MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

The-Ultimate-Guide-to-Success-in-Managed-IT-Services

Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

Watch Out for This Royal Wedding Scam

Posted May 25, 2018by Lily Teplow

Watch Out for This Royal Wedding Scam

Ever since Prince Harry and Meghan Markle tied the knot last Saturday, my news feed has been flooded with Royal Wedding coverage, updates, opinion articles and quizzes. In fact, one of the quizzes I came across the other day was titled, “What’s Your Royal Guest Name?”

Seemingly innocent, this quiz provides you with “your new royal identity,” and has since swept the Internet. But, what makes this quiz so cleverly dangerous is that unbeknownst to those who are participating, their answers could help scammers get their hands on some sensitive data.

While it’s likely that you and your clients may not be taking quizzes like these (or maybe you are, I don’t judge), it’s yet another example of the power of social engineering and how easily people can be duped into divulging personal information. In this post, I’ll cover how this scam works and what you and your clients should look out for.

Your Royal Name

As I mentioned, the quiz provides you with a new royal identity in the following format:

Lord/Lady ________ ________ of ________

To fill in these blanks, all you need to do is provide one of your grandparents' names, the name of your first pet, followed by the name of the street you grew up on. This would end up looking a little something like this:

Lord/Lady [Grandparent's name] [first pet's name] of [street you grew up on]

Hmmm... where have we seen this type of information before?

The Royal Scam

If you’ve caught on, you’ll notice that this quiz combines the answers to three of the most commonly used security questions.

  • What is the name of your favorite grandparent?
  • What is the name of your first pet?
  • What is the name of the street you grew up on?

By sharing your “royal name,” you’re giving away the answers to the questions you’d be asked in order to reset a password or login to a system through some alternative approach. Similarly, this information could be used to gain access to banking accounts, social media accounts, work email, etc. If cyber criminals get a hold of this information, they could use it to hack into these accounts as well as other systems.

Sometimes, human error can get the best of us. As an MSP, the best thing you can do is to remind your clients to always be wary. Be wary of potential phishing emails that may be asking for sensitive information. Be wary of the information you share, especially on a space as public as the Internet. And, if and when clients come across scams such as the one above, you can position yourself as a trusted advisor by encouraging them to reach out to you for advice and next steps.

These days, you can never be too careful when it comes to personal/sensitive information. Be sure to warn clients and end-users about making this information public, or it could cost them... royally.

 

Handpicked for you:

Get-Cybersecurity-Tips-for-Employees-The-Complete-Guide-to-Secure-Behavior-Online-eBook

Lily is a Content Marketing Manager at Continuum and is passionate about helping businesses solve their biggest challenges. She is responsible for managing Continuum’s MSPblog and writing on a variety of topics, from sales and marketing to cybersecurity, helping establish authority in the MSP market. Lily is also a seasoned content creator and has supported Continuum’s PR and media efforts. In her spare time, Lily enjoys singing, traveling the world, and cheering on her favorite Boston sports teams!

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus