1
00:00:00,000 --> 00:00:07,640
Today on our Tech for Business podcast, we're joined by our marvelous marketing masters.

2
00:00:07,640 --> 00:00:09,480
I think is what we were called.

3
00:00:09,480 --> 00:00:15,160
Tara, our marketing and business development manager at Kelsey, our graphic design and

4
00:00:15,160 --> 00:00:17,040
brand strategist.

5
00:00:17,040 --> 00:00:18,040
What long titles.

6
00:00:18,040 --> 00:00:21,360
But there's so much that we do.

7
00:00:21,360 --> 00:00:25,520
And today we're talking about is it malicious or is it marketing?

8
00:00:25,520 --> 00:00:31,040
I'm actually going to go into Kelsey because I know that this idea kind of came up in a

9
00:00:31,040 --> 00:00:32,040
different podcast.

10
00:00:32,040 --> 00:00:37,040
And I was wondering if you'd give us a little background about how we ended up here today.

11
00:00:37,040 --> 00:00:38,440
Yeah, totally.

12
00:00:38,440 --> 00:00:42,520
I know this is weird to be on the other side of the mic to be like, not just listening.

13
00:00:42,520 --> 00:00:44,640
I actually have to say something to you.

14
00:00:44,640 --> 00:00:50,440
But we were talking post podcast as we do talking about your codes and people going, Hey, it's

15
00:00:50,440 --> 00:00:51,440
spammy.

16
00:00:51,440 --> 00:00:55,400
And then we were like, okay, when it really boils down to it.

17
00:00:55,400 --> 00:00:58,760
And then we're going to do it for marketers and right for ad actors, people that design

18
00:00:58,760 --> 00:01:02,440
fishing campaigns is what I'm going to call it for today.

19
00:01:02,440 --> 00:01:05,180
We're both trying to get people to take an action.

20
00:01:05,180 --> 00:01:08,160
So then it brings the question with all these tactics.

21
00:01:08,160 --> 00:01:10,640
And Q R goes right, we'll go into all of that.

22
00:01:10,640 --> 00:01:16,040
Is it malicious or is it just a creative marketing attempt to try to get you to buy a product

23
00:01:16,040 --> 00:01:17,400
or connect with a company?

24
00:01:17,400 --> 00:01:21,040
So yeah, that's long story short how we landed here today.

25
00:01:21,040 --> 00:01:22,040
Sure.

26
00:01:22,040 --> 00:01:26,400
So, Kara is our fearless leader.

27
00:01:26,400 --> 00:01:32,280
I just want to level that a little bit because most of our listeners are in business of some

28
00:01:32,280 --> 00:01:33,280
sort.

29
00:01:33,280 --> 00:01:37,780
But could you explain a little bit the difference when we're talking about spam fishing and

30
00:01:37,780 --> 00:01:40,040
marketing because sometimes it can feel similar?

31
00:01:40,040 --> 00:01:41,040
Yes, it can.

32
00:01:41,040 --> 00:01:45,280
And I think it's very pointed that we're talking about that today.

33
00:01:45,280 --> 00:01:51,240
Most of our customers and prospects are used to CIT and how we go about engaging them.

34
00:01:51,240 --> 00:01:57,200
And we do a lot via our emails that we send out to them and our website as well.

35
00:01:57,200 --> 00:02:01,720
And we are big proponents of education to our customers as well.

36
00:02:01,720 --> 00:02:08,880
So, we want to make sure today of how do you recognize some of those fishing pieces or spam

37
00:02:08,880 --> 00:02:13,800
and ensuring that the email that you're getting from CIT is legit.

38
00:02:13,800 --> 00:02:19,880
And we'll go into a little bit detail as to how you can find which ones would be malicious

39
00:02:19,880 --> 00:02:21,200
and which ones are not.

40
00:02:21,200 --> 00:02:28,320
But I know from the marketing perspective that CAND spam, excuse me, log went into place

41
00:02:28,320 --> 00:02:29,820
in 2013.

42
00:02:29,820 --> 00:02:35,960
And it's really basic information to protect us as CIT, but also the users that are going

43
00:02:35,960 --> 00:02:37,760
to be getting those emails.

44
00:02:37,760 --> 00:02:42,920
And it's really just as simple as is it looking like it's coming from CIT?

45
00:02:42,920 --> 00:02:47,800
Are there weird and deceptive subject lines that are different from what generally CIT

46
00:02:47,800 --> 00:02:49,320
would send out?

47
00:02:49,320 --> 00:02:54,440
Is there an ad that somehow is in that email that might be a little too good to be true

48
00:02:54,440 --> 00:02:56,880
that kind of makes you cause for a pause?

49
00:02:56,880 --> 00:02:59,600
And I like to say it of, well, that's really weird.

50
00:02:59,600 --> 00:03:02,960
I wonder if that's really actually happening at CIT.

