#1 Cybersecurity Expert: This Conversation Could Save You Thousands of Dollars - podcast episode cover

#1 Cybersecurity Expert: This Conversation Could Save You Thousands of Dollars

Feb 19, 20261 hr 19 minEp. 371
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Summary

Mel Robbins and "Cybersecurity Girl" Caitlin Sarian debunk myths around online safety, revealing the shocking scale of cybercrime and how common habits make individuals vulnerable. They share crucial tips like creating unique passwords, managing app permissions, understanding free Wi-Fi risks, and the importance of freezing credit and limiting personal data online. This episode empowers listeners with actionable strategies to safeguard themselves and their families from evolving digital threats, including voice cloning and Venmo scams.

Episode description

If you’ve ever clicked “Accept All Cookies,” ignored software updates, saved your passwords, or logged into free Wi-Fi, you have to hear this. 

The little “harmless” things you do online are exactly what scammers count on. 

In today’s conversation, Mel sits down with award-winning cybersecurity expert Caitlin Sarian (aka “Cybersecurity Girl”) to give you the short and simple checklist of things that protect your money, your identity, and your privacy online. 

You don’t need to understand cybersecurity. You just need to stop treating online habits like they’re harmless, because they can leave you open for a scam. 

This isn’t about being paranoid, it’s about realizing that a few tiny changes can shut down most online threats. 

This conversation will educate and inform you. 

In this episode, you’ll learn:

-The biggest cybersecurity mistake almost everyone makes (and how to fix it fast)

-The #1 Venmo scam happening right now, and exactly what to do if it happens to you

-What to do immediately if your phone is lost or stolen

-The 5 essential moves that protect you from most online threats

-The fastest way to spot scam links, fake emails, and panic-based phone calls

-How to protect your parents, your kids, and your entire family from getting scammed

-Simple settings to check tonight: camera, microphone, location, and account access

Bookmark this episode and share it with your partner, your parents, and your friends.

This is the kind of information that can prevent a mistake you can’t undo.

For more resources related to today’s episode, click here for the podcast episode page.  

If you liked the episode, check out this one next: The 7‑Day Habit Reset: Start Today, Feel Different By Next Week

Connect with Mel:  

 


Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Transcript

Welcome and Why Cybersecurity Matters

Hey, it's your friend Mel, and welcome to the Mel Robbins Podcast. Here's something I did that I'm not proud of, but I'm gonna tell you anyway. So yesterday I got this pop-up notification that said update Apple settings. And you know what I did? Click, ignore. Then I got another one from Zoom and you know what I didn't click ignore. You ever do that? I mean, why do I need to update all this stuff all the time?

Maybe you're a little bit like me in that way. You kind of accept all the cookies on every website. You share your location so Uber Eats can find you no matter when you're ordering. You grant camera access to apps so that you can use them, duh. Well, our guest today, a cybersecurity expert, told me that all these little things that I'm doing, and I know you do them too. They are making you and me an easy target for scammers. In fact, I bet you lock your door at night.

But here you and I are leaving the door wide open for hackers to just walk right into our accounts. Now, before I even get into this, I need to tell you something. I didn't think I needed to care about cybersecurity. I thought cybersecurity was something for like tech people or banks or corporations or governments. I didn't think it had anything to do with me and you. Then I met Caitlin Sarian, also known as Cybersecurity Girl, to the millions of people that follow her online.

And she told me that all these little things that you and I do, you know what we're doing? We are giving the keys to our accounts to hackers. They can get in in less than 30 seconds. And I thought, oh my gosh. This isn't just a tech person's problem. This is everyone's problem.

Caitlin has worked in cybersecurity consulting for over a decade. She's an award-winning cybersecurity expert. At EY, for example, she performed global cybersecurity awareness assessments across 20 key cybersectors. At TikTok, She was the global lead of cybersecurity advocacy. And now, well now Caitlin travels all over the world. She works with publicly traded companies, consulting on compliance related to data, our data.

and privacy laws. She's here to give you and me the step-by-step simple things that we need to do, that you need to do with your kids, that you need to do with your grandparents and your aging parents. She's gonna tell you the number one scam right now on Venmo. And if you don't hear about this, you're gonna fall for it. She's also going to tell you the five simple things that you can do as soon as you're done listening or watching this.

that will protect you from ninety five percent of the threats online. Caitlin says, everyone, that means you, that means me, is an easy target to be scammed online because we were never taught how to properly protect ourselves until today. På väg någonstans. En polarklämma håller humöret uppe. Hemma i vardagsrum. Hey, it's your friend Mel and welcome to the Mel Robbins Podcast. It is such an honor to be together and to spend this time with you. I am so glad you're here.

And if you're a new listener or you're here because someone shared this with you, I just wanted to take a moment and personally welcome you to the Mel Robbins Podcast family. Today you and I are going to learn to protect yourself online. From award winning cybersecurity expert Caitlin Sarin. Now Caitlin has been working in cybersecurity for a decade. At EY, she performed global cybersecurity awareness assessment across twenty key cybersectors.

She then went on to TikTok where she was the global lead of cybersecurity advocacy. And now she travels the world working with publicly traded companies, helping them with cybersecurity and compliance with privacy laws and data. And for the last three years, Caitlin has been on a mission. to make cybersecurity easy, not just to the big companies she's consulting with.

But to real people like you and me, she has been recognized with multiple awards, including Cybersecurity Woman of the World, Cybersecurity Educator of the Year, Top Cyber News Magazine 40 under 40 in 2024. You're gonna love her. She's brilliant, down to earth, and she is going to teach you and me the simple, fast changes that will protect you, your money, and your privacy. Please help me welcome Caitlin Sarion to the Mel Robins Podcast.

Thank you so much for having me. I'm honored to be here. This is one of these conversations that I am equal part. so excited for and I'm also feeling a little nervous because I know I'm going to learn that I'm doing a lot of things wrong.

So do you get that a lot with people? Yeah. But the thing is you're not supposed to know all this. Like we were never taught this. So you shouldn't feel like embarrassed or ashamed by it. Okay. We're gonna like empower you with the right things to do. Okay. I love that. And here's where I want to start. What? could change about my life. If I take everything to heart that you are about to teach us about cybersecurity, protecting ourselves, making smart decisions, especially online.

What could change about my life if I apply everything you're about to teach us? Yeah.

Understanding the Scale of Cyber Scams

So cyber scams are massive right now, and actually That economy is the third largest economy in the world. That's how much money they're making from these cyber scams. Wait a minute. The third largest. US, China, cybersecurity scams. What? Yeah. It's more than I think Germany and Japan's economy combined. So It's not a matter of if it happens to people, it's a matter of when.

And no one's talking about it. And a lot of times when people are getting scammed, they're ashamed of it. So the point of this podcast is to empower you and give you cybersecurity routines that you can do, simple, easy, actionable tips that you can take back. And start incorporating into your life so you feel safer and more protected online. Wow. Well, you've made cybersecurity relatable for millions of people who follow you online, who watch your content, in the ways that you consult.

What isn't the wake-up call that you want people to have in terms of what we're gonna talk about today? Yeah. So if you're listening to this on a phone, an iPad, or a computer, like this is for you. 'Cause what people don't realize is they don't think they need cyber. But anytime you go online, you need to understand like these cyber tips and like really protect yourself. Cause no one has taught us how to protect ourselves. We're given a phone before we can even speak.

And then all of a sudden we're expected to know what to do with it. But no one's ever taught us like the key things of like, hey, this is what's happening in the background. Here are some simple things you can do to protect yourself. So This is why it's so important for everyday people to be listening to this and to like learn. And again, it is not supposed to be scary. This is not scary. This is for everyone.

And it's just simple things that you can start incorporating and weaving into your life. So it's sort of like when you learn to drive a car, they teach you to put the seatbelt on. Exactly. They teach you to look right or left. They teach you where the brake is. And so you're gonna teach us how to

put the seatbelt on and be a little safer with our with our cyber life. Exactly. Brush your teeth and wash your face. I mean, those hygiene tips were always like really hard to learn when you're a kid, right? You think it takes extra time, like, oh, I wanna just go to bed. Like do I really have to? And those extra, you know, one or two minutes really saves you in the future. So it's it's literally the exact same thing as cyber. Ultimately, cybersecurity is a risk-based decision.

