WAVE Country November 29 – Safe Shopping Tips

Follow these tips to protect your business and yourself from cybercriminals.


Dawn (00:01):

Today’s tips are all about cyber security. You know it’s Cyber Monday. I don’t know if you’ve ever had trouble after buying something on the computer or having someone steal what’s yours via computer. It’s really frustrating. We want to welcome Jeff Chandler, who is here. He is the founder and CEO of Z-JAK Technologies and this is what you do.

Jeff (00:27):

It is, right.

Dawn (00:28):

Yeah. How much more do we see cybercrime? It just seems to me, and I guess because more of us are on the computer now, that it is just through the roof.

Jeff (00:38):

It is. It’s been increasing pretty rapidly every year, and especially with everybody working from home these days.

Dawn (00:44):

Oh, yeah.

Jeff (00:45):

It’s just, people are taking advantage of that.

Dawn (00:47):

All right. So we’re going to learn, as a matter of fact, he wrote the book Hacked! This is out and we can get it now, right?

Jeff (00:54):

If you go to hackedbook.com.

Dawn (00:58):

All right, that’s all you need to do. Hackedbook.com

Jeff (01:02):

We want to protect business owners, so this is for business owners. We want to make sure that small business owners in particular are under attack these days.

Dawn (01:11):

Okay. So let’s talk about that. If a small business is hacked though and I have purchased there, does that put me in that zone of possibly being hacked as well?

Jeff (01:24):


Dawn (01:25):


Jeff (01:25):

Because if they steal your information from that business, then they could potentially use that same information to try to get into your banking sites, other shopping sites and steal your other information.

Dawn (01:37):

How often does that happen?

Jeff (01:38):

So every year, probably half of small businesses have a cyber attack.

**Correction: Half of all cyberattacks are aimed at small and medium-sized businesses. One in five small businesses suffers a cyberattack each year.

Dawn (01:38):


Jeff (01:43):

Half, and of those, half of them are out of business within a year of that attack.

**Note: The actual number is 60% within 6 months of an attack

Dawn (01:48):

Oh, no.

Jeff (01:49):


Dawn (01:49):

Oh, because they have to deal with so much.

Jeff (01:52):

Right. The expense of dealing with it is just too much.

Dawn (01:54):

Oh, I just think that’s just shameful. Here also we’ve had in Kentucky, hospitals hit an awful a lot too, and you would never imagine that.

Jeff (02:05):

Right. They’re a big target. Look at all the information that they have.

Dawn (02:08):


Jeff (02:09):

They have lots of good personal information on everybody at the hospital. So it’s a prime target for the hackers.

Dawn (02:16):

Anymore, and I don’t want it to be this way, there are times when I buy something and then I get a text, and it says it’s from the company. I’m so chicken anymore. I don’t click on anything.

Jeff (02:30):


Dawn (02:31):

But you don’t want to live that way.

Jeff (02:33):

Right. It’s a good plan though. I don’t click on anything even text. So if I get a text from the bank or whoever.

Dawn (02:40):

And it says, click, I don’t hit it.

Jeff (02:42):

I don’t click it. They should have information. I go to the site directly and try to get the information that way, if they want me to change my password, do something like that.

Dawn (02:50):

Right. Because if you click, there’s a chance you’re letting them in.

Jeff (02:54):


Dawn (02:55):

Okay. So I was feeling really guilty about that, but I’m not going to feel guilty anymore. So when it comes to consumers, protecting their information, I know one big thing, and small businesses, we don’t change our passwords enough, I’m sure, and we probably don’t make difficult enough passwords. They’re just too hard to remember.

Jeff (03:17):

Right. They are. They are hard to remember, and we recommend you use a really good password and use different ones on all of your sites. By doing that, if one of your sites gets hacked, it’s going to prevent you from getting hacked somewhere else as well.

Password tips

Dawn (03:31):

How often should I change my passwords?

Jeff (03:34):

They recommend you change them every at least three to six months.

Dawn (03:37):

Oh my goodness. I thought you were going to say every three to six years. You said months.

Jeff (03:43):

Yeah. So what we do is we recommend that you use a password manager. So by using a password manager, and there’s a number of them on the market these days, a password manager will let you generate really complex passwords and create different ones for all of your websites.

Dawn (03:58):

You don’t have to remember them.

Jeff (04:00):


Dawn (04:00):

So here’s my thing, and everybody always says, use a password manager. In my mind, what happens if they hack the password manager?

Jeff (04:09):

Right. That’s why you use a really good password for your password manager. Make sure it’s a really long password.

Dawn (04:13):

So that’s the only one that you have to remember is the password manager password?

Jeff (04:18):

Right. Yeah. Mine is roughly 20 characters long.

Dawn (04:22):

If I name my children something with 20 characters, I’m not going to remember that.

Jeff (04:28):

So what you can do is use a phrase.

Dawn (04:30):


Jeff (04:30):

So it might be something like, I was born in Louisville, Kentucky in July 1970 at Audubon Hospital, and then take the first letter of each of those words in the phrase, mix in some special characters, some numbers, and now you’ve got a really good, long password and it’s a really easy password to remember.

Dawn (04:47):

Have you ever forgotten the password to your password manager?

Jeff (04:52):

I have not, but I have it written down and it’s in a safe at the bank.

