Be Aware Of Threats and Exploits That Can Leave Your Company Compromised

In this episode, we interview Scott Hudgins of Core ID Services and Michael Takla of HackNotice about cybersecurity and corporate breaches.  A surprising amount of information can be purchased, shared, or just plain found on the so-called “dark web”.  Bad actors can gain access to this information and compromise your company assets, including your website.  Scott and Michael are here to talk about CIA, a new service by Core ID Services, that helps companies to be proactive in the fight against cybersecurity, as well as share some simple and effective best practices that we can all improve upon!  BONUS – Core ID Services is giving away free 30 day trials to all Local SEO Tactics listeners!

Don’t miss an episode – listen on iTunes, Google Podcasts, SpotifyStitcher, Android Apps, or RSS!

YOU’LL LEARN

  • Scott Hudgins with Core ID Services and Michael Takla of HackNotice discuss dark web threats
  • Core ID Services provides identity theft protection and cybersecurity services for businesses and individuals
  • Most corporate cybersecurity issues arise from third party vulnerabilities and breaches
  • Over 70% of breaches originate from credentials stolen from a third party
  • Employees that use corporate email addresses for personal account logins can be exposed
  • Being lazy and reusing credentials on multiple services can lead to breaches
  • Most security hacks are lazy, looking for the easy victim, and are not very sophisticated
  • Good security starts with basic personal best practices, like using a password manager app
  • If you know or think any of your account credentials are compromised, you should absolutely change your password
  • Core ID Services can proactively find your information on the dark web, so you can take fast action before you are compromised

Here is the transcription from Episode 61 Dark Web Threats and Cyber Security For Business – Interview With Scott Hudgins and Michael Takla;

Jesse: Welcome back to Local SEO Tactics where each week we bring you tips and tricks on how to get found online. Got a great episode here this week. We got an interview with Scott Hudgins and Michael [Takla 00:00:27] of Core ID Services and HackNotice and we got these guys on here because a couple weeks ago we did an episode, #56, and I’ll link to that in the show notes here, for website security during the pandemic. Not going to do an entire recap of the whole episode for Scott and Michael’s time and everybody else, you can check it out at your leisure but basically the concept was while this pandemic is going on, we can be distracted in running our business, whether it’s try to improve our websites, SEO or just get by with the data [inaudible 00:00:58] that the bad guys are taking advantage of every opportunity, whether it be something in the past or right now in this present and the more distracted we are and the more hands-off we are in areas, and that’s the right time to strike.

Speaking with Scott a few weeks back about that episode when we were looking to record it and the original concept, Scott, we were talking was to get you in on that episode, right? We just couldn’t connect in time so here we are, a little bit after. It’s kind of a follow-up on that episode so just trying to connect the dots, everybody here. This is almost like a Part Two to that kind of security during the pandemic for your website topic here. So with that being said to kind of lay the groundwork, I’d like to introduce Scott and Michael to you guys and gentlemen, I’ll let you kind of take the floor for a couple minutes each. Just tell everybody not so much again about your business but we can start with you, Scott, who you are, why you’re on here, why you are an expert in this kind of web security and really kind of the dark web is more the area we’re going to get into, let people kind of know where you are on that in your talents and then same with you Michael is you guys could.

Scott: Sure thing Jesse. Thanks so much. I’m Scott Hudgins, I’m the COO of Core ID Services. When we were founded in 2011, Core ID was an identity theft protection solutions provider providing personal services for individuals and providing identity theft protection. We have expanded this year to include services that protect businesses and very excited to talk to you about that today on why that’s important, but how did I get to that point of identity theft protection and business protection. I’ve spent the bulk of my career in employee benefits, working both for insurance companies as well as insurance brokers and as well companies that help take the complexity out of the healthcare system and make it easier for the consumers of the healthcare system.

That historical background for myself and an interest in technology and protecting individuals was a perfect path for me to take my past career and move into the identity theft and cyber threat protection arena and so being involved with businesses and individuals has been that part of my career that was very motivating and trying to take that which is complex and to make it simple, to provide concierge types of services to folks so that if something challenging does occur, you’ve got a partner on your side to assist you to make your way through those challenging situations.

So my involvement in the past and now with Core ID is bringing all of those sorts of experiences together and I’m very excited to share with you some of the things that we have done but a lot of things that we learn every day and what we can do to help individuals and businesses.

Jesse: Stellar. So you are more or less qualified to kind of nerd out on this topic, right? Even more so than I do on SEO, you guys are way above my level here so.

Scott: Mike who you’ll hear from in a moment helps us nerd out even further, so that’s the great part about it. It’s a great partnership here.