51
00:03:02,960 --> 00:03:05,160
And we really have to tell you to like where we're located.

52
00:03:05,160 --> 00:03:09,760
So, if you get an email that doesn't have any of the contact information below or your

53
00:03:09,760 --> 00:03:13,720
unsubscribe link below, those are kind of weird things that you want to kind of raise

54
00:03:13,720 --> 00:03:15,920
your hand and be like, I think that's on.

55
00:03:15,920 --> 00:03:18,400
Maybe I need to mark that as spam because it's not from CIT.

56
00:03:18,400 --> 00:03:20,280
Yeah, we're all about that training.

57
00:03:20,280 --> 00:03:21,960
We're all about that end user training here.

58
00:03:21,960 --> 00:03:24,560
We talk about that more.

59
00:03:24,560 --> 00:03:29,520
And I will have plenty of like educational materials and things in the description, even

60
00:03:29,520 --> 00:03:33,680
some stuff you can kind of send out and train your employees on.

61
00:03:33,680 --> 00:03:38,960
But I'm kind of wondering if it would be valuable to go a little bit into like, we talked a

62
00:03:38,960 --> 00:03:41,400
little bit about like the different channels.

63
00:03:41,400 --> 00:03:50,120
So email or Google ads or even an advertisement on TV, sort of what we kind of look for or

64
00:03:50,120 --> 00:03:51,120
what's sort of expected.

65
00:03:51,120 --> 00:03:52,120
Yeah, absolutely.

66
00:03:52,120 --> 00:03:53,120
I'm excited to say, Terin, so much.

67
00:03:53,120 --> 00:03:54,120
Do you want to go first?

68
00:03:54,120 --> 00:03:55,120
Yeah.

69
00:03:55,120 --> 00:03:57,600
Yeah, I'll go first and then I can hand it over to Kelsey.

70
00:03:57,600 --> 00:04:02,600
So she had mentioned previously, like we in marketing are looking for what we call the

71
00:04:02,600 --> 00:04:05,120
CTA, called the action.

72
00:04:05,120 --> 00:04:11,160
So typically some type of email that we would send out or if it's a QR code on a postcard,

73
00:04:11,160 --> 00:04:15,280
we're wanting you to take some type of action to then get some additional information because

74
00:04:15,280 --> 00:04:17,480
we want to be very particular.

75
00:04:17,480 --> 00:04:21,560
And when we're sending those that we know that you're a prospect or that you're a customer

76
00:04:21,560 --> 00:04:24,080
and that you're interested in X, Y and Z.

77
00:04:24,080 --> 00:04:27,920
So we do focus a lot on the segmentation of those messages.

78
00:04:27,920 --> 00:04:33,080
So it would be odd if you're in, you know, finance and you're getting an email, you know,

79
00:04:33,080 --> 00:04:37,460
about something that's not pertaining to you that typically will raise some of those red

80
00:04:37,460 --> 00:04:38,460
flags.

81
00:04:38,460 --> 00:04:42,520
And, you know, just kind of take a look at that, but that call to action is really kind

82
00:04:42,520 --> 00:04:43,520
of that next step.

83
00:04:43,520 --> 00:04:47,400
And there are ways that you can hover over and kind of take a look at it and see if it's

84
00:04:47,400 --> 00:04:49,160
coming from the appropriate domain.

85
00:04:49,160 --> 00:04:52,200
But I'll pass it to Kelsey and she can talk a little bit further on that.

86
00:04:52,200 --> 00:04:53,200
Yeah.

87
00:04:53,200 --> 00:04:56,160
And just to kind of zoom out a little bit, I think Terin's done a great job being like

88
00:04:56,160 --> 00:05:00,600
here at CIT, we do all of these things and then kind of going, hey, as a consumer, what

89
00:05:00,600 --> 00:05:02,720
do you expect?

90
00:05:02,720 --> 00:05:04,680
What card, what sort of ads are you expecting to see?

91
00:05:04,680 --> 00:05:07,280
It's the whole, hey, did you mention something?

92
00:05:07,280 --> 00:05:09,880
Now you're getting five different Instagram ads about it.

93
00:05:09,880 --> 00:05:11,520
And I'm like, this is both a good and a bad thing.

94
00:05:11,520 --> 00:05:13,640
It's the hyper personalization, right?

95
00:05:13,640 --> 00:05:18,360
I'm going, you're expecting to see these things because you took an action, which insider

96
00:05:18,360 --> 00:05:19,360
knowledge, right?

97
00:05:19,360 --> 00:05:22,320
That's going, hey, if you're using a private browser, you're not then right giving up your

98
00:05:22,320 --> 00:05:23,320
IP address.

99
00:05:23,320 --> 00:05:25,600
You're not showing what you're doing on their website.

100
00:05:25,600 --> 00:05:30,520
So that's kind of the good and bad of going, hey, if you're expecting to be hyper personalized

101
00:05:30,520 --> 00:05:34,680
marketing to that problem, it means that don't do the browsing.