I'm gonna give you why they're collecting this data and what they do with it and how it can be used against you. And you can decide, hey, I don't think that's really a risk for me and my family. Or you can say, Hey, that is a risk. I'm gonna start trying to implement, you know, X, Y, Z. Well, what worries me is that we're at a point. Where the technology

And AI in particular. Yeah. It just feels like the scams are getting worse and worse and worse. You just said it's the third largest economy. Right. And so while these may have been things in the past that we felt like, eh, not that big of a deal. I'm starting to feel like maybe it's becoming a bigger deal. Yeah. It's it is becoming a bigger deal. Let's start with the basics. Yes. What exactly is

Your Ever-Expanding Digital Footprint

cyber security. To me, cybersecurity is protecting your digital footprint. And your digital footprint is pretty much every single thing you do online. So give me an example of what is part of your digital footprint that might surprise you that, oh, that's part of my digital footprint. Yeah. Any of the apps that you use.

the games that you play on your phone, the websites you go to, the uh accounts that you make online, like every single thing that you're doing builds a larger and larger digital footprint. Everything. Everything. So it's all being recorded in some way, shape, or form. All of it? Yeah. Even when I think it's not. Yeah. And then the incognito is actually not incognito. That is incognito for your browser. So People are like, Oh if I go on, you know, private mode, that's gonna help protect

No, that is private mode for you. So You go in incognito mode when you you might want to buy your husband a gift and your husband will go on your computer that you won't see that you went on that website. But that website is still able to see that you went on that website. Okay. So hold on a second. See, already I'm like, wait a minute. We'll go, we'll get into this. We'll get into this.

Uh so you were talking about incognito mode, meaning where you're like, Okay, I think I'm gonna be sneaky. Yeah. And I'm gonna put onto my browser, whatever browser you use, the incognito mode where I think if I go to a website Right. The website doesn't know that it's Mel Robbins there. But that's not what's happening. No. What's happening? What's happening is that your computer is not saving the cookies and tags and pixels that are

are automatically loaded. So cookies tags in pix pixels, you accept cookies pretty much every time you go on the I do. It's really annoying. And then I want well we're gonna get into that. Okay. But yeah. So it it actually just doesn't do it on your own computer, but they can technically still see who on the other side who's on.

Whoa. Yeah. Okay. I don't worry. I'm feeling like I've made a lot of mistakes. Okay. There's no such thing as mistakes. There's just lessons learned. Okay. And you have so many

Quick Cybersecurity Tips: Personal Info

Specific lessons and specific things that you want us to do starting now. And so I want to start with some quick fire questions. And so, as an expert in cybersecurity, you never hand out your real birthday. or name or phone number online. Why? Correct.

Before we even get into that, I wanna say one thing because I think we're gonna go through this list and people are gonna be like, oh my gosh, I do all this all these things. At the end of this podcast, I'm gonna give you the five things that are like absolutely essential. Okay. These ones are like a little bit more for like people that want more privacy like myself. So I don't want people to get worried like

You know, a couple questions in, like, oh my gosh, I I do this all the time. I'm gonna explain why. And I'm also gonna go through the pros and cons, right? So back to your question with like why I don't give like my real identity out online. My question back to you is why do they need it? Uh so they can ship me all the stuff I'm buying. Why do they need your name? Uh why do they need your phone number? Has I ever called you?

No. But it's required. If you have a Google Voice number, Google has allows you to like generate a a number that gets forwarded to your real number. Okay. So I kind of usually give that if I absolutely need to give a phone number. I don't ever give like my real information. Okay. And that's because There's constantly profiles being made about you. And the more information you have online, the more it's sold to more and more people.

My manager, for example, got a letter, like a handwritten letter in her her mail with a picture of her house saying We're in, we know exactly where you live. We've been tracking and monitoring you. What? We will take don't worry, we'll be nice, we'll take it out if you pay us this much money in crypto. That's because her address was online. These scams are getting more and more intense and so

If I don't have to give like my real information, especially to like places that aren't shipping to you, right? If you're just like signing up for an account, like why? Why have we thought we need to be so truthful about who we are online? So I always tell people make up an like alternate persona, different name, different date of birth, you know.

Technically not a different address unless it's in, you know, shipping to you like Amazon and you obviously have to give your right address. But like if it's for a movie theater, why do they need to know your address? It's so true. I I hadn't even thought about this. And I guess it's because I have such a hard time keeping track of the actual information. Right. But if you have a alias

So you have a name that you use whenever you sign up for a newsletter. You have a phone number and you just mentioned that you could get a free Google phone number. It can be forwarded your phone or not. Yeah. And that's the one that you use. You have a different email address that is only for signups. Yep. And now you are limiting the information that's out there. And it didn't even occur to me that you could ship packages.

To your address to a different name. Yeah. It's your house. Doesn't matter who's addressed to it. Wow. Okay. Um Uh, you never create online accounts that you don't need. Why? Well, again, more information out there. Like again, every single website wants you to create an account because that's the marketing world that we live in, right? It's way better for them.

And we don't need to create an account. It's like again, movie everything, movie theaters, re reservations. We went to a spa here and they're like, please create an account. And I was like, give my I told my boyfriend, give me your give me your phone. I'm gonna create an account. And it's like again a random email. Um there are also sites out there where you can generate real working phone numbers and emails and it will just all go to the one app.

versus like, you know, going actually into your inbox. Well, I'll tell you, I've changed my cell phone number probably three times in the last four years because it's ended up online. Yeah. And I have changed my email I don't know how many times. And because of that reason that people find it, I end up on email lists. It's just unbelievable. You know, as a cybersecurity expert, you also never post vacation photos while you're still away. Why? Yeah.

So besides like the actual physical threat, right? Like everyone's like, Oh, you know, people know that you're away from your house or gonna, you know, burglarize, which is Still accurate. Scammers now are getting even more specific on what they can do. So there's a lot of um, it's called open source intelligence. It's anything you do online.

is really easy to find if you're if you're public, right? Okay. And so for open source intelligence, if they see you and they say, Oh, you're at a Marriott Hotel in the Bahamas, okay, I'm gonna call the Marriott Hotel, pretend I'm you. And try to get more information, maybe get your credit card, do do whatever, just cause like a mess. So there's a lot of social engineering from that perspective. And also scammers have gotten really, really smart with.

Timing when they do scam calls. So say for example, someone wanted to call my parents and say they're me, right? This scares the hell out of me. Yeah. And they wait until I'm on a flight. So if my parents get a call from me, they can't actually get a hold of me because my phone is off. And that's actually like a real life thing. I've talked to many, many people in the cyber industry saying that that has like ramped up. So there's a lot of weird risks that you don't realize that come with it.

So whenever I go anywhere, I post after, at least a week after, and I don't actually post the exact location. I'm not gonna post the exact hotel. I'm not gonna post the flight I was on, but I am gonna post like, hey, I went to the Bahamas. Wherever that may be. Usually just tag the city. I don't have to tag exactly where I stayed. I don't have to tag exactly where I went.

Um, and it's fine. You're still there. I mean, what's the difference? The people that know that you're in the Bahamas at the at that time know that you're there. And the other people that don't need to know. Find out a week later or two weeks later. I mean, it makes perfect sense. As a cybersecurity expert, you also warn people about free Wi Fi. Why?

The Dangers of Free Wi-Fi

Yes. So the free Wi Fi is not free. I always say if there's any free product or app, you are the product. Okay. Say that again. If there's any free product or app, you are the product. They are using your data and selling it in some way, shape, or form or selling you ads. Like you are literally the product of anything that's free. Okay. So that's one thing.

Free Wi-Fi, especially there's different types of free Wi-Fi, right? There's like free Wi-Fi in you know airports where you know you have to connect to the free Starbucks Wi-Fi, or there's free Wi-Fi in airplanes. So we're gonna go through a few different ones. Okay, please, because now I'm

let you kind of visualize how Wi-Fi works, right? Okay. You're connected and let's say you go on Facebook and you send a message to your friend. That message is literally like flying through cyberspace. Just imagine your own little tunnel. It's flying through the tunnel to your friend, right?

The issue is when you're on open free wi-fi, it's usually unencrypted, which means that anyone can go in and out of that tunnel and see what you're doing if they want to, if they know how to. Okay. So So hold on. Let me just make sure I'm tracking. Yeah. So if you're sitting at a airport and you've logged on to the free Wi-Fi. Right. Okay. And I'm Texting my husband, who's back at her house.

And I'm texting him something related to a bill that came in and banking information and hey, I forgot my credit card. Could you send me a photo of the back of the card kind of thing? You're saying. That since it's not encrypted, it's just floating through the Wi Fi. Right. If there's somebody that's really smart and knows how to get into those pipes, they can see the stuff. Yes. So So every time you do any data, like you do anything online.

Well, the good thing is you're not an idiot. You're not an idiot. The good thing is most of the US websites now are secure. So if you go to the website, the URL, the you know, www.whatever, it says HTTP-s. Yes. The S stands for secure. Oh well hold on. So if it's only H T T P Not secure. What? The S means it's secure. S means it's secure, but why do I not know this? A lot of people don't know this. It's like a normal thing. Like people don't know this. No one taught us this.

