Protecting Yourself in a Digital World

Protecting Yourself in a Digital World – (0:00)

Jeff Sevy: My name is Jeff Sevy. I’m a new face to these webinars, so I’ll give a little bit of background on myself.

I’m a Certified Financial Planner here at Peterson Wealth. I graduated from Utah Valley University in financial planning. I have a beautiful wife and a little 18-month-old daughter who keeps us busy, so that’s always fun.

I’m huge into baseball. I’m a big baseball fan. I played baseball all the way up to the JUCO level, then got married and settled down a little bit. I made the natural transition of a baseball player into golf, so now I’m a huge golfer. I’m not good at it, but I love it.

With me today is Tyson. He is from Equinox IT, so I’ll let him introduce himself and share what he does and how he is affiliated with Peterson Wealth.

Tyson Bottorff: Hi, everyone. My name is Tyson Bottorff. I am the VP of Client Technology over at Equinox IT Services. We are a local IT company here in Utah.

We help businesses like Peterson Wealth Advisors when it comes to all things IT and cybersecurity. Our goal is to help protect people’s data, bring education and awareness to everyone on some of the threats they face, and help take care of you.

Jeff Sevy: Also with us today is Tom Challis. He’ll be manning the Q&A. If you have any questions, throw them in the chat or the Q&A section, and he’ll be there to answer them. He may also save some for me and Tyson at the end.

Well, we’re a couple of minutes past the hour, so we can jump into things here. I’ll share the screen, and we can get right into it.

Again, we’re really happy you are here, and we’re really grateful that you decided to join us today.

Today’s webinar, as you could probably guess, is going to be all about cybersecurity. Our goal is to simply give you the knowledge and tools to protect yourself online.

Something we want to be clear about up front is that while we can share best practices and information today, if something does happen to your device or your account gets hacked, you will want to reach out to a local IT company for hands-on help. They really are the experts in this area, and they can help you with those issues.

So why are we doing this at Peterson Wealth? We’re a financial planning firm. We’re not an IT company.

Like Tyson said at the beginning, we work very closely with Equinox to keep your data and financial information protected on our end. But protecting your accounts and your money is a two-way street, so we want to make sure you also have the knowledge to protect yourself on your end as well. That’s what today is all about.

Let’s run through the agenda for today. We’re going to cover two main areas.

The first is going to be all about how to spot scams. We’re going to cover tech scams like phishing emails and fake websites. Then we’re also going to cover people scams, where bad actors try to manipulate you directly over the phone, through social media, or over text, as we’ll see later.

Then we’re going to move into some practical ways to protect yourself, such as how to secure your accounts through better passwords and multi-factor authentication, how to stay safe on public Wi-Fi, why software updates matter, and which payment methods give you the best protection when shopping online.

By the end of today, you’re going to have a clear action list of things you can do right away to improve your security.

I’m going to start off this webinar with a quick analogy to put everything into perspective. I love this analogy because it fits so well.

Think about driving a car. There is always going to be an inherent risk of getting into an accident. You can’t eliminate that risk entirely when getting behind the wheel. But if you wear your seatbelt, follow the speed limit, and avoid reckless driving, you are going to dramatically reduce your chances of getting hurt.

The internet is very similar. There are real risks out there, but if you follow some basic guidelines, protect your accounts, and stay aware, you can go about your digital life with much greater confidence.

There’s no reason to be scared as long as you’re safe.

The fact that you’re here today should tell you that you already understand this is something worth being proactive about, and that already puts you ahead of the curve.

With that, I’m going to hand it off to Tyson to go through some of the scams that are prevalent today.

Business Email Compromise – (5:30)

Tyson Bottorff: To kick things off, I want to talk about a scam that is still very prevalent and still very lucrative. It’s something called business email compromise, or BEC.

This might sound a little bit more like a business term, and it is, but the same tactics are used against everyday individuals like yourselves all the time.