102
00:05:34,680 --> 00:05:38,160
If you'd rather that us as marketers not know anything about you, turn on that private

103
00:05:38,160 --> 00:05:40,640
browsing 100% again, we're not technical resources.

104
00:05:40,640 --> 00:05:45,360
We have separate podcasts about social engineering, all of that jazz, but go on from there and

105
00:05:45,360 --> 00:05:50,880
then pulling back yet a step again of going, hey, we mentioned TV ads and QR codes.

106
00:05:50,880 --> 00:05:56,960
That was the one thing that we talked with Todd, our, yes, COO and CISO.

107
00:05:56,960 --> 00:05:59,480
Yeah.

108
00:05:59,480 --> 00:06:00,480
But right.

109
00:06:00,480 --> 00:06:01,800
So we asked him, we said, okay, super cool.

110
00:06:01,800 --> 00:06:05,200
You see just a QR code on the screen, there's no branding.

111
00:06:05,200 --> 00:06:06,200
There's no nothing.

112
00:06:06,200 --> 00:06:07,360
It's just a QR code.

113
00:06:07,360 --> 00:06:08,360
What do you do with that?

114
00:06:08,360 --> 00:06:14,680
Again, if you pick up your phone, hover over it, it's going to pre-display a URL.

115
00:06:14,680 --> 00:06:19,320
Now with a lot of different marketing software is that URL may not look, it may have some

116
00:06:19,320 --> 00:06:21,760
Google gibberish before it.

117
00:06:21,760 --> 00:06:24,120
It may have some Mercado gibberish before it.

118
00:06:24,120 --> 00:06:25,440
So that alone, right?

119
00:06:25,440 --> 00:06:30,480
Isn't telling you a ton about it, but it is going, you still haven't taken action.

120
00:06:30,480 --> 00:06:34,760
And just by scanning a QR code, your phone is not automatically taking an action.

121
00:06:34,760 --> 00:06:38,280
Yes, as their technology is going, hey, now you can do all of these different things.

122
00:06:38,280 --> 00:06:39,880
You can open all these different things.

123
00:06:39,880 --> 00:06:43,280
Yes, but typically in order to take that next step, you're clicking on it.

124
00:06:43,280 --> 00:06:45,800
It's then opening the URL from there.

125
00:06:45,800 --> 00:06:48,520
A lot of times then right there's the credential harvesting.

126
00:06:48,520 --> 00:06:51,400
There's going through and saying, hey, enter all of this stuff.

127
00:06:51,400 --> 00:06:54,720
Exactly as Tara talked about, if you scan it and all of a sudden it's going, get six

128
00:06:54,720 --> 00:06:57,120
months of managed services free from CIT.

129
00:06:57,120 --> 00:07:01,320
Yes, sadly, that's probably not an offer that we're running that maybe seems a little bit

130
00:07:01,320 --> 00:07:04,400
sus by going back to, hey, it's a Super Bowl.

131
00:07:04,400 --> 00:07:10,280
The amount of money and the amount of infrastructure that goes into those ads and the amount that

132
00:07:10,280 --> 00:07:14,560
they're reviewed, it's highly unlikely that that's a malicious link.

133
00:07:14,560 --> 00:07:15,560
Why?

134
00:07:15,560 --> 00:07:20,600
Because right the advertising company, people test that before it goes live on the air,

135
00:07:20,600 --> 00:07:23,040
where we see right ads on Google.

136
00:07:23,040 --> 00:07:27,080
Those are being reviewed by Google, but the amount of ads that are going out daily that

137
00:07:27,080 --> 00:07:31,360
people are submitting are just too many to be able to capture everything.

138
00:07:31,360 --> 00:07:35,640
Even write the like suggested you are on the top of your Google search results.

139
00:07:35,640 --> 00:07:38,120
Maybe phishing, hover over that.

140
00:07:38,120 --> 00:07:42,240
They can make it look like just about anything, especially as we get into holiday season, depending

141
00:07:42,240 --> 00:07:43,680
on whatever this episode airs.

142
00:07:43,680 --> 00:07:48,160
Yeah, if you're shopping, maybe scroll down below, which then also is marketers, then

143
00:07:48,160 --> 00:07:51,200
you're not paying for clicks on those top ones.

144
00:07:51,200 --> 00:07:56,320
Little insider knowledge on all of those fun Google ads, but that's going from anything

145
00:07:56,320 --> 00:07:58,960
from a QR code to a commercial to any of those things.

146
00:07:58,960 --> 00:08:03,640
Just look at what's the source is that your local per is it a YouTube ad?

147
00:08:03,640 --> 00:08:05,240
Those are Google ads.

148
00:08:05,240 --> 00:08:07,000
That's probably easier to get on there.

149
00:08:07,000 --> 00:08:08,000
Maybe pause.