Dawn (04:57):

All right. So let’s talk about some of the things. You shared a survey with us about the passwords, and I was tickled when I read them because I don’t even think I would do that, but like one, two, three, four, five, six, seven, eight. Who would make their password that?

Top 10 Most Common Passwords

Jeff (05:16):

Yeah. Unfortunately, when you look at the most common passwords from 2021, it looks exactly like the same passwords from a year ago and a year before that. So if you’ve got one of these passwords today.

Dawn (05:27):

Get rid of it.

Jeff (05:28):

Change it immediately.

Dawn (05:30):

Now, I have used the word love in a password before, but I’ve never made it, I love you. I mean, never. Why do they pick on small businesses so much? Is it that they’ve not built their infrastructure up enough? Or why is it so easy? Why pick on small businesses?

Jeff (05:51):

Right. They don’t have the resources that a larger company is going to have, so they’re just an easier target. So when you look at a big business, they’ve got security teams, they’ve got lots of layers of firewalls. A small business does not have those resources. So one of the things that we recommend that a small business owner do is get a third party assessment, get someone to come in, just do a third party check, make sure they’ve got good security procedures in place. I even have that for my own business. I have someone come in and audit what I do.

Dawn (06:19):

Okay. So who does that though? Who do they go to and how much would something like that cost?

Jeff (06:27):

Yes. So it could range. It depends on the size of the business.

Dawn (06:30):


Jeff (06:30):

So maybe for a small business owner, it might be up to $1,000 somewhere in there. It could be $500. Just depends on what you have. If you’re an e-commerce site versus a small legal office, there’s a lot of depends on that.

**Note: We work with a 3rd party security company that gives us a limited number of free cybersecurity assessments we can use with our clients each month. Contact us if you’re interested in learning more about this.

Dawn (06:45):

So let’s look at the one, two, threes of whether we’re talking about people or whether we’re talking about small businesses. I am really crazy about this stuff. Now, people will send something to me and it’s said, hey, I wanted you to see this. I’m not clicking on it. Well, I guess it is, but it just seems like because of the people who do bad, you’re not able to do what you want to do.

Jeff (07:10):

Right. Yeah. It’s hard to trust anybody, right?

Dawn (07:12):

Isn’t that terrible?

Jeff (07:13):

On social media, email links, it’s just tough. And so just verify everything. If you get an email or if you see something posted on social media and the deal looks too good to be true.

Dawn (07:25):

It is.

Jeff (07:25):

It probably is.

Dawn (07:25):

We bought some furniture, some summer furniture. We never got that furniture and $2,000 later, however, okay, so here’s the thing. We purchased it with a credit card. So we were able to call the bank and say, we never got that and they gave us the money back. Is it always best to use a credit card and not a debit card?

Jeff (07:48):

Absolutely. Yeah. And one of the scams that they will do is they will ask you to go to the store and get gift cards.

**Note: The FTC website has more details on gift card scams here https://www.consumer.ftc.gov/articles/gift-card-scams

Dawn (07:54):

You immediately know no business is going to ask you to get gift cards.

Jeff (08:00):

Right. Exactly.

Dawn (08:02):

All right.

Jeff (08:02):


Dawn (08:02):

Top three things that you want small businesses and people to know?

Jeff (08:07):

Have a good password, make sure it’s long, complex, use a different password for all of your sites and use a password manager.

Dawn (08:14):

And if I’m looking for a password manager, because I’ve thought about that too, and I don’t even trust the password managers, where do I find a password manager?

Jeff (08:24):

You could just do a Google search on password managers and you’ll find a number of them out there on the market. Find one that works for your platform.

Dawn (08:30):

And if you’re on a page and you’re wanting to buy or get something off of that page, is there anything to make sure we’re on a secured page? What do we look like in that address to know we’re on a secured page?

Jeff (08:46):

Yeah. So one thing to look out for is to look for a misspelled word. If you’re going to a particular store’s website, make sure it’s spelled correctly in the URL, and then look for that lock icon next to it.

Dawn (08:58):

And that’s actually, it looks like a little lock. It’s usually in a little green circle or something like that.

Jeff (09:06):

Yeah. It’ll be just to the left of the name of the store.

Dawn (09:08):

If you don’t see that, probably best not to shop.

Jeff (09:12):

Right. Absolutely.

**Note: More tips on what to look for are here https://www.digicert.com/blog/how-to-know-if-a-website-is-secure

Dawn (09:13):

All right. Any other things that I didn’t ask you to keep us protected?

Jeff (09:17):

I would just do everything you can be suspicious. Don’t trust links. Be careful.

Dawn (09:22):

Isn’t that just an awful feeling. Jeff?

Jeff (09:26):

It is.

Dawn (09:27):

Yeah, but better safe than sorry. Again, you can get the book Hacked! Especially for small businesses, hackedbook.com. Did I forget anything, Jeff?

Jeff (09:38):

That’s it. Thank you.

Dawn (09:38):

All right. There we go. He says that’s it, but it’s so easy to get scammed these days. Do your best, know what you’re doing and make sure you have a good password.

How long would it take to crack your password? Use our password tester to find out

Need help? Call us today at 502-200-1169 or use the contact us form to let us know how we can help.