The core idea is simple. Scammers are trying to get into your email or impersonate someone you trust. Then they use that position to trick you into taking an action, giving up information, sending money, or something like that.

There are three main techniques these bad actors use.

The first one is spoofing. So what is spoofing?

This is creating an email address or a website and making it look like something legitimate, but with one small tweak. This could be like the example here, where you’re dealing with someone named John Kelly and they change the way Kelly is spelled.

Or it could be that you’re dealing with someone whose email domain is mortgage.com, and they change it by adding an “s” so it becomes mortgages.com, hoping you don’t see it. It is really easy to miss, especially if you’re not looking closely.

The second technique is called spear phishing.

Spear phishing is where bad actors do a little extra legwork. There is a lot of information to be found online, and they use that to their advantage. They’re going to look you up on social media. They’re going to look you up on LinkedIn. They’re going to look you up everywhere they can. Maybe you have a blog or something like that.

And so this is where you receive an email or something from someone who appears to be trusted, like a friend, a bank, or something similar, and they are going to use all that information to try to trick you. They tailor that attack to you.

Always verify directly with that person, that bank, or whoever it may be before taking any action. You want to confirm it.

The last one is malware. So what is malware? This is software. These are viruses.

Their goal is to get access to your data so they can use it to make money. Often, without you knowing, they will try to get into devices and get access so they can start stealing your data or get access to emails.

The common thread in all three of these is that they are all designed to look legitimate. Especially with AI nowadays at bad actors’ disposal, they are becoming more and more legitimate. Slowing down and verifying things before acting is really one of your best defenses.

I want to help you understand some of the different types of BEC. There are five different types, but I want to talk about three.

The first one I want to talk about is suspicious bills or fake invoices.

Sometimes you will get an email, a letter, or even a text saying that you are going to be charged or have already been charged. Maybe it is a subscription, maybe it is a computer repair service, or maybe it is even from Chase Bank saying, “Hey, we are charging your account.”

It may look official, and it will say, “If this is on accident, or if you have concerns, please call this number.” But if you call that number, is it going to be Chase Bank on the other end?

No.

But are they going to answer the phone by saying, “Chase Bank, how can I help you?” Of course.

So don’t call the number on that email. Instead, look up that company outside of the email. Look up their phone number and call them directly. This is really important when it comes to these things. Call and verify.

This is one of the most common scams we are seeing out there right now.

The second one is a friend’s plea for help.

You get a sudden distress call from a friend. They are asking you for some money. They hit some financial hardship, or whatever it may be, and you get this unexpected message.

I actually had this happen to me. One of my friends sent me a message on social media saying, “Hey, I’m on vacation,” which was true because she was in Mexico. I knew that because of social media.

She said, “I just ran out of money, and I could really use some help. Please Cash App me some money.” Then they sent me a little Cash App link.

But the Cash App profile had nothing to do with her. So I called her. I took it out of band and said, “Hey, is this from you?”

She said, “Oh my gosh, no, but I’ve had so many people tell me.”

What happened was her social media account got compromised while she was on vacation, and they sent that message out to all her friends and followers.

She told me that a handful of them actually said, “I got you,” and sent money.

So some people fell for it.

The most important thing before you do anything is to call that person directly. Take that communication out of band. If it is on social media or in an email, go through text, go through a phone call, or go somewhere else to confirm whether it is real.

Scammers often hack accounts specifically to exploit your trust in that person.

The third one is legal threats or appeals.

It’s funny because I think any time we get into the legal world, it instills some fear. Being afraid of potential repercussions or consequences is why a lot of people fall for these.

This is where someone may call or email claiming to be a lawyer, a police officer, someone in the government, the IRS, or something like that, saying you owe them money and that if you don’t respond, you are going to be in trouble. There are real consequences.

Keep in mind that real legal or government entities follow a specific process. They don’t demand immediate payment over the phone, especially not using Apple gift cards, Venmo, or something like that.

It is always okay to hang up in that situation and then verify through official channels before you take any action.