150
00:08:08,000 --> 00:08:11,800
Again, if you're a Google ad, you're probably good to go.

151
00:08:11,800 --> 00:08:17,160
If it's a QR code, postcard from somebody at a booth that works for the company that

152
00:08:17,160 --> 00:08:20,280
you're expecting, you can probably scan that code.

153
00:08:20,280 --> 00:08:21,600
That's totally fine.

154
00:08:21,600 --> 00:08:22,600
Stick around a light pole.

155
00:08:22,600 --> 00:08:26,280
Yeah, I could probably just Google that company name or Google something about it.

156
00:08:26,280 --> 00:08:28,920
I'm probably not going to just scan that in a coffee shop.

157
00:08:28,920 --> 00:08:33,960
Again, slow down enough to question it for just a second is the very boiled down advice

158
00:08:33,960 --> 00:08:34,960
there.

159
00:08:34,960 --> 00:08:38,760
Yeah, I did want to mention one thing too, and we talk about this of just overall education

160
00:08:38,760 --> 00:08:43,280
when it comes to cybersecurity is always you can go back out to their website.

161
00:08:43,280 --> 00:08:45,840
If you feel like that email, don't click on the link.

162
00:08:45,840 --> 00:08:47,320
Go out to CIT's website.

163
00:08:47,320 --> 00:08:51,320
If you got an ad from Target, go to Target website and enter in.

164
00:08:51,320 --> 00:08:55,640
If you need to sign into your account that way, that way you know it's a trusted source

165
00:08:55,640 --> 00:09:01,080
and you see the little secure up there in that left hand corner where it's the web link.

166
00:09:01,080 --> 00:09:06,040
Another little tidbit that I heard, I'm sure you guys are hearing constantly from CIT,

167
00:09:06,040 --> 00:09:09,280
but it really does make sense to be like, well, just pause for a little bit and let's

168
00:09:09,280 --> 00:09:11,040
try something different.

169
00:09:11,040 --> 00:09:15,880
One last thing to note, it's going to be rare from marketers though too, like from CIT

170
00:09:15,880 --> 00:09:20,960
that we're going to ask you to put in your password for something related to something

171
00:09:20,960 --> 00:09:23,760
that we're offering, whether it's just a quick little webinar.

172
00:09:23,760 --> 00:09:27,160
We don't have passwords where you have to enter in information.

173
00:09:27,160 --> 00:09:31,880
That's something too, is kind of familiarize yourself with the process from the organizations

174
00:09:31,880 --> 00:09:32,880
that you're working with.

175
00:09:32,880 --> 00:09:36,880
If it's something out of that norm, that's going to raise a little bit of the red flags

176
00:09:36,880 --> 00:09:40,560
to be like, we are, they've never asked of me before, should I do that?

177
00:09:40,560 --> 00:09:41,880
Just wanted to mention that piece.

178
00:09:41,880 --> 00:09:45,960
100% and kind of right to go, hey, this is everything that we're doing.

179
00:09:45,960 --> 00:09:46,960
This is what to expect.

180
00:09:46,960 --> 00:09:51,440
It's also going, hey, maybe if you're listening and you have an internal marketing department

181
00:09:51,440 --> 00:09:53,440
and they're sitting and I know, Terry.

182
00:09:53,440 --> 00:09:55,320
We sit at our leadership meetings, right?

183
00:09:55,320 --> 00:09:59,040
And we occasionally get feedback internally of now looks spammy.

184
00:09:59,040 --> 00:10:02,000
That looks like fishing, which right is a marketer here?

185
00:10:02,000 --> 00:10:04,400
Like, no, it's nothing that I ever wanted.

186
00:10:04,400 --> 00:10:09,400
And right as our in-house kind of graphic designer is one of my roles, we try to pride

187
00:10:09,400 --> 00:10:13,360
ourselves in doing graphic design that looks professional.

188
00:10:13,360 --> 00:10:19,920
It doesn't look like we used word art to make it, which right is kind of a fine sort of,

189
00:10:19,920 --> 00:10:20,920
right?

190
00:10:20,920 --> 00:10:25,400
And I'm not saying that occasionally also realizing that your mail, right?

191
00:10:25,400 --> 00:10:27,120
So I'll look at my desktop.

192
00:10:27,120 --> 00:10:33,720
Could review all of the good, beautiful, gorgeous images that we threw in an email all formatting

193
00:10:33,720 --> 00:10:38,360
and all of a sudden you got Gaby Gooke and you're like, yeah, that does look like fishing.

194
00:10:38,360 --> 00:10:42,520
Do I also love our security team and realize that there's a lot of things in place internally

195
00:10:42,520 --> 00:10:44,280
to make sure that we're secure?

196
00:10:44,280 --> 00:10:46,240
Yes, 100%.

197
00:10:46,240 --> 00:10:49,000
Does that email occasionally look a lot better on my phone?