Jesse: Yeah, Michael, why don’t you kind of give everybody a quick background here?

Mike: Sure. Absolutely. My name is Mike Takla, I am the co-founder and chief revenue officer here at a company called HackNotice. Privately my background is actually in small business. I got my start in small business, my family has been in small business and I happen to go work in enterprise sales for a security company. I think kind of like everybody else, I thought that all hacks and all breaches were very highly sophisticated individuals breaking network controls and things like that and it turns out that most breaches actually originate from third parties, from companies sharing data with other companies or relying on other companies for services and really overlooking the fact that they’re sharing that data or companies neglecting just having basic controls in place. A lot of these hacks aren’t high tech at all and I think I find that really fascinating so not an expert, just really a fan of watching the way that the industry is going.

So I got started in enterprise sales as an inside sales guy for a company that was focused on helping companies see where these breaches were coming from through third parties and eventually worked my way through to founding HackNotice for those same reasons. Because over 70% of breaches are originating with credentials stolen from a third party, so folks share something like their corporate email address and the password that they reuse all the time with something like Netflix or Disney+ or MyFitnessPal, and when these basic services are breached because security is not really the thing that they do well, folks turn around and use those corporate credentials at work and so folks kind of unwittingly and by their poor hygiene because they’re not aware, they’re not educated, they’re not trained, are really putting their companies at risk by doing these things and there’s just not a good solution.

So what really drew me further into the industry is really the fact that every year is the best year for security spending, people buy more network devices, they buy more infrastructure, but it’s also the worst year for breaches so spending is always going up but the problem is getting worse every year and it’s because hackers again are not highly sophisticated for the most part. They’re relying on people kind of being lazy, using the same credentials over and over multiple services and so a failure at any one point is sort of a failure for the whole system. That’s really what we try to prevent, what we try to keep an eye on at work so that’s what helps me go to work everyday.

Jesse: I like how you’re talking about most hacks aren’t as sophisticated as you might think. Kind of reminds me of a funny story I had last week with an associate and she was talking about her husband as a parole officer. So right now during the pandemic, their interactions are way down and to that degree, they’re not looking to throw people back into the system when processes and things are shut down or they’re trying to eliminate the amount of people, so they were joking about it’s the perfect time to do any kind of little petty crimes. You’re probably going to get off with a warning and a slap on the wrist, and then we were joking about …

I’ve never even thought about really doing petty crimes, it’s always like the Ocean’s 11 type deals. If I’m going to do something, it’s going to be like this sophisticated heist and we were just kind of joking, in the same vain you’re talking that that’s really not what crime is even though we kind of glamorize it or think it especially when you hear the stuff in the news. Now granted if Target gets hacked, I’m thinking there’s a little more sophistication there maybe to how it’s pulled off, but it really comes down to this petty stuff like you’re talking which is kind of where Scott and I kind of connected on this just to kind of reset there a little bit … With like you said, just usernames and passwords and those weakest links in your architecture out there.

Back in the episode we had here, 56, talking about security with your website, one of the things we outlined on there is a lot of websites out there run on WordPress, so you’ll just have a login and a password, and depending on the organization, maybe you have a single login that you’re using and your secretary or your website guy uses it too and you’re just kind of sharing that login. Kind of like you’re saying Michael, now you’ve got two, three or four people maybe sharing the same credentials and passing around. Maybe they’re passing around via email. [inaudible 00:09:06] password may be used … Let’s say the owner set up the website and he’s sharing the credentials with somebody else to log in, he might use the same password for everything else. You don’t think about those little micro chunks of data that are out there but they start to spread and get shared on a list, it’s pretty darn easy to pop up on a list for the bad guys to buy, right? Is that kind of how it works? I’m jumping ahead a little bit but –

Mike: Sure, in fact, credentials are more often shared than anything else rather than sold, credit card numbers are sold, social security numbers are sold. Other things are sold. Credentials themselves helps folks establish their bonafides a lot of times or trade for other things, services are sold on top of credentials and other things like that but as you’re saying, it’s not just petty, it’s often opportunistic. A lot of these crimes are in the end financially motivated and so people want to do the least amount of work for the highest return. In fact, in a lot of studies … Folks, I believe there was a well-known password service provider that polled to see how many folks actually changed a password once they knew it was compromised. Not even most people would change it after it was known to be compromised, much less use something strong in the first place.