Now I want to give you a framework to help identify tech scams.

Business Email Compromise – (11:55)

A really cool method we use is called the SLAM method. The SLAM method is specifically built to identify a scam in the tech world. I’m going to break it down.

The “S” in the SLAM method is the sender. Analyze the address it is coming from, the phone number it is coming from, or the profile it is coming from on social media. Oftentimes, there is going to be something that is off. You might think, “Why is my boss sending me something from a random Gmail account?” That’s not normal.

The “L” is for links.

Five years ago, I used to be able to tell people, “Just don’t click on links in emails,” or, “Just ignore any link.” But now links are commonplace. They are part of our life and part of business.

So what I recommend is to analyze the link. Look at it. You can copy and paste it into a Notepad. You can hover your mouse over it to see where it is trying to take you. Little things like that.

The “A” is for attachments. Oftentimes, bad actors try to hide malware or other things in an attachment. So be cautious, especially if it is not one you are expecting. Use caution when opening those.

Lastly, the “M” is the message. This is the pretext of what is happening.

Look for misspellings. Look for broken wording. Look for out-of-character phrasing. Look for something that is a flag in the body of an email or in the body of a text.

I want to show you some examples.

Here is an example of a Walmart email. At first glance, you may think, “Well, it says Walmart on there. It looks like it could be from Walmart.”

So we are going to use the SLAM method to analyze this.

First, with the “S,” we look at the sender. This is from walmart@packagetrackingportal.com. Is that Walmart’s domain?

No. Walmart’s domain is walmart.com. That already is a flag.

Then we do “L.” Are there some links in this email? Just a few. They are really trying to get us to click somewhere.

So what do we do? We want to hover over that link. When we look at it, we see that it is trying to take us to packagetrackingportal.com. That’s a little weird. That doesn’t have anything to do with Walmart either.

That’s not Walmart.

For “A,” there is no attachment here, so we can ignore that.

Then the “M” is the message. What are they trying to do? What is the pretext?

They’re trying to get us to click on stuff. They’re trying to get us to follow these things. “If you didn’t do this, click here,” and all that type of stuff.

That’s a good way for us to find out that this is a scam. If you are in a business or if you are in a family and you are worried that this might have gone to multiple people, talk about it. Share it with others. Make sure other people know so they are in the loop as well.

Here are a couple more examples, continuing with phishing and spear phishing.

This Geek Squad one is a great example of the fake invoice or false bill that we talked about. It says, “Your subscription is going to renew today unless you call this number, and it’s $400.”

You might think, “Oh, no. $400?” But if you call that number, is it actually going to be Geek Squad? No.

Are they going to answer and say, “Geek Squad, how can I help you?” Yes.

Again, what can we do there? Call the actual Geek Squad number. Reach out outside of this email. Confirm it in a different way.

Remember, it’s targeted. They may know that you have a Geek Squad account or something like that.

Here’s another one. This is someone pretending to be the boss. It’s a random Gmail account, like I said. The message says, “Can you do me a favor?” They are just trying to solicit a response.

If you respond, they are probably going to say, “Let’s get some gift cards for people,” or something like that.

Another one that I see is people trying to change direct deposit information without being verified. This is one of those things where I train companies on looking for these things and making sure we do the right thing and verify before taking any action.

If you are ever unsure, the safest thing to do is go directly to the company’s website. Type the address into your browser. Don’t click links in emails.

Jeff Sevy: Absolutely. Something to add here is that there is a tool. Most people, when dealing with financial advisors or really just in the business world in general, use DocuSign a lot.

There are DocuSign scams. So if you ever receive an unexpected DocuSign or one that looks a little fishy, you can actually send that fishy-looking email to verify@docusign.com, and DocuSign will respond and verify whether that DocuSign is real or fake. That is another tool you can use to verify it as well.

Social Engineering – (16:52)

Tyson Bottorff: A core technique that bad actors use to make business email compromise so effective is called social engineering. This is what makes these scams work so well.