198
00:10:49,000 --> 00:10:50,000
Yes.

199
00:10:50,000 --> 00:10:51,000
100%.

200
00:10:51,000 --> 00:10:56,520
So right, realizing where some of the plain text emails that you may see coming from,

201
00:10:56,520 --> 00:11:00,600
right, that's part of we have to look at it as marketers and go, what makes sense to add

202
00:11:00,600 --> 00:11:06,280
a visual versus what makes sense to have a plain text because the content is more important

203
00:11:06,280 --> 00:11:10,880
than the res of dazzling, even though I love to make things sparkly and love to make them

204
00:11:10,880 --> 00:11:12,120
look good.

205
00:11:12,120 --> 00:11:14,880
But it's just the world that we live in that those images may be removed.

206
00:11:14,880 --> 00:11:18,560
And then you're going, hey, I even got an email the other day that said, if you can't

207
00:11:18,560 --> 00:11:20,920
see this email, click allow images.

208
00:11:20,920 --> 00:11:28,240
And it was like, yes, 100%, you may get some of that just by allowing images again is not

209
00:11:28,240 --> 00:11:31,680
all of a sudden putting yourself in a giant security risk, which again, I feel like I

210
00:11:31,680 --> 00:11:36,160
should ask for a marketer, not a cybersecurity expert.

211
00:11:36,160 --> 00:11:38,000
Could that ever be a thing potentially?

212
00:11:38,000 --> 00:11:42,760
But all it's doing is allowing those images to download, which we've all had emails that

213
00:11:42,760 --> 00:11:44,920
are completely blank until that downloads.

214
00:11:44,920 --> 00:11:50,120
And then you're going, it's because the marketer wanted to use a gift, whichever one you're

215
00:11:50,120 --> 00:11:51,120
saying today.

216
00:11:51,120 --> 00:11:54,760
And they wanted it to look pretty, yes, most of the time.

217
00:11:54,760 --> 00:11:55,760
For sure.

218
00:11:55,760 --> 00:12:02,440
I think I also wanted to add that a lot of our listeners are like, IT admin or security

219
00:12:02,440 --> 00:12:03,440
professionals.

220
00:12:03,440 --> 00:12:08,040
And you might be listening to this and getting like, like it's the holiday season, like what

221
00:12:08,040 --> 00:12:11,560
they're doing on their personal phone is, you know, I hope that they're safe, but it's

222
00:12:11,560 --> 00:12:12,560
not my job.

223
00:12:12,560 --> 00:12:18,600
And you know what, there's a blend of like your work technology and your home technology.

224
00:12:18,600 --> 00:12:22,160
I know that I have teams on my personal phone.

225
00:12:22,160 --> 00:12:27,880
Like there is this blurring line, not that it's the security's responsibility to take

226
00:12:27,880 --> 00:12:32,200
care of what you're doing in your personal life, but you still need to keep these things

227
00:12:32,200 --> 00:12:40,320
in mind when you are doing your holiday shopping, doing these things for Black Friday, because

228
00:12:40,320 --> 00:12:43,920
there might be something on your phone that's going to connect back to your business and

229
00:12:43,920 --> 00:12:44,920
your company.

230
00:12:44,920 --> 00:12:46,920
That just sparks something.

231
00:12:46,920 --> 00:12:52,320
Sorry, Darryl, I'm like, text marketing, text marketing, right?

232
00:12:52,320 --> 00:12:55,840
Because that's another tool in the toolkit of is it malicious?

233
00:12:55,840 --> 00:12:57,200
Is it marketing?

234
00:12:57,200 --> 00:13:01,840
Do I get now an entire, essentially, I'm that person, if anybody listening looked at my

235
00:13:01,840 --> 00:13:05,080
phone, they'd be like, you have that many unredeux messages.

236
00:13:05,080 --> 00:13:07,160
And I'm like, well, I have an Apple watch.

237
00:13:07,160 --> 00:13:11,640
So I see right in the advertisements come up and then I just spray it to mark them as

238
00:13:11,640 --> 00:13:13,200
red has Apple address that.

239
00:13:13,200 --> 00:13:16,600
Yes, I could tangent on that, but we're going to move right on past that.

240
00:13:16,600 --> 00:13:21,080
But go on the text that you get, hey, we couldn't deliver this package.

241
00:13:21,080 --> 00:13:22,080
Please click here.

242
00:13:22,080 --> 00:13:23,080
Right.

243
00:13:23,080 --> 00:13:28,760
And those, again, sense of urgency, very timely, those things.

244
00:13:28,760 --> 00:13:32,600
Typically with UPS, ever send you a text message, without you opting in.

245
00:13:32,600 --> 00:13:34,520
No, you would know you would have opted in.

246
00:13:34,520 --> 00:13:36,040
It would have been from an expected number.

247
00:13:36,040 --> 00:13:40,480
It would not have just randomly been, hey, I put my number in for an order.