You're here, Caitlin. Thank God you're here. Okay. So H T T P S. I'm looking for the S. Did you get that? Look for the S. If you're if you're watching this on YouTube right now, I want you to look up at the at the bird I'm not BSing you. And see if there's an S. Yeah. So if there's an S and most I would say a a majority of in the US, it's pretty secure. Like almost every single website is HTTPS. Okay. But it gets a little fishy is when you go overseas and you start connecting to random Wi Fi

You know, when we're overseas, we just don't wanna use our data. It's expensive and people wanna collect the Wi Fi. And that's where I feel like a lot of people get in a pickle. So what do you do instead? What do you do like what what would be the thing that you should do if you're in a situation where

You're on Wi-Fi. Yeah. And it's not encrypted, but you need to send something. So first I would if you really if you need to be on Wi-Fi, I would just like connect to public Wi-Fi, but I wouldn't do anything like that secure. Like no banking or like really intense stuff.

Like scrolling Facebook, n TikTok, whatever, social media, fine. Getting a map down so you can figure out where you're going. Totally fine. Music, whatever. But if you're starting to do banking, that's where it gets fishy. So what I would do before connecting to public wife, I would probably probably try to tether my phone. Instead and use my phone data. Okay. That's way more secure, completely different. Okay.

Um, if you have to use Wi-Fi, I would get a a VPN, which is a virtual private network, literally as it sounds. It makes your network private. It gives you your own little freeway separate from the public. Wi Fi. So is a VPN the same thing as when you go to your cell phone provider and you get a little like uh block that's like uh No, that's a hotspot. Okay, see, I don't know what I'm talking about. So a hotspot does provide Wi Fi and you can use that too. But it's not necessarily secure?

I don't know if there's a I don't think there's a VPN built in. No. Okay. No. All right. So let me ask you this, those, because we were talking about airplanes. Yeah. What about on an airplane? Should I not be using Wi Fi on a plane? Like what's happening? I want everyone to realize anytime you log into anyone's Wi-Fi, you are on their network.

It's like on borrowed time, right? Like you are doing things on their network. So whether you're doing things on the free Starbucks Wi-Fi or the airplane Wi-Fi, you are still on, like, say for example, if you fly American, you are on American's Wi-Fi and they could technically have your data.

If unless you do a VPN. Okay. Which is why a lot of like companies when you travel, they're like, you have to use an R VPN in order to make sure that it's safe. Um, but When you're But the question that I have about plane Wi Fi, and I don't know why I'm asking this about planes, but for some reason I feel like you're in a seat, the laptop's open, is there some c you know Do you have a privacy screen?

No. Okay. No, we'll go through that. Okay. Well well so so that so you know, you're like, is there a hacker sitting near me somewhere that's no okay, that's not happening. No. Okay, good. Thank you. Thank you. You're good. I my The point of this is not to ever scare you. It's just to teach you what people can do. Is it going to happen like that frequently? This stuff, not often.

Password Security and Storage Best Practices

One other thing as a cybersecurity expert that you never do is you never save your logins in your notes or in your browser. Why? Well, so for iPhone specifically in your notes, it gets up updated to iCloud, right? And if your iCloud gets hacked, which a lot of people have like hacked accounts, especially iClouds, if you're reusing your password.

That means they have your passwords to every single thing. However, if you have a uh password for your notes, like there's a new way now you can lock down your notes on your actual phone. Oh. You can, yeah, you can set a password or you can use your face ID.

And it will it will double lock it. So I would definitely do that. Okay. I'm making a note right now that I just wanted to pass my notes. Again, see these little things, like once you turn that on, you don't have to worry about it. Right. Like it's like little things where you're like, okay.

I don't want people to have access to it, but I also want it easily accessible. I personally use a password manager. It like creates a password manager. So there's like softwares that like help you create and store like mean like LastPass? Yeah. Yeah. LastPass. uh one password, keeper security. There, and then even iPhone has a password manager on the new phone.

Oh yeah for free. But that one's safe. That one that that one is safe. As a cyber professional, I try to not have all my eggs in one basket. And since I use iPhone all the time, I'm like, well, if they get into my iPhone somehow, I don't want them to also have my passwords. But It's still a secure. I'd rather have it.

No. I think you can set a sep separate Okay. So that's how you would protect yourself. Yeah. Okay. Got it. I think it's a biometric thing on your phone. And unless they like obviously if they steal your phone or they get into you, they aren't gonna have your biometric. Why not use your browser? Well, tell me about the danger of this because I'm so lazy.

And you're probably gonna kill me because I've literally not only I feel like I'm about to get cyber attacked because I'm confessing all this stuff right now. This is what most people what most people do. This well well I I'm even thinking about the fact that every time I buy something like you wanna save your credit? Yep, because I wanna make it easy for people to steal from me. Like I I

I'm thinking now about how this is all saved. Yeah. So the only issue with browsers is there's two things. One is it depends on your browser, right? If you have Google and you use Google Chrome. And you're saving it on your browser. And if anyone ab is able to access your Google Chrome on another computer because you reused your password, they might be able to get your password from that.

Okay. But most of the time browsers is actually stored locally. So the only time there really is could be a real issue is if they actually physically steal your computer, which is not necessarily likely. Okay. So the browsers aren't as bad, in my opinion, as like an unlocked note app. As a cybersecurity expert, you say never use your mom's maiden name for security questions. Yeah. Why?

You'd be so surprised at how much data is out there on us. It is very easy now to find your like parents' full name and parents' address, your your kids, your Front like you can see and if you Google me or if you used to Google me, you'd be able to see like my brother, my sister, my my grandparents, where each of them lived, even IP addresses. So it's it's all public knowledge. Again, OSINT is open source intelligence.

And a lot of times people are like, Oh, I'm gonna get hacked. And it's it's not a complicated hacker. It's literally someone that's like doing their research on you. and finding out the answers to your security questions. So think about all the security questions, right? Like your high school that can easily be found out. Like your m mother's maiden name also easily found out.

And it just the more information that you put out there online, the more information you're giving these people that it's easy for them to hack. And I wanna give you a little story. So there is a company that I have been like partnering with. And they really specialize in O OSIN, which is open source intelligence. And

They have been able to generate emails and try to find like basically everything about you within 20 seconds using AI. They like scrape all of anything open, which is if you've ever created a wedding registry, all of your social media posts, anything that you've ever said online. And they've been able to piece together who people are in like 30 seconds from that. They even found the name of someone's dog because on their wedded wedding registry they had.

a dog bow and it said like for Archie and it was like their d dog's name is Archie. AI is so crazy and it's so easy to be able to pull information out from anything that's open. So again, Facebook posts, social media posts, TikTok. blogs, news articles, wedding registries, anything that you've ever like sent to someone that's about you that they can read that's not like locked down.

Can all be scanned in a matter of seconds. And so I don't need to give my mom's maid a name as a security question because It's pretty easily accessible at this point. What like do you just pick a different one? That's a little bit more separate persona. Okay. Like again, my persona has like the same it I create a persona and I have like the same four or five security questions and I have like a whole like monologue in my head about like who this person is.

Wow, I need to do this. And it's not it seems a little difficult, but it's actually like it gets fun. It's like a fun game you can play. Like I can be a completely different person online. So you as a cybersecurity expert, you always

Software Updates and Physical Protections

Do the automatic software updates. Why? Yes, without a doubt. The way that software updates work is usually the software has a hole in it, like a flaw, a vulnerability. Okay. That hackers have been able to find. And the reason why a lot of software updates happen is to patch that hole. Say like, hey, we just found out that someone got in doing this. So we're gonna patch that and so they can't do that anymore. Really? I thought that they were updates because the software's getting better.

It could be both. But you can now find out what the software update's about. So I just when they say fix bugs, they mean holes at hackers. That's exactly what it is. I'll be damned. And most of'em I was I don't know, I don't have the statistic, but I would I honestly think that like ninety percent of software updates are to to fix some type of bug or vulnerability.

Hackers are getting so much better and like you're only as strong as your weakest link. There are always so many holes when you're building softwares. And so it's just better to, I mean, what's the what's the harm in having an auto update? It's again another thing takes two seconds. Every time you download an app, just have it on auto update.

Not not a big deal. Once you have that on, then you're good to go. I'm the weakest link. That's what I'm realizing. Everyone everyone is the weakest link. People are the problem, but they're also the solution. Okay. And you're I I know we're gonna get to the solution. As you're listening, if you're not panicking as much as I am, don't worry. I'm panicking for both of us because I've made every

Single mistake. It's true. And I'm all alive right now, so that's good. And now we learn from it. That's true. And I consider myself to be somebody who is Pretty savvy around tech, but I am not savvy around cyber c security is what I'm understanding. Here's one that I found fascinating. As a cybersecurity expert, you never plug your phone into a random charger. Yes. So there's this thing called juice jacking.