So what is social engineering? What does this term mean?

This is human on human. This is the art of manipulation. This is not using technology. This is not hacking people using computers. This is hacking human behavior.

Scammers study psychology. They use your emotions against you. They use your trust, your fear, your desire to be helpful, and all these things.

I thought it would be helpful to go through a video and show you what it actually is.

– Video Plays –

All right. So what is social engineering?

Like I said, this is human on human.

A good analogy or example of this is children. Think about how a kid will ask questions. They will just wear you down by asking questions over and over until they get the answer they want.

They’ll stand in your way until you give them what they want. Absolutely. That happens all the time.

Jeff Sevy: I know this well. My daughter does this all the time. She doesn’t speak yet, but she points and she demands.

Tyson Bottorff: Scammers do the exact same thing, but obviously with much higher stakes. That is why we are spending time on this. We want to help you understand these psychological tricks that they use.

Jeff Sevy: I want to give a real-world example that actually happened to my father-in-law just a few days ago.

To give you a little bit of background information, my sister-in-law is in France right now. She is working in a small restaurant in the south of France for an internship.

My in-laws went out there to visit her, and they are going through the south of France right now.

My father-in-law received this text, so I’ll go through the text thread. I want you to notice the techniques being used to extract information from my father-in-law. I want you to notice how the person builds trust, creates a sense of urgency, and slowly guides the conversation toward the information they want.

It starts:

“Hey, Dad, I lost my phone, so I’m using a friend’s phone to text you right now. Message my new number.” That came from a number ending in 7371.

My father-in-law texts the new number and says: “Did you retrace your steps? Can’t be many places.”

The response says: “I think I realized I lost it way after I actually lost it.”

Then: “It’s all right. I went to Apple and got a replacement for free for my phone, since there was insurance on it.”

My father-in-law says: “Wait, what? Allie can see your phone’s location.” Allie is my wife.

Then he says: “Did they wipe your old phone? Do you have a new phone number for good?”

“They’re going to transfer my old phone number to this phone. How’s your day been? Mine hasn’t been the best, as you can tell.”

“I’m sorry, sweetie. Can you talk now, or are you working?”

“It was good, despite the rain. Just ate at a wonderful place.”

“What time are you off tomorrow? And what time should we make the reservation for?”

“I’m off after 5:00, so anything after that is fine. Also, Dad, I wanted to ask you for a favor.”

“What’s that?”

“I need to make a Zelle payment right now, but the problem is when I try to send a Zelle, it tells me I need a code sent to my number, and I don’t currently have access to my number. Could you please make the Zelle payment for me? Then I’d pay you when the courier switches my number over to this phone, which should be in 48 hours.”

Then he caught on after that and said: “What’s your old phone number again?”

You can see how this person tries to build trust by asking how my father-in-law’s day was, playing into the fact that they were going out to dinner the next day, and so forth.

Then, at the very end, they asked for that Zelle payment, which is interesting because they do have a Zelle account. It was a very targeted instance.

It can be scary. It can be very scary, but there is also a framework to analyze these types of situations and prevent them from happening as well. Tyson is going to run us through that framework.

People Scams – PASS – (23:12)

Tyson Bottorff: Yeah. I’m a big fan of acronyms. When it comes to people scams, now that we understand what social engineering is and what it can look like in real life, that is actually a really realistic scenario. It is scary to think about, but we have a framework called PASS that we can use. I want to walk you through this.

With PASS, the “P” is for privacy. Be careful about what you share online. Scammers research their targets. The less information you have publicly visible on social media or anywhere else, the harder you are to target.

That is why having private profiles, making sure you are limiting the type of stuff you are putting out there, and even limiting the personally identifiable information you put into open-source tools, AI tools, and things like that, matters.

The next one is “A” for authentic. Ask yourself, “Is this communication authentic? Does this person have the information I would expect them to have? Does this scenario feel real? Do they have my full name? Do they have my account details? Do they have my address?”

