Car dealerships have everything that hackers and scam artists love. You deal with high-value items and handle large amounts of money. You deal with people’s banks directly and process stacks of personal information that could be used for identity theft. You process payment information like debit and credit cards and cars are a favorite way to blow through stolen money or ruin the life of someone whose identity has been stolen. To a hacker, a car dealership looks like a playground which means that it’s your job as the honest professionals trying to run a business to protect yourself, your customers, and your staff members from the inevitable attacks.
Cyber-Security and Social Engineering
However, having a strong firewall, encryption, and virus-scanning software isn’t enough anymore to stop the really determined cyber-criminals. The new name of the game is social engineering, using deception and false human connection to lure staff members into making a critical mistake. Sometimes, the scam isn’t even to get malware onto your computer, but rather to steal information directly from the employee themselves, tricking them into giving away important personal or account information about a customer or performing an action that they shouldn’t. In order to keep your employees safe, it’s vital that they are fully trained in data protection on every possible level.
1) Protect Line-of-Sight
Start by explaining that hackers aren’t the only criminals. People can and will come in under false pretenses, hoping to get a look at someone else’s account information. Guests claiming to be the spouses, friends, and family members of your customers may ask to check on information, then try to get a look at something else while the account is up on the staff member’s screen. There are several reasons why someone might want a peek at another person’s car dealership information including looking for financial information, an identity to steal, or stalking.
Because you can’t know who is scamming right off the bat, you are obliged to be helpful and go along with any reasonable requests but be very careful about line of sight. Never show someone another customer’s information and if your office door isn’t closed, don’t turn your monitor around at all just in case someone sees something from across the hall. Be aware of windows, people walking behind you, and reflective surfaces. Yes, scammers and stalkers get that devious to steal personal information.
2) Never Answer Personal Questions
People will come in person, call you on the phone, and send you emails asking for information about accounts, cars, services, and customers. Naturally, the vast majority of these contacts will be business-as-usual but every staff member needs to be on their guard for the one call in two hundred that is loaded and dangerous. To be ready even if you don’t see a scam call coming, never ever give out personal information on customers or your fellow employees. Continue reading