So if you have like you know the USB plugs at the hotel where you can plug it in to charge your phone. Yeah, of course. And every time you say trust this device, right? Because you're like, I need it to charge my phone. Yes. When you trust it, it can do multiple things. It's not just charging. You can like send and receive things from that port.

And so a lot of times in cyber warfare and cyber espionage, like spies would literally m manipulate that in certain areas to get information out of your phone and plug. So as a spy, they never plug that in. To be fair, two second fix. You don't have to plug it in the USB. Just plug it into a wall. That can't happen in a wall.

But USB, there's a way to actually like manipulate it where you can download and receive files from and off uh phones or even install like bugs onto your phone so they can start seeing. Is it likely gonna happen to people? No. But as a cyber professional, I don't it's not that hard for me to plug it into a wall versus plug it into a USB. You also refuse to think.

Dispelling Hacker Indifference Myths

Oh, hackers aren't interested in me. That is like everyone's gonna be biggest downfall because it doesn't matter who you are, they just want money. Like if you are an easy target, you're an easy target. And Everyone is gonna be an easy target because we were never taught how to protect ourselves. So we're reusing the same passwords and they're gonna be very easy passwords. And it's not that hard for hackers to like

Find one account and then get into another. It's it's very easy. And so again, if you're an easy target, they're gonna go after you because they want money. My jaw is already on the floor and I certainly didn't know a lot of what you've already shared, Caitlin, and there's so much more that we're gonna get into. And as you're listening and watching this, I'm guessing you probably didn't know a lot of this either. Do me a favor, do not keep this information to yourself.

Please share this episode with the people you love who you also want to protect. I'm talking your partner, your parents, your kids, your coworkers. This conversation might be just the thing. That protects them from making a mistake they can't undo. And don't go anywhere. After a short break and a few words from our amazing sponsors, Caitlin has so much more to teach you about how to protect yourself online. And I promise you, you do not want to miss it.

The number one scam on Venmo. Because you and I will fall for this if you don't know about it, so stay with us. Lika tre. För livet. IKE presenterar Ljud av förändring. Nu är min turision. Men slut! Jag har inte det tänkt på! speed up. Skången går från vänner till rivalen. Tack till elever och personer som hjälpte med videon! Welcome back. It's your buddy Mel Robbins. You and I are learning how to protect yourself online, how to stay safe from award-winning cybersecurity expert, Caitlin Sarjan.

Identifying Scams: Passwords and Calls

So Caitlin, what's the number one way that people are getting hacked right now? There's two ways, right? There's reusing passwords so they're getting into their accounts that way because what people don't realize is They have a lot a strong base password, I like to call it. So for example, let's just say your base password is let them. It's not, by the way. So anyone trying to tell you I'm not that dumb.

So you say it's let them and or let them theory. And then your next password, you're like, oh, I have to update this password again. Let them won. Let them one, two, three. Let them one exclamation point. A lot of people use that same base password, and they've had that same base password for God knows how many years.

And what hackers can do is in seconds, they can run ten an algorithm that runs ten thousand variations of that base password that was leaked and in the public. Oh my God. And get into your account. And then once they're in their your accounts, they'll use it to scam other people or use it to scam you. And so there's there's a lot of issues with reuse passwords. The main other issue that I see is like actual scams, like call scams or phishing scams on emails. So

We're gonna go through a lot of them, but one of the call scams that I've heard a lot is the FBI or like some police agency calling. And again, it's not them, but it's Really, really obvious. They know a lot of information about you. Cause again, your information is out there for the public. It's you can buy your information for pennies. Like you can probably buy social security number for like$2.

So it's not that difficult to find. And people get calls and they're mortified. And the way that these calls work, scammers literally know exactly like the psychology behind getting you to react.

What is the scam? They they call and they say, Oh my gosh, you missed either like a hearing a court hearing or you got a ticket and you never paid or you missed jury duty. Oh. You have to pay us or we're gonna come and arrest you. Like what? Yeah. It's a whole thing. And they know exactly where you live. They're like

We know that your, you know, parents address is here. You're you're here. You've lived at this address for how many years? Like they go through the whole thing and people are mortified. They're gonna get arrested and they're like, we need you to go send crypto. First of all, if anyone needs you to send crypto, let's just be Red flag. But again, you're in the situation like that. No, if somebody's asking you to send or wire crypto, it's a scam. It's a scam.

But like you're when you're in this situation, you it really feels real. Like they're calling your personal phone. They know exactly who you are. They know who you're like married to. They know ex they know everything. And so these scammers are so, so good at just getting you to react. And so a lot of it is like phone calls or even like just regular phishing scams that we've seen, but they've gotten so much more enhance. Wow. How do you know if you've been hacked?

Detecting Hacks and Voicemail Security

So this is I mean it just depends on like what like if you're talking about your phone or your computer Let's go through each one. How do you know if your phone's been hacked? How do you know if your bank account's been hacked? How do you know like how do you know if your Amazon account's been hacked?

So a lot of times with pretty much any account, you can see who's logged in. Like if you go on WhatsApp, you can see like the last session that it was really and where it's yeah, even on your phone right now. If you pull out your phone, you can see who's logged into your i like iPhone and where where they're located. Okay, I gotta go do that. It's not yeah, it does not that hard to do but I always kind of look every couple like months, I'm like, who has been logged in?

um on my account or like on my WhatsApp or on my iPhone or on my Gmail, you can see like you can go to your Gmail account history, you can go to like my activity and you can see all of the logged in sessions and where they're located.

And you can do that with Instagram and you can do that with social media. For me, that's the easiest way to tell if someone's in there because there's like a history of who is there and where they're logged in from. And what about like banking? Like I've heard like if you get a Weird like hit on your account for like a dollar or two dollars. That's somebody now penetrating a charge before.

They're gonna hit you big. It's harder to do banking because there's so many banking frauds out there. Like, I don't want to tell you to do one thing when like You know, they do another thing. So for example, I don't want to say, hey, you're never going to get a text from the bank because a lot of people get text messages. So if you're getting a weird message that you didn't anticipate, every single time I've ever gotten that, which it hasn't happened a lot, it's happened once.

I immediately call my bank. I like go to my bank card, look at the back on the phone number. And get the phone number for my bank. And I call them immediately and say, Hey, I don't know what's going on. I just want to make sure because even the the fake text messages, right? Right. That you then click through into something look real. They look real. So anytime, first of all, this is a separate thing. I never answer phone calls from people I don't know.

And I my voicemail has does not have my name. It does not have a greeting. Cause if people are calling me, they know it's me. Hackers use that same thing and they say, one, okay, we're we're confirming that that's her number now. Oh. And two, they're getting your voice to potentially use for voice scams. Or getting your voice to potentially use to authenticate you into banks. So they can record your greeting saying yes or no. Right. A lot of times if you answer the phone and you're like,

They say, hey, is this Kaitlin? And I say yes. That yes can be used to authenticate into a banking phone. So these sound scary again, but if you don't answer the phone for people that you don't know, and if you don't like have a voicemail, you're avoiding it. It's so true. You know, there's so many of us, I'll I'll speak for myself and I'm sure as you're listening or you're watching this on YouTube right now, that you're doing nothing to protect yourself online. Like you think you are. Right.

Family Protection and Venmo Scams

But as I'm listening to this. I'm just thinking of The huge digital footprint of all the information and the fact that they can then probably spider it. to my son's information and my daughter's information and my husband's information and my parents information and just like one giant family tree, it's now one giant digital footprint. You know, what do you say to someone like me and the person who's listening right now who feels so overwhelmed by the idea of

needing to protect themselves online. I would just say, like again, if you start implementing these simple routines, you'll feel so much more empowered. Okay. In the future. Like it seems very difficult, but like I said, okay. So don't answer the phone and don't have a voicemail. That's that solves your problem right there. Done. Chuck that out. Do that for the w the one thing for the week and then you're move next week you can do something else. But

It's just simple little things that you now know that you're empowered with, like that information, to go out and do it for yourself. Or if you want to keep your voicemail, that's totally fine. Is it likely that like a hacker's really gonna use your name? I don't know, but I'm just trying to tell you what it is and tell you how you can protect yourself. I hear a lot about voice cloning scams. And as a family, we have a password, which I am not gonna say what it is, for.

The inevitable moment when there is a voice cloning scam that happens so that you can say, What's the password? Yeah. If you feel like something's weird and we have this weird random word. Yeah. That's how you know if it's family member who's talking. Right. So we call it a safe word because we you can call a password too. A safe word. I like safe word better. So we call it a safe word. So what happens is these scammers are getting so elaborate and they're literally using our voice from public.

