Manifesto

Most therapists see a therapist.

The Seattle Seahawks have almost as many coaches as players.

And even the most seasoned climber doesn’t summit Everest without a Sherpa.

You know why?

Because having a guide helps.

If you don’t know the way, a guide is indispensable.

But even if you’re an expert or well on your way, a guide can offer assurance, show you a few shortcuts and make sure you don’t stray off course.

We are guides.

And we help people navigate something far more compelling than a trail or path or investment opportunities and the market.

We don’t start a relationship by offering hot stock tips and patent-pending investment strategies.

We sit down and get to know our clients.

Where are they in their lives?

What makes them happy and fulfilled?

What do they want from their future?

Once we know where they are and where they want to go, we can set out on a journey to get there together.

And hey, if we decide we want to change where we’re going or take a different route, that’s okay too.

We’re expert guides, so we can help even the most sophisticated investor, but we pride ourselves on making the complicated easy to understand for everyone.

So we don’t put our arms around a client’s portfolio and drag it over to our side of the table and tell them we’ll take it from here.

We work with our clients to make sure they understand and are invested in the decisions we make.

We don’t sell our clients products; we help them make choices.

About the kind of life they want to live.

About when and how they want to retire.

And what kind of legacy they want to leave behind for their families, their communities, and the world.

We are Summit.

And we know it’s a bit cheesy, but darn it, we believe this to be true.

We guide our clients towards their dreams.

 

5 Ways Criminals Use Social Engineering to Scam Us

A major risk to both businesses and individuals, social engineering involves the exploitation of our very nature. Specifically, criminals use social engineering techniques to elicit feelings of fear, uncertainty, pressure, and excitement in the hope that we will deviate from the ways we typically behave. Their goal is to gain access to our sensitive information or take advantage of us for financial gain. Here, we’ll explore five ways that criminals use social engineering to scam us—and tips to avoid falling victim.

 

1) Impersonate an Authority Figure

People tend to comply with requests from those in authority. Knowing this, a hacker might impersonate an authority figure to pressure you to take a specific action. For example, he or she may pretend to be a law enforcement agent and send an e-mail that claims illegal content was found on your computer. He or she would then advise you to click on a link to obtain additional details. Because you wouldn’t want to be accused of doing anything illegal—and because of the perceived authority of the sender—you may not question the legitimacy of the message. But when you click on the link? Malware would be installed on your machine.

 

2) Send “Urgent” Requests

A sense of urgency may cause us to rush into making decisions that we wouldn’t usually make. The IRS scam is a great example of using urgency to trick people into taking ill-advised action. A con artist poses as an IRS representative and reports that, if the intended victim doesn’t immediately provide payment information for back taxes owed, a warrant will be issued for the person’s arrest. Who wouldn’t want to avoid this negative consequence? To be sure, victims of this scam often comply with the request, sending precious confidential information into the hands of criminals.

 

3) Exploit the Fear of Missing Out on Something Scarce

If we believe there isn’t enough of something good to go around, many of us will take ill-considered actions because we fear we’ll miss out on something we want. How would a criminal exploit this tendency? He or she might send phishing e-mails purporting to come from Apple and claiming that, because of huge demand, only a limited number of the latest iPhone is available. “If you click on a link in the message, you might be able to get one. Act now!” In reality, clicking on the link could install malware on your computer or lead you to a legitimate-looking website where you will be asked to supply personal information. Then, the hacker will have your confidential information—perhaps even your credit card number and its expiration date.

 

4) Put on a Friendly Persona

Some scammers put on a friendly face, doing all they can to appear likeable so that we feel comfortable dealing with them and more likely to let our defenses down. For example, a cybercriminal could pose as a computer technician, stop by your workplace, and strike up a pleasant conversation with the receptionist. Before you know it, the technician has talked him- or herself onto an office computer, ostensibly doing routine maintenance but really stealing whatever sensitive data he or she can find.

 

5) Pose as Someone You Trust

Social engineers sometimes try to exploit a sense of trust in others, causing potential victims to feel guilty enough to provide the scammers with what they need. These crimes usually result in bigger, immediate payoffs. For example, a scammer could pose as a friend traveling overseas and e-mail you that he or she has been mugged and needs money to return to the U.S. In a situation like this, you might trust that the sender is your actual friend and feel guilty if you don’t lend a hand. The result? You wire the money without doing enough to verify the sender’s identity.

 

Tips for Spotting an Attack

Now that you understand the techniques used in social engineering, let’s move on to some tips for spotting and dealing with attackers who use them:

  • Be wary of any e-mail or phone call that comes with a heightened sense of urgency and that claims to require an immediate response.
  • If you get an unsolicited message or call purporting to come from a familiar organization and asking for personal information, hang up and call the entity at a number you know is legitimate or type the organization’s URL directly into your browser and log in from there.
  • Always verify the source of a phone call or message before fulfilling a request, clicking on a link, or downloading an attachment.
  • If someone calls claiming to be from Microsoft or another tech company and requests access to your computer to fix a supposed problem, it is almost always a scam! If an individual arrives at your office with such a claim, ask for identification or verify his or her identity by calling the company for which the person supposedly works.

 

Be Vigilant!

Because our trusting nature often prevails over our common sense, we need to stay vigilant. By understanding the human tendencies that scammers try to exploit—and the red flags that signal a potential scam—you will be well positioned to protect yourself from this growing threat.