(A few words of caution from Central Services’ technology advisors, Umbrella Technology Group)
It is in our nature to be helpful. We want to believe the best of people. We avoid conflict. These are good characteristics to live by, but unfortunately, hackers are excellent at using these traits against us.
There is a very good example of this making its way through the church community currently. Hackers will research your leadership via your webpage, making a list of pastors, elders, deacons, administrators, as well as a list of past and current events at the church. They will then call the office and be very cordial and ask you how your day is going, how your recent event went, etc. After getting your guard down, they will say they are working with pastor/elder so and so on an event they gathered from the website and they need a member directory for part of the project. Most people will think nothing of sending one to them based on the conversation. Once they receive this directory, they will create text messages from the Sr. Pastor that requests members get gift cards or send money to a paypal address for donations. Disgusting right?
Does this mean we have to harden our hearts and assume everyone is trying to scam us? No. It just means we need to add a little diligence to our trust in people. Trust but verify is the best compromise. When people call, email, text, and ask you for anything of a sensitive nature like member or staff personal information, simply ask them to verify who they are. You can do this by calling them back at the number you have on file for them, telling them you need to verify the request by asking the person they claim to be working with, etc. Again, just add a little step of verification. If someone is who they say they are, they should not be offended if you explain you are just trying to protect sensitive information.
Courtesy of Eric Hester, CEO of Umbrella Technology Group