Podcast episodes, TV shows, whatever. Or your social media can be. Yeah, social media. It's not that hard to stitch together a few words and try to Scam your loved ones and they pretend to be you and say, Oh my gosh, I'm stranded on the side of a road. Can you please Venmo me a certain amount of money? I just need it to like I left my wallet. I can you just send it to me? And the only way they can tell

Like your family member can tell it's you is if you use that safe word, right? So let's just say your safe word is green bananas. If my mom gets on a phone with someone that says they're me, she's gonna be like, Okay, if this is really Caitlin, can you please tell me your family safe word?

And if I say green banana, she knows it's like this is a big threat. Yes. And so I would rather it's again, two seconds. The only way you can really tell with these is to have a family safe word or it doesn't have to just be family, but like a loved one safe word. Wow. Yeah. Um I know so many people are falling for Venmo scams. Yes. And can you explain what they are, why these are so dangerous and how you can protect yourself? Yes. So what happens is that scammers literally send you money.

Send you money? Yeah, send you money on Venmo, but they're from stolen cards. So they send you money and they say, oh my gosh, I'm so sorry. I sent it to the wrong person. Can you please send the money back? And you're like, okay, well I just Well, I mean, that sounds reasonable. Right. Exactly. So y all of a sudden you get a Venmo transfer from some.

Oh wow, okay. And they're like, Whoa, who's this? I don't know this person. Then all of a sudden you get a message like oh my God. Yeah. I sent it to the wrong person. Can you please please please send it back? Oh my God. Yeah. This is a scam? This is a scam and it's working like And so what happens? So then people send it back because they feel bad.

And then what happens is because it's a stolen card, those charges get reversed. But you don't get reversed because you willingly sent them the money. So you're stuck paying these scammers the two hundred dollars because the the stolen credit card gets reversed. So you actually didn't get the money. Wow. Yeah. So they're advancing you money from a card that's about to get re that's about to get declined. Yeah.

And now you're out the two hundred. That's incredible. Yeah. Wow. I'm sorry. I'm just sitting here like, holy cow. Um is Zell? More secure than Venmo since it's embedded in a lot of banks? I try to avoid Venmo and Zell at all costs unless

I have to. And then I always try to use a credit card wherever possible. Credit card over debit card because debit card's hard it's the same as like Venmo, right? It's like money in, money out. Credit card, they can actually they're better about reversing charges.

Responding to Data Breaches and Identity Theft

Okay. Now I have a question. Yeah. So you know how you hear on the news all the time, Oh, there was a huge cyber breach at this store, that store, the other store, this one, and all this customer data. I hear that, I think, oh, I shop there and then I do nothing. Yeah. What should I do if I hear that there's been a big data breach, credit card information? At a massive retailer. It seems to be happening every other day now. Yeah. What do you do as a customer? The first thing I would do is.

update your password immediately. And if it's a really key account, I would turn on multi-factor authentication, which means that you are signing in not just with a password, but like a code that's sent to your phone or your email. Or your authenticator app. I'd prefer authenticated app, but we'll get back to that. Okay. Then if it's like an experience or type of like, you know, any type of financial

bank situation, they are going to be sending you something in the mail to teach you what to do. And they also offer free credit monitoring for you. Sign up for that. It's free. Why not? The the main thing I tell people, freeze your credit. Because the issue with those like breaches is identity theft. That's what most people are concerned about is oh my gosh, I'm gonna have identity theft if my social security number and my name and all my information's out there.

But they can't c commit identity theft if they can't open any accounts in your name. And they won't be able to open accounts in your name if you freeze your credit. So hold on a second. Yeah. So if you don't need to take out a loan and if you don't need to uh open a credit card open a new credit card.

Then you don't need open credit. You can freeze it? Yeah. And it's very easy. It takes like And it's saying credit card companies don't ding you if you do that? No, no. Really? No. Oh I didn't know that was a thing. Takes maybe five to ten minutes for each bureau. Call them or email them. You can freeze your credit and then you just open it when you need it. And I tell people to do that with their grandparents or parents all the time. It's a great idea.

It's using your parents' information to to create accounts until it's too late. Let's talk about seniors because there's so many listeners that have elderly parents or concerned about their grandparents. And we recently had a very scary issue with scamming related to my mother-in-law and they almost got in. Almost. Yeah. And she would have been all of it gone. All of her savings gone. All of her retirement gone. Everything. Um

How can the person listening help protect their parents from online scams? Yeah. So I would first start with freezing their credit. And I would also start again a similar communicating, right? Like there are these scams out there. Like I go to my grandma and I say, Grandma, these are the recent most recent scams, right? Like, Someone's calling and pretending they're the police are gonna try to call you. Someone's calling and pretending to be XYZ. If they ever ask you to send money.

immediately hang up. And even if they think if you think, oh, this could be true I want you to hang up and call this fraud helpline number. So there's actually a fraud helpline number that can walk you through like you could technically have two phones if you want to. And you can be on the phone with the fraud helpline number and they can walk you through what you need to do. But I think we should go

to their house and sit on their laptop and their computer and do the settings that you've talked about. Multi factor authentication, make sure their passwords are updated, like m specifically bank. um, you know, four oh one K, all their like retirement savings, all that, like make sure that is a very strong and unique password. And then turn on multi factor authentication. And if you're a caretaker taker for maybe have it go to your phone. Don't have it go to her phone.

'Cause if you're getting a an a a authentication code, you can call your mom and say, Why are you trying to get into your bank? Uh-huh. Great. I know um

Non-Negotiable Child Online Safety Settings

That there's a person listening or watching right now who is thinking, I gotta protect my kids. So, what are the non-negotiable settings? Every single parent, every grandparent, everyone who if you're listening right now and you have friends who have kids. Send this episode to them.

What are the non-negotiabs that every parent needs to check on their phone and their child's phone tonight? Yes. So for your child's phone, I would make sure that you're on the child, a child account like Instagram, YouTube, they all had children's accounts, right? So if you're under a certain they do? Yeah. Okay. If you're under a certain age, you can turn on that child's account.

You can also block messages. I would immediately block messages. Okay. So block messages. Yeah. If you're on a child's account, it doesn't, I don't think you can get messages from most of the accounts. Okay. But the to me, the thing is open communication and it sounds really, really lame.

But if your child knows, like, hey, there are a lot of scammers out there and like don't worry. But if something feels off, just come to me and talk to me because this happens to so many people. Like, They're not going to come to you if you make this seem dark and scary and that they think they did something bad, but they will come to you if you have an open line of communication saying,

I'm like wanna protect you. I want you to have fun online, but I also want you to know that these things are happening. So when you are the parent and you're checking the phone and you're looking at the apps, what are we turning off on the apps? Yeah. Make sure their apps are locked down on private mode. Like no kid should have an open Instagram account.

You should only be adding your friends and friends that you have actually physically met in person and that you go to school with or you met at a party or whatever it is. Um, then I would make sure that you can't message. Um, there's a lot of issues with like Roblox and like kids gaming too, that like people are messaging that are like adults that are like grooming children.

And so I would just make sure that you're you can't message, you turn on private uh private mode and you turn on kids settings. I personally wouldn't allow kids to have like Snapchat. Because they think that message disappears. Nothing disappears on the internet. Nothing goes away. Even if it disappears, it doesn't go away. And people can screenshot it. Don't ever send anything that you wouldn't want like me as your parent to see or your grandparents or whoever else.

Sextortion, Online Grooming, and Resources

I had a friend who is really into cyber, obviously, and her nephew was like going to the Olympics, like world class athlete in high school, like went to the junior Olympics.

Met someone online that, you know, a cute girl that added him on social media. She said that she went to a town across. She like had mutual friends because she had added his other friends. So he she thought it was mutual. And they just started talking. They never had a call with each other, but They were talking for like three or four months and she sent him a photo of herself. And he then shared a photo because they thought she he really thought he was was with her.

And it's sex torture scams are on the rise and s and it's really, really rampant in and teenage boys or younger. And they specifically target boys because they know that they're a little bit more willy-nilly when it comes to private photos. But there's two reasons why they do that, right? The first is

They want money. So they were basically extorting him for money, saying, I'm gonna leak all these photos of you and you're never gonna have a career and or be an Olympian because I have all these private photos of you. And I want money. Or they say, continue to give me more photos because those photos will then be used for another scam. After a little bit of time, he shared it with. his um aunt who is in cyber and was able to fix it. But there is a really good resource out of the colour.

