When Spidey Senses and Cyber Security Save the Day
My son and I are bachelors this week and I awoke with the sun streaming onto our half-occupied bed this morning. As I enjoyed my coffee on the patio, the explosion of flowers surrounding me was absolutely amazing. Seeing the work my wife put in pay off with the natural paintbrush put a smile on my face. As I sat here in the safety and comfort of our backyard landscaping, I thought back to how a simple phone call yesterday could have upset that tranquility.
Yesterday I was in the tractor side dressing corn with nitrogen when I received a call from my daughter — it wasn't my daughter, it was my wife calling since she was on the phone with the fraud department of one of the banks we use. I was not surprised because I received a text message from them earlier in the day asking if a transaction was legitimate; it wasn't. Admittedly, I was not completely engaged with the call since I was in the middle of field work.
Since my wife rarely uses the bank on the phone, I stopped the tractor and logged into the app to see recent transactions and did not see anything out of the ordinary. I shared the two recent transactions since that is what they typically ask for as clarification of legitimate activity. We've been down this road before.
As I listened on the old-fashioned three-way call, my spidey senses were starting to tingle.
My senses went into overdrive when the technician asked for the login information to verify fraudulent activity. Fortunately, my wife does not have that since I am the one that does the banking on this account.
I asked why we needed to share it and even said that the bank's IT department could reset the password and send a link for us to reset the credentials. The technician kept repeating the same script, not listening to our questions. That just amped up my spidey senses. I finally yelled for him to be quiet. I used colorful farmer, working-livestock-in-the-barnyard language, though.
Finally my wife hung up, and it hit me how close she came to being a victim of a phishing attack aimed at our account.
We are both educated professionals, and we almost fell for it anyway. But asking why they needed that login, offering up the bank's own password reset process instead — that wasn't me thinking fast on my feet. That was Cyber Security training from Kent Corporation talking. Years of sitting through those sessions, and it turns out the lesson that stuck was the simplest one: never share your credentials, no matter who's asking or how official they sound.
I'm sitting here with my coffee on the patio enjoying the beauty and tranquility, realizing that this morning could have been chaotic. One shared password is all it would have taken.
So ask yourself, and ask your family: who handles the logins at your house? And if someone calls asking for one, hang up and call the bank yourself.