248
00:13:40,480 --> 00:13:43,640
Yes, but you still have to opt into texting.

249
00:13:43,640 --> 00:13:47,560
Again, it's that taking the action of going, I said yes to this.

250
00:13:47,560 --> 00:13:48,880
So I'm expecting it.

251
00:13:48,880 --> 00:13:54,800
And the tears point earlier, you can go out and check your order number just to be safe.

252
00:13:54,800 --> 00:13:59,680
But that's to your point, Ariel guy, hey, we have work things on our devices are devices

253
00:13:59,680 --> 00:14:02,760
also managed by work without the other.

254
00:14:02,760 --> 00:14:05,200
Yeah, that's a whole number of tangent that you can get into.

255
00:14:05,200 --> 00:14:08,640
But that's something that, hey, you're running around on your lunch break.

256
00:14:08,640 --> 00:14:11,880
You click on something, because it was text message.

257
00:14:11,880 --> 00:14:14,280
Yeah, 100%.

258
00:14:14,280 --> 00:14:18,840
That's another way that could be just a good educational thing for your entire staff.

259
00:14:18,840 --> 00:14:23,400
Yeah, I was just going to mention along those lines, Ariel, and with the IT folks that might

260
00:14:23,400 --> 00:14:27,480
be listened to, they will adhere to certain policies.

261
00:14:27,480 --> 00:14:32,640
So if you are your acceptable user policy to make sure that you're not doing a bunch

262
00:14:32,640 --> 00:14:36,360
of personal stuff on your work device, because a lot of organizations will have that just

263
00:14:36,360 --> 00:14:38,520
from a cybersecurity perspective.

264
00:14:38,520 --> 00:14:42,520
But I think we've all been, we've all done it, you know, on occasion, like Kelsey said,

265
00:14:42,520 --> 00:14:45,120
you got a text and you have some of it on your personal phone.

266
00:14:45,120 --> 00:14:49,160
But especially with the holidays, I know I was listening to the news that a lot of people

267
00:14:49,160 --> 00:14:52,280
are starting the Black Friday sales now.

268
00:14:52,280 --> 00:14:56,080
And so just keep that in mind that you're going to start to see that because even though

269
00:14:56,080 --> 00:14:59,920
some people may wait into the true holidays, there's a lot of stuff that's ticking up right

270
00:14:59,920 --> 00:15:02,080
now that there's deals going on.

271
00:15:02,080 --> 00:15:06,440
And again, you know, getting back to if it sounds too good to be true, then maybe second

272
00:15:06,440 --> 00:15:09,520
guess it and be like, I don't think that's really going to happen.

273
00:15:09,520 --> 00:15:14,960
Or, you know, there's some type of ad that is like misspelled and looks a little weird

274
00:15:14,960 --> 00:15:15,960
too.

275
00:15:15,960 --> 00:15:18,840
Those are kind of telltale science to kind of shy away from that and be like, no, thank

276
00:15:18,840 --> 00:15:23,240
you on put them in the spam folder, Marcus, spam, phishing and move on.

277
00:15:23,240 --> 00:15:25,440
Marcus spam, yeah, do a little fall cleaning on your inbox.

278
00:15:25,440 --> 00:15:31,200
Do a couple unsubscribes, 100%, which I think all on this too made me think of when Tara

279
00:15:31,200 --> 00:15:35,040
and I were looking at different resources before this that go like, there's malnortizing.

280
00:15:35,040 --> 00:15:37,360
So again, is it malicious or is it market marketing?

281
00:15:37,360 --> 00:15:38,360
Is it malnortizing?

282
00:15:38,360 --> 00:15:42,720
If it's an ad that doesn't seem to align with you recently looked at pots and pans that

283
00:15:42,720 --> 00:15:44,920
may see is because they are on a Black Friday sale.

284
00:15:44,920 --> 00:15:49,280
All of a sudden it's an ad for something that's completely outside the realm of anything you've

285
00:15:49,280 --> 00:15:51,640
been shopping for.

286
00:15:51,640 --> 00:15:52,640
That should be suspicious.

287
00:15:52,640 --> 00:15:53,640
It's not just bad marketing.

288
00:15:53,640 --> 00:15:56,880
It could be bad marketing of going, hey, we picked the wrong target market and did these

289
00:15:56,880 --> 00:15:57,880
things.

290
00:15:57,880 --> 00:16:03,240
And hey, if a marketing team is doing Google ads, there's a good chance that they're trying

291
00:16:03,240 --> 00:16:09,920
to make it hyper personalized to you to not just say, as a marketer, I would never go,

292
00:16:09,920 --> 00:16:11,520
hey, your package is late.

293
00:16:11,520 --> 00:16:15,840
By the way, here's how we can secure you for cyber security.

294
00:16:15,840 --> 00:16:17,880
That's a little bit too mean.

295
00:16:17,880 --> 00:16:20,480
That's taking it to a place that I would not want to go.