Real banks and government agencies follow a process, so if it feels off, it probably is off.

I tell a lot of companies and employees that if your gut is telling you something is off, your gut is probably right. We need to use our gut more.

The first “S” is for source. If you receive a call from someone claiming to be a bank, a government agency, or an organization, don’t just take their word for it.

I feel like 10 or 20 years ago, people were a lot more trustworthy, and a lot of people have this inherent desire to trust others. Unfortunately, nowadays, people are taking advantage of that. So don’t take their word for it.

Hang up, look up the official number for that organization, and call back to verify.

The last “S” is slow down. We need to take a breath. This is one of the most important things you can do when it comes to these people scams.

Scammers rely on urgency. They create that on purpose. They want you to act before you think. So if anyone is pressuring you to act immediately, that is a red flag.

Take a break, make a phone call, and verify first.

A couple of helpful questions are:

Is this realistic? Would a friend really ask me for this in this way? Would they be sending me a social media message asking me for money? I don’t think so.

Would a legitimate company call me demanding gift card payments? I don’t think so.

When something feels off, trust that instinct.

Account Protection – (26:03)

Jeff Sevy: Now let’s talk a little bit about how to protect your accounts. We want to start with two of the most important tools you have at your fingertips: passwords and multi-factor authentication.

Tyson Bottorff: First, with passwords. Passwords have been around for a long time. They are going to continue being around for a while, so it is important to understand best practices.

Right now, what matters most about a password is the length of it, not the complexity of it.

Sometimes people create a short password and think, “You know what? I’m clever. I’ve got the @ sign as an A. I’ve got the number three as an E, and no one is ever going to figure that out.”

That is not the case anymore. Bad actors have algorithms that they can run passwords through and crack eight-character passwords in minutes. So now it is about length.

At Equinox, we recommend at least 15 characters. So in your mind, drop the term password and adopt the term passphrase.

String together a few words that are meaningful. I use a mnemonic device where it is like, “This website reminds me of this movie, and here is a quote from this movie,” or, “Here is an actor from this movie,” or a song lyric or something like that.

Use something that would be easy for you to remember but really hard for someone or a computer to guess.

It is also really important to use a different password for each account. If you put on your little hacker hat, if I crack one password, of course I am going to try that in all these other places.

This is where using a password manager app can help you keep track of them. We really do not recommend storing them inside your web browser because if a bad actor were to get into your computer, they would have access to all of that.

Using a separate tool, a password manager, is really key.

Jeff Sevy: That’s when you put your password into a certain site, and you always get this little pop-up. Whether you are using Safari or Google Chrome, a little pop-up says, “Do you want to save this?” Click no.

Yeah, it is super convenient, but it isn’t really super convenient.

Tyson Bottorff: Then let’s talk about multi-factor authentication, or MFA.

Authentication is just a way to confirm your identity. There are three different ways we usually do it. It is typically something you know, something you have, or something you are.

Something you are would be your fingerprint or biometric scan. Something you know is typically a password or something like that. Something you have is usually your phone or something similar.

You do MFA every single day, and you probably don’t even realize it. That happens when you pump gas.

When you go to pump gas and pay, what do you do?

I take out my card and tap it or insert it, and then it asks me for what? PIN or zip code.

That is something I have, which is my debit card or credit card. Then it is something I know, which is my PIN or zip code. Those are two of those three factors.

Setting that type of thing up on your online accounts, such as your email accounts and social media accounts, makes it harder for people to get access. It is not impervious, but it does add an extra layer that a lot of times bad actors are not willing to take the time to crack.

Jeff Sevy: Right. I’m glad you brought up email because that is one important note I want to add. Your email account is the gateway to everything else.

If a scammer gets into your email, they can reset your passwords at your bank, your brokerage account, and everything else. Your email really needs to be one of the accounts that is most locked down. Think of it as being as valuable as your Social Security number. That is just a really important thing to remember.

