Alert employees prevent elderly female from losing thousands to scam

Scam

On Thursday March 8th an elderly female walked into a local Shoppers Drug Mart asking to purchase $4000 in gaming cards. Instantly, given the amount asked for, the employee sensed the female was being duped and proceeded to ask her why she needed so many cards.

The female, who was in her eighties, told the employee that she had just received a phone call from her son who told her he was in financial trouble and the only way out of his mess was for her to buy $4000 dollars in gaming cards, called “Steam Cards”. After purchasing them she was directed to send them to her son’s lawyer’s office in the Lower Mainland. The female told the employee she had spoken with her son’s lawyer and then an RCMP officer who repeated the same story.

The Shoppers Drug Mart employee politely told her it was all a scam to which the female responded “she knew of the ITunes scam but this was real”. Over the next few minutes at least four different employees attempted to convince her but to no avail. Eventually the woman told them if they would not sell her the cards, she would purchase them at Walmart.

The Shoppers Drug Mart employees realized they needed to act fast so they reported the incident to the police, indicating the female would be driving to Walmart. The dispatch operator astutely called Walmart to alert them and sure enough, the female soon arrived and was again prevented from making the purchase.

The dispatch centre, and an officer with the Nanaimo RCMP followed up with the female her by phone and only then did she realize it was a scam.

“These types of scams tug at your heartstrings which is why they are so effective”, said Constable Gary O’Brien of the Nanaimo RCMP. To learn more about frauds and scams go to the Canadian Anti Fraud centre at http://www.antifraudcentre-centreantifraude.ca/index-eng.htm

Happy Pi day!

pi

In case you missed it, today is Pi Day! This day is celebrated around the world to commemorate Pi, or “π”, a symbol used to represent the ratio of the circumference of a circle to its diameter. This number is approximately 3.14, which is why it is celebrated on March 14.

Here are some funny factoids and a serious thought:

  • “Pi Day” is celebrated on March 14 (which was chosen because it resembles 3.14). The official celebration begins at 1:59 p.m., to make an appropriate 3.14159 when combined with the date.
  • Albert Einstein was born on Pi Day (3/14/1879) in Ulm Wurttemberg, Germany.
  • Comedian John Evans once quipped: “What do you get if you divide the circumference of a jack-o’-lantern by its diameter? Pumpkin π.”
  • There are no occurrences of the sequence 123456 in the first million digits of pi, but of the eight 12345s that do occur, three are followed by another 5. The sequence 012345 occurs twice and, in both cases, it is followed by another 5.
  • Thirty-nine decimal places of pi suffice for computing the circumference of a circle girding the known universe with an error no greater than the radius of a hydrogen atom.
  • William Shanks (1812-1882) worked for more than ten years, morning and afternoon, by hand to find the first 707 digits of pi. Unfortunately, he made a mistake after the 527th place and, consequently, the following digits were all wrong.

But seriously, in spite knowing the radius of a circle, it’s still impossible to get the exact value of its circumference. We can get close, but can’t get it exactly. The same applies to our information security posture and its biggest threats (human error, weak/shared passwords/phishing): it’s an up-hill, constant battle. We can get close, but there are no security controls that can guarantee 100% safety. To close the gap, we rely on you, our “human firewalls”, to be suspicious, follow procedures and always double-check unsolicited requests through independent channels.

Happy Pi day!

Well-done Shoppers Drug Mart!

sdm-logo.jpg

I went to Shoppers @ Country Club mall (Nanaimo, Canada) last night to buy an iTunes card for my daughter’s upcoming birthday. The cashier asked me if I was purchasing it as per a request from a Canada Revenue Agency (CRA) e-mail or phone call. New policy: well done!

I know we do similar checks at our Credit Union if someone asks to wire money to Nigeria or if we suspect abuse of the elderly. The point of this blog is to emphasize that we all have a responsibility and duty to protect ourselves, inform our family and friends, and of course, protect our company’s information systems, data and funds.

While security controls such as strong and unique passwords, up-to-date computers and software, are important, our behavior & attention, 6th sense & suspicions are paramount to our safety and those of others. Let’s not be the low-hanging fruit!

I wish everyone an incident-free, happy new year.

Tip-of-the-day #7: Should I let my browser save passwords?

91ee47cf14500814f04f92d14dbbe422

It depends:

  • Your work computer, secured and managed by professionals, using your own user session: YES.
  • If you have complete control of the computer (or have 100% trust in its owner), if the computer’s physical and digital security is up-to-date and if it’s not a shared user session: YES for most websites. However you may want to keep remembering critical passwords (such as online banking).
  • Any other scenario: NOPE