MINNEAPOLIS — A unique email came into the KARE 11 inbox Thursday morning from the official email account of Minneapolis Mayor Jacob Frey.
The message spoke of a “new financial offer” but the thing is, the mayor didn’t actually send it, his email account had been hacked.
It's a perfect example of how no one is safe from hackers.
So, we decided to learn something from this unique encounter.
We asked Bryce Austin, a cybersecurity expert, nationally-known speaker and owner of TCE Strategy, to take a look at the email and tell us what we can all learn from it.
"In this case, it wasn't a “spoofed” email pretending to be the mayor. They hacked the mayor's account," Austin says. “It’s a very basic hack, but the difference is it’s the mayor, a person with authority, and that is very concerning.”
Austin says the people we’d least suspect are often the most likely to be attacked cyber-criminals.
“While anyone can be a target, a smart cyber-criminal goes after targets that can make them the most money and that tends to be people of authority, like CEOs and politicians,” Austin says.
It's why we hear about so many breaches at companies like Target, Yahoo and Facebook, and why cities, counties and state governments are hacked every day.
"That's what just happened to 22 different municipalities down in Texas last month. It was a big, big deal. They were demanding almost three million dollars," Austin says.
These constant threats are the reason why many companies and local governments spend millions of dollars on security protocols to keep their information safe.
But to protect yourself you don’t need to spend a lot of money, and you don’t need to be an expert either.
"The things to look for in a hacked email or message are a vague request. Something like, ‘please click on this link, I think you might find it interesting.’ Unless you have friends that send you things that vague, that’s a warning sign right there,” Austin says.
Also look at the tone and the words they use, and ask yourself, does the person who sent the email really write like this?
And if they ask you do something like give personal information, download something, or send money, those are all red flags.
“If anyone is sending you attachments that normally doesn’t it’s a big warning sign.”
To protect your own accounts from being hacked, Austin recommends setting up multi-factor authentication.
"Basically multi-factor authentication means that if your account logs in from another computer or another phone, you will get an alert on your phone saying hey, I've never seen you log into this computer before, is it really you? And you can it yes or no and it will lock out any users that aren’t you.”
Austin says most major companies, websites and social media platforms offer multi-factor authentication.
He recommends setting it up on your email, social media and all your bank accounts so that if someone tries logging in, you know right away.