She knew a lot of people in the FBI. But there is an FBI research that is free for everyone. So it's called the Internet Crimes Complaint Center. So iC3.gov. IC3, the number three.gov. And it is help like it can help anyone. Um, for any internet crime. I just love how clear and practical you are, Caitlin. And I'm willing to admit publicly that I'm making a lot of mistakes here, but I'm also starting to feel very empowered that I can fix this.

And I have so many more questions about how you can protect yourself online, but let's take a short break so we can hear a word from our amazing sponsors. And I also want to give you a chance. to share this extraordinary information from Caitlin with the people that you care about.

We haven't even covered the five things that she wants you to do as soon as you're done listening or watching this episode. That's coming up a little bit later. We have so many more things to learn from her and to dig into. So don't go anywhere. We'll be right back. Det är ett största klipp. Tryghansa barnförsäkring i Sveriges populära. Trygghet för IKEA presenterar ljud av förändring. Det är slut! Jag har inte det enklare! Gå från vänner till rival.

Welcome back. It's your buddy Mel Robbins. First of all, thank you for being here and listening to this and sharing this with the people that you care about. I hope that you're feeling what I'm feeling, which is A little bit like, oh my gosh, I got work to do. I'm taking notes. There's things I'm going to do as soon as we're done with this conversation to protect myself. I hope you're going to do it too. Thank you for sharing this information with the people that you care about.

And let's jump right back in because I've got so many more questions, Caitlin. What is the first?

Actions for a Lost or Stolen Phone

thing you should do the moment your phone is lost or stolen. So I would actually preface that you should do this before you lose your phone. Okay, what am I doing? So I would turn off the ability to turn on airplane mode when you swipe down. Wait, what?

So you know how you can turn on airplane mode and there's like an you can easily do it if you like swipe down. Yeah, you swipe down and chase airplane. Okay. Because the first thing that um like robbers do is they immediately put on airplane mode so you can't track the phone. But if they can't do that because your phone's locked, then the only way they can do anything is to just turn it off. And they're gonna have to eventually turn it back on.

So I don't have the airplane mode so easily available. On my phone. Where do you go to do that? You can um if you like scroll down to the control center, you hold it down and it that like starts moving, similar to like when you move apps. Oh yeah. You can do the same thing on your control center. You can? Yeah.

And then you just delete it? Yeah. And th that way you have to go and manually do it. Then you just go to settings like w next time you're on a plane, you just go to settings airplane mode and turn it on. I can do this. Yeah. And I'm going to do this. I personally feel that this is an issue whether Somebody has lost their phone, whether somebody has had their phone stolen, whether like they left it somewhere, and just feeling like you've got.

All of this information on your phone. Yeah. You probably have one, two, three, four, five as your unlock screen. I hope they don't, but most likely. You know that's still like one of the most popular passwords outs outside of password is one, two, three, four, five. Password? Password is the number one most popular password that is still used to this day. Password? Yeah. Yeah. Password. I wish I was joking, but I'm not.

Wearable Technology and Data Privacy

Wow. So it makes you feel a little better, right? Slightly. Um what do you as a s cybersecurity expert, what do you think about wearable technology? So this is definitely like Everything is a risk, right? Online. Everything that you do is a risk. And you have to choose whether you want that risk or not. And I'm gonna give you a little bit of an example of how AI is working out right now with all the data. So

We have a ton of data on everyone, right? And by we I mean like the government, any of the apps that you use. Like I used to use a wearable ring that was tracking, you know, my fertility, my sleep patterns, my stress levels. But can you imagine plugging all that into an AI and how much that would actually know about me? I personally don't feel comfortable. giving that information to other people.

However, my boyfriend swears by his ring and he doesn't care. So again, this is a risk-based approach. Every company has a privacy policy legally, and that privacy policy states what data they're collecting from you, who they're sharing it with, what they're using it for, and why they're collecting it. So what I usually do is I take that privacy policy, I actually throw it into Chat GBT or Gemini or Perplexity or whatever. And I say, hey

Can you please tell me like the high level issues that like might come about? Like what are they collecting? It's a very legal policy. So it's hard to read. It's like made by lawyers. It's and it's meant honestly to confuse you. It is meant to confuse you. They don't want you to know all the stuff that they're doing with your data.

So I just throw it in and then I'm like, okay, they're only collecting this, this, and this. I feel more comfortable. But with wearables, they're really collecting a lot about you as a human being. And sometimes I just don't want that. So if I take a privacy statement, yes, which I think I'm probably like ninety nine point nine percent of people, it's like accept all, okay, move on. Did me do the thing I was here for. Right.

And I were to throw it into Microsoft Copilot. Right. And that's the platform I trust. And It gives me a summary of what this is, what I'm giving permission for this company to do. What are the things I'm looking for? Because I would imagine there's there's language as a former

lawyer. I know. There's language that's like blah, blah, blah, third party, blah, blah, blah. And then it's just sort of buried in there. What are you looking for that is a red flag as a cybersecurity expert? Yeah. So I'm looking at the types of data. that they're collecting. So if they're taking like biometric data or they're taking Like really specific if it's just like a name and an email, go.

You know? But if they're taking it Well, because it's fake, the one that you gave'em,'cause you're no dummy like I am. Okay. You're like, you can have my alley, just go for it. Um, but if they're taking like, you know, my like menstruation data and my sleep data or like for biometrics or anything like that. I'm like, okay. Why are you taking it? And oh so I ask, what data are you collecting? Why are you taking it? And who are you sharing it with? That is a big thing.

So I'm very concerned with who they're sharing it with. Why do they need to share it with these people? I don't know. Maybe it's for tr like, you know, metrics. St statistics, I have no idea, but some of the like recent like wearables have been sharing with companies that I don't want to be shared with. So if it's really sensitive data like your health history, um nationalities, I would just prefer not to have it. And then

if they're sharing it with interesting companies. Like why are they sharing it with XYZ? Well, I'm sitting here thinking about the fact that just about everything that I use Is now somehow connected to the internet. Yeah. Whether it is the pad that I'm sleeping on and cooling me down at night, whether it's the alarm clock sunrise that I'm waking up to. I do love that though. But but what I'm wondering is for some of these things, is there an option you can look for?

That allows you to enjoy the benefit of some of this wearable stuff, but that limits What their what you're sharing back to their general data pool. Do you see what I'm saying? Yeah. So a lot of times there are options to like look and see like I'm turning this on or this on. Like there are options of saying, hey.

Don't share share my sleep data. Usually those options come at the very beginning. And so a lot of people just blindly accept and say yes. Cause like we're excited. We want to use a product. We want to use a platform, whatever it is, we want to use the app. And we're like, yes, yes, yes.

But I would go back. Usually they have privacy settings or settings in general, like data privacy settings. Yep. And I would start seeing what they do. And there's some toggles. Like on LinkedIn, they're starting to use everything that you've posted. for their generative AI. So like they're training their AI platform based off the stuff that you post.

Well, that's sort of like what happened with Instagram. Instagram did that update where all of a sudden everybody's locations were live and there was a flurry of texting all day long. And if you don't know about this, please check your Instagram right now. Where it just suddenly opted us all in. And it was crazy because it was every time you opened up Instagram, it was resharing exactly where you were to the precise location. If you had precise location turned on on Instagram, which

I would say probably 90% of the people do. Um 90% of people have precise location turn on? Well, it's automatic. When you download Instagram, it's automatically on.

App Permissions: Camera, Mic, Location

Wow. Unless you go into the settings, which I made a few videos like to say, like, hey, only like limit limit access or don't allow at all. So is one of the things that we should do. is to take a day and go through every app that we've downloaded and all the settings and look at the privacy and the data settings on those things. Yes. Those there's three things that you want to look at. Does it have access to your camera?

Does it have access to your microphone? And does it have access to your location? All three of those things, if it doesn't need it, turn it off. And I again why would it need it? Well, if you would be surprised. If you're using it, yes. But if not, no. So what should the setting be? Only while using the app? Never once. It just depends on what your preference is, right? So for example

I ordered Uber Eats last night and they delivered the wrong thing. And my manager got my phone and was like, Don't worry, I'm going to return it for you. And she went, and you have to take a picture of the wrong thing, right? And she's like, Oh, you don't have you you didn't give it access'cause I don't need Uber Eats to have access to my camera roll or my pictures or my camera, right? Or my microphone.

So she allowed she limited access to the one photo that she took and she put that photo on and she took a picture and we went off. But for me, I'm like, I don't think Uber Eats needs to have access to anything ever. And if I need to add a picture randomly, you can allow access to one photo. So are you saying that if you have an app on your phone? Yeah. And like I have where I've given Instagram or whatever access to like my photo library.

That it can be in the background scanning my photos? Oh, it's not can be, it is. Instagram, Facebook, and TikTok have new features in the last like two months where they are scanning the camera roll that you have not posted. to give you ideas on how to generate fun real or post ideas.

