A software engineer in an office. Photo by ThisisEngineering on Unsplash

CORRECTION: The original version of this article inaccurately stated that Dave Hatter was a founding member of Intrust IT. The relevant lines have been corrected. We apologize for this error–LINK nky, July 7, 2024

Fort Wright Mayor Dave Hatter, who’s also a cybersecurity expert with Cincinnati-based IT company Intrust IT and self-proclaimed “tin foil hat maniac,” gave a presentation on cybersecurity best practices, especially as it related to job seekers, to the Northern Kentucky Accountability Group last week.

The Northern Kentucky Accountability Group is a free program for job seekers administered through the Kenton County Public Library. The group offers training courses in job hunting skills, such as interviewing and cover letter writing, networking events as well as free courses on computer literacy, social media for job hunting and popular workplace computer programs like Microsoft Office.

“What supports this program are all the amazing classes that we offer that will make you an expert in the job search process,” said Natalie Ruppert, who manages the library’s career and job services division.

Attendees at the Northern Kentucky Accountability Group meeting at the Erlanger branch of the Kenton County Library on July 3, 2024. Photo by Nathan Granger | LINK nky

Given that much of the job hunting process these days has moved online, the library and Hatter believed that job seekers needed to be informed about keeping themselves secure while looking for work. Hatter has given similar presentations to a variety of different groups in the region and frequently speaks to media outlets on cybersecurity.

Mayor Dave Hatter before the Northern Kentucky Accountability Group at the Erlanger branch of the Kenton County Library on July 3, 2024. Photo by Nathan Granger | LINK nky

“Job related scams are rampant,” Hatter said.

Job seekers at the event could attest to this. Some told stories about times someone had tried to scam them by impersonating an employer; others asked questions about scam attempts (or otherwise dubious and insecure practices) they’ve encountered online.

One attendee, who left the meeting before sharing her name, discussed a common kind of job scam she’d encountered on the social media platform LinkedIn, where scammers posing as recruiters would offer high pay scales for non-existent, remote data entry and executive assistant jobs.

“I’ve been victim to a couple,” she said. Oftentimes the scammers may have social media profiles and even company websites that appear legitimate, but by the time you get to the interview stage, she said, things will start to seem… off.

Hatter affirmed her account of things, and said that scammers will often rely on the appearance of legitimacy before showing their hands, often in the form asking for payment up front to be interviewed or trained. That was one way to spot a scam, he said. No legitimate company or organization is going to ask a job seeker to pay them before offering a job.

Hatter’s presentation discussed trends in online scams and offered some basic tips to stay safe. He cited data from the FBI, which tracks consumer scam trends, professional organizations and research groups attesting to the scale of the problem. For the most part, the figures showed that the rate of scams–and money lost to scams–was increasing year over year and likely to continue in the future.

Cybercrime losses, as of Sept. 2023. Figures past Sept. 2023 are projections. Chart and data provided | Statista
Internet crime complaints and losses reported to the FBI as of 2023. Chart and data provided | Federal Bureau of Investigation

Although there was no full-proof way to completely insulate yourself from risk, Hatter said, besides going completely off-the-grid, “there’s a lot of relatively simple things you can do in many cases that don’t cost anything.”

He offered some tips for job seekers looking to stay secure (list not exhaustive):

  • Shore up your password security–Even if it seems onerous at first, every online account you have needs to employ its own distinct password. Moreover, passwords should be random, long, and feature a variety of different keyboard characters, rather than something easily memorable like your birthday or address. To help with this, he recommended using a password manager, a program designed to generate and keep track of secure passwords. Many of them are free. Check out this article from Wired magazine for recommendations.
  • Use multi-factor authentication–Multi-factor authentication, or MFA for short, is a security technique that prompts you to confirm a sign in to an account anytime you enter a password. Many programs already employ MFA: If you’ve ever had to input a code sent to your phone upon entering in a password, you’ve used multi-factor authentication. Hatter recommended using an app, rather than relying on text-based MFA, for your accounts. Like password managers, many MFA apps are free to use. Check out this article from PC magazine for recommendations.
  • Ditch the apps–In spite of the two previous bits of advice, Hatter recommended against downloading a lot of apps on your phone and devices, except when absolutely necessary. Many of them, he said, simply aren’t secure, and having a lot of them on your phone can make you vulnerable.
  • Ditch the smart devices–Smart devices are internet-connected appliances, like door-bell cameras, automatic vacuum cleaners and the like. Hatter argued that these have many of the same problems as a lot of device apps in that they often have big holes in their security programming. As such, they usually aren’t worth the risk, and non-smart appliances often do the same job, anyway.
  • Automate security updates–Updates for your operating systems, web browsers and other programs often feature security patches aimed at addressing novel security threats. As such, if you don’t keep them up to date, you’ll have holes in your security. Luckily, you can set up many of them to update automatically, which should keep you secure over time.
  • Use anti-virus software and firewalls–Anti-virus software and firewalls are essential to keeping malware and spyware off your computer. Some operating systems, like Windows, come with built in firewalls, which you can turn on and off at your leisure. You can also purchase more robust anti-virus software, which regularly scan and monitor your computer for threats. Check out this article from PC magazine for recommendations.
  • Use a VPN–VPN is short for virtual private network. VPNs tunnel off your internet signal through an encrypted channel, making it harder to track your movements online. Hatter recommended against using public Wi-Fi broadly, but said that if you do use public Wi-Fi, never do so without a VPN. VPN subscriptions often cost money, but you can read up on some cheaper VPN services here.
  • Generally speaking, stay skeptical, stay informed–As a general rule, Hatter said, it’s good to be skeptical both about things online and about technology products. This means you should always vet which programs you’re using and employ critical thinking when interacting online. If something seems off or unsafe, it probably is. He also recommended staying up to date on technological developments by consulting trusted tech publications like CNET, PC Magazine and Mozilla’s *Privacy Not Included guide.

Learn more about the Northern Kentucky Accountability Group, including information on its free technology courses, at the Kenton County Public Library’s dedicated webpage.