Episode 11: Carrie Kerskie Notes

 

Today, we talk with Carrie Kerskie. Carrie Kerskie is a highly sought-after national speaker, author, and consultant on cyber security culture, identity theft, and fraud. She is the author of two books, Your Public Identity; Because Nothing is Private Anymore and Protect Your Identity. Carrie’s the host of Privacy Mentor Podcast. As a media favorite, she’s been featured in numerous publications such as Consumer Reports, KrebsOnSecurity.com, and MarketWatch. She appears regularly on NBC, ABC, and FOX.

  • Technology is associated with so much unknown, constantly changing and fear of listening to “antivirus software”

    • Difficult telling what’s real and what’s not

    • Malicious pop-ups

  • Assumption that “everyone should know”

    • Remote access software allows them to look at browsing history, especially dangerous when you have passwords stored in your browser

    • Allows hackers to really understand/know personal information

  • These fraudsters are really good at what they do, right?

    • This is their full time job

    • Hackers go to school to learn how to do this

      • In Nigeria, you can get a college degree in “how to do the Nigerian scam”

      • These are opportunities for individuals, particularly in impoverished areas

    • Run like corporations (entry level employees to CEOs)

  • In today’s world, you can’t get off or stay away from technology. You speak about shifts to keep privacy intact and be able to use technology, can you elaborate on this?

    • Really, it boils down to “the human factor”, which is still the weak link

    • 3 simple shifts, which we call the “CQ” (Cyber intelligence)

      • First, your personal culture shift: your social interactions around technology

        • There is a fear and embarrassment culture around technology

        • People become fearful to ask for help- we need to change this!

        • We need to change this culture of fear to a culture of empowerment

          • Talk to your friends, family and neighbors

          • One of the biggest advantage these criminals have is that we don’t talk about it

        • Importance of security: if it’s easy for you to login, it’s easy for the “bad guys” to get in

      • Second, a mindset shift: shift from a mindset of convenience to a mindset of privacy

        • We are in a convenience mindset: there’s an app for that

        • Always looking for short cuts and ways to outsource

        • The more convenience you have, the less secure your information is

          • Think of it like a sliding scale

        • Anything that is free, you are the product

          • Your information is the product and that’s what you’re giving up for the convenience of a free app

        • Make long passwords: minimum of 12-14 characters

          • Make them unique for each online account

          • Don’t recycle passwords

            • Hackers will use “credential stuffing” to plug the same password into multiple accounts and see if they get a hit

      • Third, your habit shift: how you use technology

        • Validate or eliminate

        • Anything you receive, before you ACT (call, open a link, etc), validate!

          • Verify that person or organization is the one that sent it to you

          • Pick up the phone and call (look up the phone number from the organizations website and call!)

          • If you can’t verify the original sender, eliminate it!

            • If it’s that important, they’ll find another way to contact you

    • Where do you keep your passwords? What’s the best way to keep passwords?

      • Paper and pencil! You can’t hack it!

        • Hide it, lock it up, put it somewhere someone can’t find it

        • Not under your keyboard!

      • Password managers are also available, may be more convenient

        • Look for 2 things:

          • Encryption in transit: protecting your passwords as they move from your device to the password manager server

            • Scrambles the code so it can’t be intercepted

          • Encryption at rest: when your passwords are stored on the password manager server, should the server get hacked, your password is scrambled

            • Must be an encryption key that puts passwords and characters back in order

      • Another resource: Digital vaults

        • Some reside in Switzerland (phenomenal privacy laws)

        • More than just passwords: can upload files

        • Your own individual vault is encrypted (in addition to the server encryption)

        • Can establish a beneficiary

          • If anyone needs any access to your passwords or your formal documents, allows them to do so

  • If you had to tell our audience one thing to do today to start protecting themselves, what would you say?

    • In the big picture—think about privacy vs. convenience!

Contact information

Email:  ck@kerskie.com

Phone: (239) 435-9111

Website: https://carriekerskie.com

Tip Sheet on Identity Threats: https://kerskie.com/tipsheet 

Follow Carrie on social media @CarrieKerskie

Listen to Privacy Mentor on Apple, Spotify, and more