Risks of Public Wi-Fi – (30:05)

Moving on to public Wi-Fi, let’s talk a little bit about that. You see it everywhere. It is in coffee shops, airports, hotels, and libraries. It is super convenient, and it is usually in the places where your data is the slowest, which is why it is so convenient. But it also comes with real risks.

When you connect to a public Wi-Fi network, other people on that same network can potentially see the data you are sending and receiving. That means if you are logging into a bank account or checking your email on public Wi-Fi, somebody could be watching every keystroke that you make.

I want to show you this video real quick. This is a video of a professional hacker showing a reporter just how easy it is to get onto somebody’s device using public Wi-Fi.

– Video Plays –

Pretty crazy stuff that he can get into her device so quickly by just creating his own public Wi-Fi with the same name, just a different landing page.

Tyson Bottorff: Really good hackers can even create that lock on their fake websites if they want to take the time to do it. That is why it is a big red flag, but it is not the only flag. There are a lot of things that kind of add up.

Jeff Sevy: A lot of things you have to pay attention to. For that reason, it is scary, but there are some simple ways to avoid the risk entirely.

I’m going to reiterate what he said at the end: if you don’t have to use public Wi-Fi, don’t.

Most phones or cell phone plans have unlimited data these days, although not all of them. It is usually safest to turn off your Wi-Fi and use your 4G or 5G network. It is usually just as fast, and it is your own private connection.

The second thing you can do, if you are using a computer and not just your phone, is turn on your mobile hotspot. What this does is allow you to connect your computer to your cellular data and use that to roam the internet instead of logging on to public Wi-Fi.

Third, use a VPN, or virtual private network. A VPN creates an encrypted private tunnel for your internet connection, even when you are on public Wi-Fi. It is like having your own secure network wherever you go.

Another easy and simple way to protect your devices is to make sure they have the latest software update.

I know for a lot of Apple users, Apple comes out with a big update about once every year or two, and it changes the whole functionality of the phone. Some people like it, and some people hate it.

But it really is more than just aesthetics. It is security.

When technology companies discover vulnerabilities or security vulnerabilities in their products, they fix them and then release an update, often called a firmware update.

If you don’t install that update, your device is going to remain vulnerable to that known weakness. For that reason, hackers actively look for devices running outdated software.

This also applies to everything, not just your phone, but your computer, your tablet, and even the apps within your devices.

The simplest thing you can do is turn on automatic updates. That way, you don’t even have to think about it. When that notification comes up and you are doing something on your phone, you don’t have to go in there and manually do it. It usually just happens while you are asleep without you having to do anything.

You could also consider having a good antivirus or anti-malware software. A lot of devices come with something basic built in already, but you could consider upgrading to a more comprehensive solution if able.

Payment Methods – (37:04)

Now let’s talk about money and shopping online. Usually, when you are shopping online, you pay through two different methods: a debit card or a credit card.

When shopping online, try to always use a credit card. Credit cards have strong fraud protection built in. If you spot an unauthorized charge, you can call the bank, and in most cases, it is reversed within a week.

Debit cards work a little differently. They pull the money directly from your bank account, and getting that money back after fraud is a much longer, much harder process, if you are able to get it back at all.

Wire transfers are in a category of their own. Once you wire money out, it is almost impossible to get back, and for that reason, scammers love wire transfers.

Even if someone who appears to be a family member, friend, or someone you know asks you to wire money, treat it as a major red flag.

I would consider getting out of band, like Tyson mentioned at the beginning. Hang up or call the institution or individual directly with a phone number that you find on your own. Not one that is on the paper they sent you in the mail or one in the email they sent you. Google it directly and find it yourself before making any wire transfer.

I want to share a quick real story that happened to my good friend a few years ago when purchasing his first home.

He was in the middle of closing on a house, and he received wire transfer instructions to pay for his down payment. Luckily, he practiced the PASS method without even trying.

