instance, you know, it would be like bestbuy.com/ Clear your cache. Yeah. Clear your cache dot HTML, that you're not gonna be able to navigate to that, you know, if you're at bestbuy.com, so Best Buy wouldn't know. Yep. And I'm using this for reference.
Speaker 1:Obviously, Best Buy has not been breached to my knowledge.
Speaker 2:I was about to tell you, just use us so that nobody's Well,
Speaker 1:I didn't wanna do that because I
Speaker 2:I know. Then we'd love to be here. Yeah. So What if we've been hacked? Right.
Speaker 2:You know?
Speaker 1:So yeah. So anyway yeah. So they have the site, and then it's a fake splash page that actually when you plug in your credentials for Microsoft, hey. Go figure it's sending it directly to them.
Speaker 2:Yeah. At which point looking for credentials. Yeah. So if we just follow this through, they want you to go in there, try to log in to your OneDrive account, your your Office account.
Speaker 1:So first, you'll start you'll type your password in and it didn't work. So then you type it again again and again. It's like, oh, man. I forgot my password. I don't know what's going on.
Speaker 1:So you close it or whatever. You can go about your day. Well, I'm logged in to Outlook. I don't
Speaker 2:know what's going on. Now they have your email credit.
Speaker 1:Meanwhile, yeah. They get they get an email saying, hey, somebody tried to log in. Here's the password, username and password, email address and password they try to log in with. They go to office.com, log in, bada boom, they're in. They're you.
Speaker 1:They're you. They're now you. They can now read all your emails. They might pilfer The things I've seen most likely is, if it's like a small to medium sized group, they'll go through, they'll dig in, they'll try and find anything that has a credit card. They'll search for search terms in your emails, HR, credit card, you know, searching for birthdays, they're searching for Banks.
Speaker 1:Banks.
Speaker 2:Yeah. I get emails from my bank. So if they got access to my my email Yep. They can see my daily email alert Yep. From the bank.
Speaker 2:So at which point, they'll either Statement amounts, like, or, balance bank balances, that's all in my email. Yep. Right? I'm just giving everybody the code here. How can my email you own me?
Speaker 2:But that's true of everybody.
Speaker 1:Right.
Speaker 2:So now they know my bank. They know which accounts have the money in it. Yep. And they've got my email credentials, which means they can go to my bank, try to log in as me. Right.
Speaker 2:Oops.
Speaker 1:We need
Speaker 2:to verify that you're you. We're gonna send you an email, but they own my email, so now they have full access to my bank account. Yep. That's how this stuff works, guys.
Speaker 1:Or also, I mean, just as easy as they'll go look for anything like anybody like your accountant within your business.
Speaker 2:Yeah.
Speaker 1:We've seen this several times where they'll then create an outlook rule where it doesn't pop up. It'll go to like a hidden folder whenever you send a reply to that email address and then they'll start pretending they're you. Hey, accountant Andrea or whoever. I need you to wire me $500 right now or 5,000 or 500,000. Yep.
Speaker 1:And they don't know any difference. So now they're having back and forth correspondence. You don't know because it's going to a hidden file And unless you've got to train a proper properly trained staff to know what to do in
Speaker 2:the situation Which, by the way, is don't ever wire money over an email communication or over any single form of communication.
Speaker 1:Yeah. Always.
Speaker 2:If your boss or if you are the boss, whatever, if you're emailing somebody instructions for a wire or receiving them, pick up the phone.
Speaker 1:Yep.
Speaker 2:Don't use a phone number in the email. Yep. Pick up the phone. Call a number that you already have programmed into your phone or go to their website or whatever.
Speaker 1:It's not gonna bug them. It's not gonna it's you know, that maybe they're busy. It's not gonna bug them, especially when you're talking about that kind of cash.
Speaker 2:Yeah. And you say, hey. That email you sent me Yeah. I just wanna make sure I've got the right account number to give you the money. Yeah.
Speaker 2:And they're gonna say, what? What account? What email? Yeah. I didn't ask you for mine.
Speaker 1:And then break to a commercial break. Come on. Master computing. Exactly. Exactly.
Speaker 2:So okay. We're gonna tie we're gonna wrap this one up, Joe. The title of this is, I'm from the FBI and I am here to help you. And here's where to be skeptical, guys. When somebody is here to help you and they are not charging you money Yeah.
Speaker 2:K? That's that's skeptical. The FBI is gonna help us out, but they're not charging us while okay. Red flags are going up, but they are the government, so we'll give them kind of a free pass even though this is very dicey. But when you get emails coming in, they're offering help, and and there's no charge, again, you're the product.
Speaker 2:Yeah. You're the product. If something's free, you're the product. They're selling you or they're stealing stuff from you. I don't know, man.
Speaker 2:In a nutshell, security is, it's it's important. It's only getting uglier out there. Agreed. Yep. Do you see any trends that say we're becoming safer?
Speaker 2:Any trends that say life's getting better, easier?
Speaker 1:I mean, yeah. From a security standpoint, no. Everything's getting harder. Everything's, you know, the bad guys are always taking a step forward, so you're always gonna be on your toes Yeah. Taking your steps.
Speaker 1:So
Speaker 2:So I'm gonna just kinda wrap this one up and say, hi. I'm Justin from Master Computing, and I'm here to help you. But I'm gonna charge you money for it. So that's you know, I'm not I'm actually on your side because I do expect to get paid for my time. But guys, it's not a DIY program.
Speaker 2:You can't, be good at your craft and be good at cybersecurity and be good at accounting and be good at, like, everything it takes to run a business. You just you can't do it all. You can't wear all those hats and wear them successfully. Even though most of us do wear multiple hats, you gotta pick the one you're gonna be good at and then you gotta get help with the others. So, on that note, go to mastercomputing.com/discovery and book a 10 minute web meeting with me.
Speaker 2:We're gonna go through some questions. I'm gonna ask you some basic security concepts. You know? Are you doing this? Are you doing that?
Speaker 2:I'm not gonna remote in. I'm not gonna look at anything. It's just based on what you tell me, but in that 10 minutes, I'll be able to give you a road map of what you need to do. Where where are the obvious holes? And that's what we're looking for is the obvious holes.
Speaker 2:If we find stuff and it makes sense to move on, then we'll come into your office, and we will do a full about a 1 hour assessment where we do more of a deep dive, and we can give you even better advice. But, at a minimum, take this kind of, second opinion. You know, if you're talking about a doctor, if you get diagnosed with something that you don't like, well, get somebody else's eyes on it. That's what we're offering here. No charge for that.
Speaker 2:But if you do engage our services, of course, that's where you know we're a real company because I'm a charge. I don't know, man. I think I'm done. You got anything else to add, Joe?
Speaker 1:Nope. Yep. Patch your router. Patch your router.
Speaker 2:Or what I'm talking about? Give us a call. Yeah. That is, out. Enough jokes about the.
Speaker 2:Alright, guys. We'll see you next time. Alright.
Creators and Guests