296
00:16:20,480 --> 00:16:22,560
That's click baiting to a place that's going.

297
00:16:22,560 --> 00:16:25,760
Yeah, I would agree with the feedback that looks spammy.

298
00:16:25,760 --> 00:16:26,760
Yeah.

299
00:16:26,760 --> 00:16:31,880
I think, again, I'll have a ton of resources in the description, but it really comes down

300
00:16:31,880 --> 00:16:38,080
to rust between the customer and the company.

301
00:16:38,080 --> 00:16:42,080
We trust you to opt in, and if you don't want that information, we give you the opportunity

302
00:16:42,080 --> 00:16:43,080
to opt out.

303
00:16:43,080 --> 00:16:50,960
And so if anything is outside of that relationship, then I would question it.

304
00:16:50,960 --> 00:16:52,520
But I wanted to open it up.

305
00:16:52,520 --> 00:16:54,560
If there's anything else you wanted to share.

306
00:16:54,560 --> 00:16:56,640
Again, it's a part of the end.

307
00:16:56,640 --> 00:16:59,760
I was saying anything from you, Tara?

308
00:16:59,760 --> 00:17:02,760
We like to tangent so we can always go down different routes.

309
00:17:02,760 --> 00:17:06,160
But I think that really gets to the gist of it.

310
00:17:06,160 --> 00:17:09,680
We wanted to make sure that everybody was just aware of what's out there, especially

311
00:17:09,680 --> 00:17:13,760
like I had mentioned, the holiday seasons coming up, just cause for pause, as I like

312
00:17:13,760 --> 00:17:16,120
to say, of what's really going to be real.

313
00:17:16,120 --> 00:17:20,440
And if you ever have questions, that's why you have your IT department is to ask them

314
00:17:20,440 --> 00:17:25,480
to because maybe if there's something weird, market is fishing because they can always retrieve

315
00:17:25,480 --> 00:17:28,400
it back if it actually was a legitimate email.

316
00:17:28,400 --> 00:17:32,800
So again, better be safe and sorry, because you don't want to be that person we talk about.

317
00:17:32,800 --> 00:17:38,320
It's really the end user that typically is causing the most issues when it comes to cybersecurity.

318
00:17:38,320 --> 00:17:43,160
So make sure you're not going to be that one user that happens to click something that

319
00:17:43,160 --> 00:17:47,680
could could lead to a lot of damage to your organization.

320
00:17:47,680 --> 00:17:51,720
And on the flip side, and any of the organizations that are big enough to have internal marketing

321
00:17:51,720 --> 00:17:55,600
or if you work with somebody external and you're going, should we be concerned?

322
00:17:55,600 --> 00:17:59,720
I'm seeing all these reports that QR codes are being used for fishing.

323
00:17:59,720 --> 00:18:01,680
Should we not use QR codes?

324
00:18:01,680 --> 00:18:03,320
Should we not use these additional technologies?

325
00:18:03,320 --> 00:18:05,920
Should we not use Google ads?

326
00:18:05,920 --> 00:18:07,200
It is your business's decisions.

327
00:18:07,200 --> 00:18:09,400
I'm not here at all to go, no, you should do this.

328
00:18:09,400 --> 00:18:13,560
Of course, I'm going to lobby for the side of going, hey, trust your marketers to do

329
00:18:13,560 --> 00:18:17,520
things that are ethical.

330
00:18:17,520 --> 00:18:19,720
Don't look too like 80.

331
00:18:19,720 --> 00:18:25,680
Don't have misspellings, aren't sending out things without an unsubscribed link, right?

332
00:18:25,680 --> 00:18:30,520
Just good best practices, but still allowing that bit of creative freedom to go.

333
00:18:30,520 --> 00:18:36,480
Hey, it is a super nice way to link somebody to the information they need with a QR code.

334
00:18:36,480 --> 00:18:39,360
That's accessible that people are getting used to.

335
00:18:39,360 --> 00:18:42,040
So right, that would be my little personal that I'm like, please don't shy away from

336
00:18:42,040 --> 00:18:47,400
this great technology that we have or from using texts as part of your advertising scheme

337
00:18:47,400 --> 00:18:52,760
from using Google ads from doing these things, but also realizing that with your brand, you're

338
00:18:52,760 --> 00:18:57,440
still being consistent, you're still using the same voice, you're still doing things

339
00:18:57,440 --> 00:19:02,640
that your customer base expects and you're hyper personalizing everything to them with

340
00:19:02,640 --> 00:19:06,360
realizing that they have the ability to opt out of giving you any information that you

341
00:19:06,360 --> 00:19:10,000
still have to have a fallback of going, what do I do if I know nothing about you?

342
00:19:10,000 --> 00:19:13,600
I did want to mention, sorry, one last thing, Ariel, and then I will, I promise I'll be

343
00:19:13,600 --> 00:19:14,600
quiet.