He slowed down, and he tried to verify the number that he got on that paper. So he Googled the mortgage lending company’s number directly and called to verify whether it was them or not. It wasn’t. That call likely saved my friend tens of thousands of dollars just by verifying that number.

Credit Score – (39:22)

The last protection topic we want to cover is your credit score and your credit report.

First, it is probably a best practice to check your credit report regularly. There are three main credit bureaus: Equifax, Experian, and TransUnion. You are entitled to a free credit report once a year from each of those bureaus.

That gives you three opportunities a year to check for accounts you didn’t open or activity you don’t recognize. You could consider checking it about every four months, rotating through those bureaus just to keep on top of it.

If you are suspicious that something may have happened, an account may have been opened, or there is activity you don’t recognize, but you are not quite sure, you could consider a credit fraud alert.

This tells lenders to take extra steps to verify your identity before issuing credit in your name. It is completely free, and it lasts one year.

You only need to contact one of the bureaus, and then they are required to contact the others as well.

The third and strongest protection is a credit freeze. It locks your credit entirely, so no new accounts can be opened in your name, period.

It doesn’t affect your existing accounts or things like renting an apartment, but it is free, and it stays in place until you lift it.

To set up a freeze, you do need to contact all three bureaus.

What to Remember – (41:05)

With that, if I had to pick the top six things to come away with from this webinar today, I would choose these:

Use the SLAM method: sender, links, attachments, and messaging. Use this checklist every time you receive a suspicious email, text, or something that feels off.

Use PASS as well. If you feel like somebody is targeting you through social engineering, use the PASS method: privacy, authentic, source, and slow down. Trust your gut.

Set up multi-factor authentication on all accounts.

Don’t use web browsers to store passwords. Use a password manager.

Keep your devices up to date.

Try to avoid public Wi-Fi altogether, but if you need to use it, use a VPN, that secure private network.

Monitor your accounts regularly. The sooner you are able to identify something, usually the easier it is to resolve.

With that, we’ll jump into questions.

Before we jump into questions, though, I want to say that if you are hopping off, please take the survey at the end that pops up.

Since I am a new face and this is my first time, it really helps me become better, and it helps our firm know what kind of content you want to hear about and learn about.

With that, we’ll open it up to questions.

Q&A Session – (42:37)

Tom, do we have any from the Q&A?

Yes, we have a couple of questions.

Q: First, what would you recommend for using a password manager? Are there any specific managers that are better than others?

A: Yeah. The short answer is yes. There are a couple that I think are really solid.

Keeper Security is one of my favorites. They are kind of leading the field right now when it comes to security and encryption.

Another really good one for individuals is 1Password. Those two, I would say, are a couple of really good options.

Awesome. Keeper is what I use personally as well.

Me too.

Q: The next question is, are security apps such as LifeLock and IDShield worth using, and what is your opinion on those?

A: Yeah. The short answer is yes.

When you talk about identity protection applications, I do think if you are extra concerned or worried about those things, Identity Guard, LifeLock, and those types of things are worth using.

You just want to make sure you are getting one that covers a lot of ground because sometimes they charge you a lot for doing a little. I do think LifeLock is good, and I think Identity Guard is good.

Q: One last question. Have you come across any scams through Microsoft Teams, and do those typically look like the other scams we talked about?

A: Yeah. Any type of software out there has scams.

Microsoft Teams, Zoom, and others have scams that are tailored to try to get people to click on links or join random sessions.

A lot of times when I am working with businesses, I make sure we are setting up their Teams environment the right way, and even their Teams meetings, so that you have a waiting room. You don’t just let anybody in. You’re not letting anybody share content, stuff like that. So, yes.

Awesome. Thank you, Tom, and thank you for your questions.

That’s all the time we have today, but if we haven’t answered your questions, or if questions come up after we sign off, please feel free to send me an email at the email address on the screen with any questions you have, and I’d be happy to answer.

Thanks, you guys. Appreciate you signing on.

Thank you so much. Bye.