Because they're trying to get you on the platform to post more, right? So they're literally if you gave them access to your whole camera role, they're scanning it and they're putting together their own version of a potential reel that you might want to post after your trip to Boston.

Whoa. Yeah. So we prevent that by saying limit access. Limit access. Yeah. So like for social media, I limit access. I don't say never because obviously I have to post and have to put photos on and I have to go through the app. But I limit access to the photo that I'm actually uploading onto the app.

Facial Recognition and Biometric Data

What about facial recognition software? As a cybersecurity expert, what do we need to know about facial recognition software? Yes. So unfortunately a lot of facial recognition software is

um unavoidable nowadays. Like you're walking through the airport and they're scanning your face. I mean you have to go TSM. Oh that's right. They are okay, you're right. And even like where are they scan? Well actually I wonder because like, you know, I'm looking up I don't have them in here but I'm looking up to the U.S. And there's security cameras everywhere. Yeah. You go. So there's biometric tracking and facial scanning pretty much everywhere. And

I have a concern. One, because biometric is like very unique to you, right? Like your eyes. Or it's like a fingerprint. Your eyes and fingerprint, your face shape is very, very unique to you. And you can't fix it, right? I mean, you might be able to fix face shape with certain things, but you can't change your eyes that much. Definitely can't change your fingerprint. And so my concern is

TSA has our biometric ID, right? Global entry has our biometric ID. Right. Anything is hackable. In my head, anything is hackable. So what happens when people start getting that information? Um, and then the other thing is our phones from a marketing perspective. Are going to start tracking our eye placements. So, my concern is: you know how smart AI is, right? Like if you if you've been using AI, if anyone here has used AI,

If you type in like, hey, what do you know about me? It gives like a whole summary of exactly who you are to a team. Now I want you to imagine like someone on the other side of the screen when you're like doom scrolling and late at night and you're watching what you preferably like to watch.

It's analyzing every single thing about you. It's analyzing where you're looking, who you're looking at, how long you're staying on this video. It's analyzing the psychology behind what you're watching and understanding who you are as an individual. Hopefully it's gonna start doing better ads. That's what they're saying, right? But who knows what that information can be used for. And so

I recently, you know, it sounds a little scary. I recently partnered with a company that has it kind of shields you from biometric and um surveillance and it it's UVA and UVB and blue light blocking. But um it was wait, these are blue blocker. l red like with well these kind of have like a pink thing. Yeah, they're like also like it's it's an infrared screen. So the way that um surveillance works is usually through infrared technology. So because there's like an infrared kind of

shield. You even had these made for my prescription. This is pretty cool. Okay. Because there's like a kind of shielding on it. Yeah. When you walk through like the airport or sometimes like when I wear mine, my phone doesn't even register that it's me. Like it can't even see because it can't really tell where my eyes are. So it's not like

you know, the end all be all, but it does make me feel a little bit better when I'm like walking through security. You're gonna have to take that off through airport security, but when you're walking just in general. Because it wouldn't be able to scan my eyeballs. Yeah. Wow. It prevents it a little bit from skinning your eyeballs. Wow. Yeah. That's really cool. Yeah. So the question that I have about biometric scanning though.

Is that if we're using it for global entry or you're using it for clear or you're using it for one purchase with you wanna purchase with your fingerprint, do you wanna log into your Gmail with your finger. Is that a good thing to use or would you not recommend we use that? So again, risk based approach, right? For me, I have TSA pre check because I travel every week. And if I only traveled twice a year.

I would opt out of my biometric tracking because it's not that hard for me to wait an extra five minutes for them to like check who I am, right? Yep. But unfortunately I travel four or five times a week. And that is just not likely. So my risk, yeah, I do not want it, but is it worth me to spend all that extra time to try to fight it? I don't think so.

But some people don't like my sister, my manager, they opt out every time. Everything is a risk based approach on surveillance. And I just again I do my best wherever I think I I can help. I try to fix things and then if not, I've let it go.

Camera Hacking and Simple Covers

Amazing. You have some shocking news about cameras. Cameras on your laptop, doorbell cameras, baby cameras. Yeah. Uh oh. So this is not to scare you, it's to empower you. So There are two ways that people get into these cameras, right? One is again if you're reusing passwords, which Everyone does. So don't be a bit embarrassed by it, but take this as a sign to be like, okay, maybe I shouldn't have the same password for my baby monitor as my Facebook account.

Because if you're reusing passwords, they just have to get in and they just mess with you and they can like talk through the camera, they can watch the camera. Oh my God. Yeah, they can watch. There's also a site, there's multiple sites actually that show every single camera that's on an open network. Wait, what does that mean? They can literally log into cameras that are like on open, unsecure Wi-Fi.

So so if you have a camera and you're on an open Wi-Fi and they like somehow decide to connect to the one whi like the IP address that you're sitting on, they will be able to turn on your camera. Whoa. Just trying to like process. Process this because you're saying that Somebody can hack into my laptop if I'm on an open network and they can turn on my view it turn on my camera on my laptop and be watching me. I had an old boss that literally

had he didn't have a uh camera cover on his camera. This was like five years ago. And someone had taken pictures, like he changed in front of his computer. And someone had taken pictures of him and like sent him an email being like, We know like we have some really vulgar pictures of you that we're gonna release. And he was like pretty high up in the company that I was working for.

And he didn't care. He was like, whatever, release them. But like people can turn it on and off your camera if they want to. I just would be I just put on a camera cover. What is a camera cover? There's like little covers that you can buy literally for three dollars on Amazon and you just like Cover it when you're not using it. That prevents it. Obviously they won't be able to see anything. And also just be mindful of where you're connecting.

He traveled a lot for work too. So he And so this can this can happen to your doorbell, it can happen to your baby monitor, it can happen to any camera you have. Yeah, there was someone that follows me that someone hacked into their baby monitor, but it was because they reused an old password that was leaked. they heard voices in the baby monitor of some random guy talking. to the baby That's terrifying. Yeah. It's it was awful.

Sophisticated Online Scams and Phishing

But again, passwords. Passwords. Okay, passwords, everybody. I have a stack of emails. Yeah. Right here. Yeah. From listeners of the Mel Robbins podcast. These emails have come in from around the world. And They cover all kinds of scams that people have fallen for. One scam is that people buy a copy of the let them theory that is counterfeit. It looks nothing like the cover or it's being sold on Etsy or even

Shen, the fast fashion site, or it's spiral bound, or it's paperback, and there's not a paperback version available in the United States. Like it's just Not written by me, misspelled, but they're falling for it. Lots of emails from people who sadly are getting emails from scammers posing As employees of my company

And basically they're getting more and more sophisticated. The old scam used to be, hey, if you pay$10,000, we can, you know, we'd love to book you. We never pay anybody. We also don't require somebody to pay. to be on this show. And now they've updated the scam to say, hey, we never ask anybody to pay. So they're knowing that we're we're we, they know that we put language up on our website about scams. And they're posing as employees. Can you talk to me about

the rise of these kinds of things that are happening. Yeah. So funny story, when we first got uh a hold of your booker, your booker found us. Yep. My manager called me and I was like, this is probably a scam. I would love it if it's not a scam, but like you need to get on the phone with this person like and see their face and make sure this is like legitimate because I don't trust an email. So the first thing is

If it's not from a verified source like your Instagram, right? Like if you are not messaging them directly from your verified Instagram, it's not you. Well, one of the things that I've also noticed in a lot of scam emails that I get. Is that people will ask me to click through to schedule a conversation with somebody. And I never, ever, ever do that. Right. And a lot of these. in terms of the scams that people are receiving.

As, you know, because they're very convincing. I'm like, wait a minute, that's the name of a person who actually worked here. Yeah. Wait a minute. They're saying that we don't pay people to come on this show and you don't have there's never a fee for you to be on this show. Like, what?

How how are they changed? They're saying everything right. But now they're saying and they're linking to all the the prior experts. So it looks like really legit. And then they're like, But Mel, we'll give you a private strategy session. We'll build you custom stuff. Well, like we don't do any of this stuff. Click here to schedule a call. Right. Yeah. So so you're basically saying, no, no, no, no. Pick up the phone and call.

Got. Yeah. I don't I don't click my manager knows, do not click on any links. Okay. That is like a blanket statement rule I have. Uh, if I need to get a hold of anything, like again, if I need to click on a link for a bank, I call them. And I only am clicking on it when I'm on the phone with the bank. If you have to click on something, call the person. And just say, hey, like what is this about? Or hover over the link and see where it's going. Cause it will show you the URL. Oh. Yeah.

