This is the last episode of Frankly MSP. When our next episode drops on August 6, we’ll be called Frankly IT. We’ll be talking about how IT leaders in any kind of organization can boost the productivity and efficiency of their team.
I want to thank all of our subscribers and let you know that you will continue to be subscribed to the podcast. The feed will remain the same.
This week, I’m talking to Rob Shavell, co-founder and CEO at a company called Abine, which offers a service called DeleteMe. We’ll be talking about what Rob calls the “light web,” which are attacks from scammers using completely legal and legit data to threaten your users and access your network.
Network Security Threats From the “Light Web”: Interview With Rob Shavell
[02:30] There’s been an overall decrease in scams, but an increase in COVID and healthcare-related scams. One of the things we’ve noticed about the root cause of the scams is how easy it is for scammers to get information on their potential victims.
[03:55] It’s easy to take a single identifier from someone and then Google it to get all of their information. From there, various types of scams and attacks can happen. This has been happening on both sides of the Black Lives Matter and protests.
[05:16] The “light web” includes the massive amount of information that can be correlated legitimately. Personal information can be purchased right out in the open from data brokers. IT managers need to think differently about these threats.
[06:34] People’s guard has to be raised to a higher level because of the easy availability of their information.
[07:33] Data brokers like Spokeo, Whitepages, and MyLife have 1,000 to 2,000 pieces of personal information on each person in the US.
[09:40] US companies are selling this information legally even to scammers.
[11:57] The threat is lower to citizens in other countries because of stricter regulations elsewhere and the fragmentation of the market by language.
[12:26] IT managers need to educate employees that they shouldn’t be using information like their children’s names, maiden name, or old addresses for passwords and credentials.
[14:06] There are services that can scan data brokers and remove readily accessible data about employees. You can also show employees how to opt out of these databases themselves.
[15:50] The databases are usually repopulated every six months so it’s recommended you make scans and scrubs a regular part of your security practice.
[17:44] Privacy is an emerging area that can help protect networks as well as provide a nice benefit to employees.
[19:11] Privacy issues are a growing threat that everyone needs to be aware of.
Links from this episode
- Rob Shavell on LinkedIn
- COVID-Driven Working-From-Home Privacy and Security Threats on LinkedIn
- Example privacy report from DeleteMe – Shows what data about a particular person is available on what sites – PDF download
Like what you hear? Listen and subscribe.