344
00:19:14,600 --> 00:19:20,760
So with CIT, we're somewhat small enough that we're able to let all of our CIT employees

345
00:19:20,760 --> 00:19:24,240
know when we're sending out large customer communications.

346
00:19:24,240 --> 00:19:26,920
And I wanted to mention that because I do think that is key.

347
00:19:26,920 --> 00:19:31,560
I mean, we use our internet and also our team's messaging.

348
00:19:31,560 --> 00:19:36,920
So our support staff does know if we send out a large message to customers.

349
00:19:36,920 --> 00:19:41,160
So if any questions do come up, they're able to look into that information to say, yes,

350
00:19:41,160 --> 00:19:42,320
that I actually was marketing.

351
00:19:42,320 --> 00:19:43,880
There are actions that need to happen.

352
00:19:43,880 --> 00:19:49,320
So kind of another fail safe thing just to make sure everybody is included on those communications.

353
00:19:49,320 --> 00:19:54,120
I know with larger ones, it might be difficult to let everybody know everything that marketing

354
00:19:54,120 --> 00:19:55,120
is doing.

355
00:19:55,120 --> 00:19:59,160
But some of the ones that are very important when it goes to a larger group of customers,

356
00:19:59,160 --> 00:20:04,600
I think it's really nice to keep that interdepartment communication very active and knowing what's

357
00:20:04,600 --> 00:20:05,600
happening.

358
00:20:05,600 --> 00:20:08,200
Tara, that was a great point that I saw that I saw almost done.

359
00:20:08,200 --> 00:20:14,800
You're like, I was like, see you, I'm going, what Tara is talking about is what we define

360
00:20:14,800 --> 00:20:16,120
as operational email.

361
00:20:16,120 --> 00:20:20,880
So to go back and if you're like, hey, I got an email from CIT and there was no unsubscribing,

362
00:20:20,880 --> 00:20:23,400
may have been an operational email.

363
00:20:23,400 --> 00:20:26,640
Operational emails are things like you signed up for a webinar and confirmation here is

364
00:20:26,640 --> 00:20:30,960
something that we think those typically do not have an unsubscribe link at the bottom

365
00:20:30,960 --> 00:20:34,240
because there is no sales method going.

366
00:20:34,240 --> 00:20:38,520
You could have unsubscribed from something, but we want you to get the email link to a

367
00:20:38,520 --> 00:20:40,080
webinar if you got that.

368
00:20:40,080 --> 00:20:44,480
If you're a user of one of the services and we have an important communication to you,

369
00:20:44,480 --> 00:20:50,080
that's considered an operational send versus a marketing send, which yes, 100% document

370
00:20:50,080 --> 00:20:55,960
what you're doing, communicate to internal and then externally know what to expect.

371
00:20:55,960 --> 00:21:00,640
I realized that just because something doesn't have unscribed, look at what the content is.

372
00:21:00,640 --> 00:21:05,440
If it's you're a managed services customer and this is an update of something that you

373
00:21:05,440 --> 00:21:09,320
have installed, yes, of course, we'll also provide the phone number and the email.

374
00:21:09,320 --> 00:21:12,000
You don't even have to respond to that email.

375
00:21:12,000 --> 00:21:15,840
You can call to verify, but those types of things.

376
00:21:15,840 --> 00:21:20,360
Now if it's like red alert, all this stuff is on fire and it seems to be out of CIT's

377
00:21:20,360 --> 00:21:22,160
process, yeah, calls for pause.

378
00:21:22,160 --> 00:21:23,160
For sure.

379
00:21:23,160 --> 00:21:27,200
I was just going to re-highlight the communication, not only in between the business and the customer,

380
00:21:27,200 --> 00:21:32,400
internally like Kara said, and then we work closely with our security department.

381
00:21:32,400 --> 00:21:36,360
If they have questions like the QR code question, they will just ask us.

382
00:21:36,360 --> 00:21:42,080
If you are an IT professional and you're concerned about something, just ask.

383
00:21:42,080 --> 00:21:48,440
Just talk to your marketing department, see if they consider it, or do some research and

384
00:21:48,440 --> 00:21:50,000
help each other out.

385
00:21:50,000 --> 00:21:54,200
I think on that note, thank you, Kara and Kelsey, for joining us today.

386
00:21:54,200 --> 00:21:57,360
This was such a fun, different podcast.

387
00:21:57,360 --> 00:22:00,320
If you enjoyed this, please like and subscribe.

388
00:22:00,320 --> 00:22:03,760
It's how we know that you are interested in these topics.

389
00:22:03,760 --> 00:22:10,000
If you have a question or a topic, reach out to us at info at cat-net.com, or head out

390
00:22:10,000 --> 00:22:14,840
to our website, cat-net.com slash podcast.

391
00:22:14,840 --> 00:22:27,040
And we'll be back next week with an all-new episode.