Five Essential Cybersecurity Actions

So if unless it's coming like Mel Robins.com slash, you know, in-person interview, I'm not gonna trust wherever it's sending me. Um, you mentioned that there are five things that you want us to Really focus on five things that if we just focus on these five things. Even though you may feel overwhelmed right now, these are the five things that really will protect you online. What are those five things? Passwords. We've talked about that a lot. Tonight.

Go and write down, these are the accounts that I don't want anyone getting access to. These are my key accounts. And you'll start thinking about more and more as you move on throughout your day. What apps do you not want people to have access to? What banks? social media, all of that. So identify your key accounts and make sure that you have strong and unique passwords.

for all of them. No reusing of the same passwords, no reusing of the same base password. Have strong passwords. Okay. So For those of you guys that aren't like m myself or Mel,'cause you're traveling all the time probably too.

I would, if you're at home using a desktop for like my parents, right, I'm like, please, mom, I'm gonna get you a book. We'll we'll put it in the log cabinet right next to your computer. You just pull it out when you're on the computer and you can use it. That way you can actually remember and write down your strong passwords. For the people that are always on the go, yeah, like have a unique passphrase or whatever you think you need to remember that like longer password.

When it says, oh, remember this, usually it's on a phone. And that's just remember it's a password manager on the iPhone. Okay. So you can do that. That's still a password manager. I use a password manager myself. I love it. I swear by it. Or on your notes and just lock it. So that's number one. So once we got the password set, what's the second thing we're doing? Software updates automatically. Right when you download the app, just turn it on.

Okay, because software updates, as a cybersecurity expert, you're saying when it says, ooh, fix bugs, make more optimized. They're actually solving and fixing where the hackers broke in. Yes. So automatic software updates on all apps. I got that. What's the third thing I'm doing? The third thing you are going to do is freeze your credit. Freeze your credit. Super simple. That's like it that's like a one and done thing. You can do that tonight.

Okay. Yeah. Because then if you've frozen your credit'cause you're not taking out any loans, you're not opening up new credits. That means nobody else can either. Right. Oh, I love that. Okay. You can't have identity theft unless you give them like extra passwords and stuff. But that's Sort of thing. Okay, so fourth thing I'm doing. The fourth thing you are doing is taking nine seconds before you click on anything. Ooh, nine seconds.

There's psychology about the nine seconds of give it's a just enough time for you to like take a deep breath, think and realize like where you are. So I didn't do the psychology aspect of it, but that's the nonprofit did. So take nine seconds. And I I always just say just don't click on links. I know that that is not.

like as easy for most people, but take nine seconds before you click on any link. And if the there's an option for you to just call, I would call. Well, and also in those nine seconds. You can look at the email address. Exactly. You can look at a lot of things. What's the final thing that we're gonna do to protect ourselves? Limit the amount of data online. There's multiple ways to do this, right?

How? There's deletion services out there that like every month go through and manually delete all the information that keeps popping up. Are you kidding me? No. This was what I was gonna ask you. Yeah. There's a s there's there's multiple services, but I use this one and I'm obsessed with it. It's called incogni. It's like the best thing ever. What's it called? It's called incogni. Like it's supposed to be like incognito, but incogni, yeah.

As I was sitting here listening, I was thinking, like, how am I getting my old addresses and my mother's maiden name and my dogs that have died and everything else? And how am I how am I going you can actually scrub your stuff? Yeah. You're kidding me. No. I thought once it was out there, you can't get you like it's out there. I'm very excited for you to try it. It even tells you like within

10 seconds, it'll say it'll start scanning and saying, Hey, we found all this information. We're automatically sending out opt-out requests on your behalf for you. It's yeah, and it's international too. So the software is certainly something that if it's within your reach to look at to potentially, you know, think about get a subscription to. If you want to try to do this manually, what are the big websites you go to and how do you do this? Yeah. There's like white pages.

True people search, people finder. I have an entire series on how to do delete it. So usually you have to go and you have to search your own name. Then you have to like scroll all the way down and they make it hard to opt out, but there's like an opt out page. Usually you can find it on their privacy policy. And then you have to have a separate request on that opt out page thing.

This is me. Please remove my data. I want you to remove it. And then this is bonus points, which we talked about. The sixth one is probably going through your apps and your app settings and seeing what they have access to. Again, it seems like it's a lot, but again the appearance.

Once you set it, it's one and done. Once you have the auto updates, one and done. Set your password. You don't have to change it for like at least another another year unless there was a breach for that account. So all these things, it's just you're building routines. It's like brushing your teeth, right? Like

Brushing your teeth, washing your face. Did you like doing it? It took extra time when you were a little kid. You just wanted to sleep, but you learned that that was what's best. It's like any wellness routine too. Like, do I want to spend an hour at the gym? No, it's annoying, but it's gonna be better for me in the long run. This is exactly that. What's the one thing out of everything you've taught us today that you think is the most important thing?

Final Words: Empowerment, Not Fear

for the person who is listening to do as soon as they are done listening, other than send this to everybody in your family because we all need this information and we all need to be smarter about protecting ourselves. And so What's though the one thing to do tonight? Yeah, I would do passwords for sure. Get your key accounts, turn on multi-factor authentication, and make sure you have an updated strong, like long password.

Okay. Yeah. I can do that. You can do that. Caitlin, what are your parting words? Cybersecurity is not for experts. It's literally for everyone. We use it every day and it's not supposed to be a scary word. Like I that's why I don't even like saying cybersecurity because people get so detached from it. They're like, I can't do this. Way too out of my comfort zone. I have no idea what you're even talking about. Cybersecurity is very simple things that you can do.

to empower yourself and your family and your loved ones to be safe because we are all online now. Don't be afraid. It's very simple things that you can do and it's not supposed to be scary. It's supposed to be something that you can feel empowered to and then share this with other people. I really appreciate everything that you taught me and the person that's here with us today. I have to admit, as we were starting the conversation.

I had this really like heavy feeling, I have completely screwed this up. The cat is already out of the bag. There's no way that I'm gonna get in charge of in in control of this. Everything's out there. There's no way to get it deleted. There's no way to protect myself. I've already screwed up. So why even bother on the advice? I feel completely different. I feel the opposite now. I feel very hopeful. around both the deletion service and the fact that you can go to the website.

and manually get yourself removed. So that does something. And I think all five of these things that you talked about, the password, the software updates, freezing your credit, nine seconds. And really limiting the amount of information that you are giving online because why do they need your phone number? Why do they need all that information you're just pouring out? it online. And so I feel very empowered and excited to do everything that you just Explained and I feel a little bit smarter.

Thank you, thank you, thank you for hopping on a plane and being here. Yeah, thanks so much for having me. I appreciate it. Oh, of course. And I also want to thank you. Thank you for spending time listening to this and Getting smarter and empowering yourself. And didn't you just love the very specific things that you can do? I have a feeling this is one of those resource pages that everybody's going to be like, link, link, link, tell me what to do.

Um, also, thank you for sharing this with people that you care about because we all need the facts and we need to know specifically how to solve these issues and protect ourselves. And one more thing, in case no one else tells you, I wanted to be sure to tell you as your friend that I love you and I believe in you. And I believe in your ability to create a better life.

And there's no doubt in my mind, after listening to everything that Caitlin taught us today about protecting yourself online, that feeling safe. As you're online, protecting yourself and your family by doing these simple things that she taught us today will help you create and live a better life. All righty, I'll see you in the next episode. I'll be there waiting to welcome you in the moment you hit play. I would like to do it. We're doing it all. Okay. Do it all. Enjoy.

Hold on a second. Here comes dinner. Not good on the repeat, everybody. Oh my god. Okay. That was probably the mashed potatoes bringing up the fish. Whew! Okay. I'm so excited for this. I'm so glad you're here. I'm ecstatic I'm here, so awesome honored. Awesome.

screwed up. I screwed up. I told him that on the first day. I was like, this is a red flag. You are from Ohio. But I've learned that there are a lot of really cool people from Ohio. There's a lot of really cool yep, you're all set. Okay, great. Fantastic job. Thanks for having me. This is amazing. Really, really fantastic job. Oh, and one more thing. And no, this is not a blooper. This is the legal language. You know what the lawyers write and what I need to read to you.

This podcast is presented solely for educational and entertainment purposes. I'm just your friend. I am not a licensed therapist, and this podcast is not intended as a substitute for the advice of a physician, professional coach, psychotherapist, or other qualified professional. Got it? Good. I'll see you in the next episode. Podcasts. Trygghansa barnförsäkring i Sveriges populära. Trygghet. IKEA presenterar Gjud av förändring. Du. Vi måste prata.

This transcript was generated by Metacast using AI and may contain inaccuracies. Learn more about transcripts.
For the best experience, listen in Metacast app for iOS or Android