17 Sep Two Moms Phishing And Goofing Off In Cybercrime Magazine’s Studio
Former White House CIO and Cybercrime Magazine guest host Theresa Payton comes to town
– Ruth Bashinsky, Senior Editor
Northport, N.Y. – Sep. 16, 2019
When I first met Theresa Payton (two weeks ago) my immediate reaction was, “What a cool mom!”
Theresa is one of the most influential experts on cybersecurity and IT strategy in the country. She is the go-to for anything that has to do with Internet security, data breaches, and fraud mitigation.
While moms like myself were doing other cool things back in the mid-2000s, Theresa was the White House CIO — the first female to serve in that role — overseeing IT operations for President George W. Bush and his staff.
You’re probably thinking she is super cool and you want to meet her too.
Today, Theresa is the CEO of Fortalice Solutions, a risk, fraud, and cybersecurity company that helps businesses and government organizations protect themselves and the privacy of their information from emerging cyber threats.
She is also the mother of three active teenagers.
Not to change the subject but did you ever see the movie “The Incredibles”?
Theresa kind of reminds me of Helen Parr, the actress who plays the character Mrs. Incredible, aka Elastigirl, and she too has three kids. Disney describes Mrs. Incredible as an excellent operative, hand-to-hand combatant, and tactician.
Theresa may not have the flexibility superpower to stretch, mold and reshape her body in all sorts of ways like Helen (at least I don’t think she can) but both women and moms share the same mission to get the villains. Another similarity I just discovered. I think they both have the same color hair.
Just in case you aren’t familiar with The Incredibles, then you may have seen Theresa on the CBS’ reality TV show “Hunted,” which is about a group of “hunters” with military and law enforcement backgrounds trying to catch contestants who’ve gone off the grid.
Last month, Theresa flew in from her home base in Charlotte, N.C., to our studios in Northport, N.Y., where she would be recording the next 26 episodes of our “CISO Minute” podcast series, which will be sponsored by KnowBe4, provider of the world’s largest security awareness training and phishing simulation platform.
At one point, Theresa and I got talking on phishing. We took the conversation across the hall and our production crew filmed a podcast interview. We discussed how sophisticated scams — both phishing and spear-phishing — are today and the effect they are having on companies nationwide.
“It (phishing) is very prevalent. Firms are struggling to keep up,” Theresa points out. “100 percent of the companies that we work with find phishing emails that are getting passed through their security filters to their employees. Luckily with training, the employees are reporting this.”
An interesting point Theresa raises is knowing what to do when you see something that doesn’t seem right. Some of these red flags include an email that is trying to get you to act fast or act now and an email that asks you for any private information or credentials.
“I tell people to think about the things that companies will never do. For example, your bank will never send you an email saying, ‘We see a problem with your account. Click this helpful link here and type in your banking account credentials.’ That is a red flag. Either call customer service, go to a branch or go to your banking website to see if you have a notification from them.”
The latest phishing scam Theresa shares is one on Instagram that targets younger people like our kids.
The cybercriminals are using social media platforms by sending things through messaging and texting to entice them to click on the links and open up the attachments. These young people think they either won a gift card or that they are getting a message from their friend or school.
Both deceptive and dangerous.
Theresa offers her best advice for young people: “Do not click on the link or open the attachment — it is one of the worst things you can do in the moment.”
She adds, “Just because you are not checking emails, it doesn’t mean you are not being targeted by cybercriminals for phishing scams. They are just going to come at you in a different way in a different platform.”
As someone who protects the public for a living, the first place Theresa gets to practice is at home and has a game she plays with her kids.
It’s not Fortnite or Monopoly, but a game she created that teaches her children how to be more vigilant when they get a fishy email.
“Before they delete it I tell them to screenshot it and send it to me. It’s hilarious,” she says with enthusiasm. “We have seen the worst phishing emails and scams and ridiculous claims. I have taught each one of them how to report it.”
And, guess what? They seem to be listening.
She says proudly, “They are typically the first ones in their friends’ group to say, ‘Hey don’t click on that!’ or ‘Don’t respond to that!’”
She encourages others to do the same. “Awareness starts at home. Have fun with it. Show each other different scams you are seeing. It can be a great way to raise your level of awareness and spread the word.”
When we finished filming, it was just two moms goofing off — the perfect way, I think, to end the day. And we didn’t even get seasick!
– Ruth Bashinsky is the Senior Editor at Cybercrime Magazine.