People often also reuse the same syntax. So for example if they get busted with their wife’s name and anniversary date which is a frequent password, even if you force them to change it, they will change it to something like their son’s name and his date of birth or something that is just as easy to find out about … Again, using that same syntax. Passwords really are a way of thinking, unless you engage in a best practice like using a password manager in order to have very strong, completely random passwords that are kind of managed outside your own authority to remember them. So again, it really comes down to hygiene. We tend to think of security as a technology problem or an infrastructure problem, security is really a people problem, and that’s the way that we look at it and it needs a people solution.

Jesse: Right. I think it’s … Like you said, it’s opportunistic. I mean really, it’s a crime, hacking, it’s criminal, and really, just like anything else, the “bad guys” aren’t looking for difficult targets, right? They’re looking for the easy targets, the easy wins so it makes a lot of sense. It makes a lot of sense that they’d be opportunistic.

So circling back, like I was saying to Scott, the way you and I got connected originally on all this going back is we have a shared contact, Jeff, I won’t share his last name, just because maybe he doesn’t want it out there to … Who knows why groupies will probably follow him after the show goes live –
Mike: Probably so. That’s great.

Jesse: Anyways, Jeff is a client of ours and we help him with SEO and lead generation for his business and Jeff is involved with you and we got to talking and you have this new service, the CIA, which I’m sure you’ll talk about here for everybody because it’s awesome, but you guys were kind of running it past me and really scared the hell out of me to be honest because if you want to get somebody’s attention, show them their login for a website and a password, even if it has a few asterisks and say, “Hey, does this mean anything to you?” That I have this and I know what it is, which I’m kind of paraphrasing, I’ll let you expand on it, Scott, but that kind of information is out there and like Michael’s saying, some of it’s bought or traded and otherwise but this information is not super hard to find for people that are looking for it, right?

Scott: You know Jesse, you’re right and I think to dovetail into what Mike said, with the survey that was done with the password manager, many of the resources that do exist and that consumers are seeing today, businesses and consumers are seeing today, may provide some basic indicators that something is exposed. Hey, your password is exposed or your username is exposed with this company or that website, but very often it’s not presented back to the consumer with the specifics, with exactly what was included. There is a very high level generic indicator provided to most consumers and so I think the story that you were retelling was when you see exactly what has been exposed, that really does change people’s perspectives and gives them a reality check that okay, now this is real.

That’s exactly what I use … The consumer may look at this and go, “Wow, that’s exactly what I am using. Okay, now I know. It’s not just my Dropbox password or my password to my bank or whatever in a general sense, it’s exactly what has been recovered.” I think that was sort of the shock and awe if you want to call it that, that really got your attention and oftentimes gets the attention of both individuals and small and medium-sized business owners when they can see very clearly what passwords, what credentials, what information has been exposed.

Jesse: I don’t know if you guys got this email and a lot of people I’ve talked to have had a similar version of this, I think it’s been out for some time, but I want to kind of drop parallel so people aren’t confused and thinking what you and I are talking about, with what you showed me versus this email. So you’ll get an email saying like, “Hey, I know this password is important to you. I have you on video doing something in a compromising position or I have a voice message that you left for your girlfriend. I’ll tell your wife if you don’t transfer me however much bitcoin to this address or some things like that.” There’s variations of it, but when you get that, they use that same tactic in that email of, “Here’s your password or here’s your credentials on your password,” just to kind of scare you, but then obviously it’s a ransom is the email.

It can be on one degree passed off as don’t worry about it, on the other end, this information, if I understand it correctly with you guys, is kind of a question too is they may have purchased or found or traded or whatever, however obtained off the dark web, legitimate compromised information from you. They’re presenting it not as a service to help you like you are here Scott, but trying to ransom you for it. Long way around, my question is that’s kind of where they’re getting that from is some of these same sources online or in the dark web if you will?

Scott: Sure, sure. They are gathering up information and then they’re using an email template that they use over and over again and send out to folks and if you receive an email like that, then someone should act if they recognize that yes, that’s a credential that I use, they should go and they should change that immediately. They should take action. I wouldn’t respond to the ransom request, but I would instead go take action on an account that they may be conscious of but that being then tied back to some visual or video clip or some other activity that they’re saying is what’s going to make you scared to have to do something, I wouldn’t be as worried about that, but do take action.

The parallel that you were stating was the information that together, Core ID and HackNotice is providing is sharing back all of the information that we have been able to recover from the dark web so that you can see it and be proactive with it versus reactive. When you get that email, they want you to react. They want you to freak out and they want you to do something right away, but if instead, you’ve been provided that information in advance, just say, “Hey, this information is out on the dark web, you should be aware of it and we’re going to help you take action on that,” then you being proactive, you can protect yourself from those events on a regular basis.

Jesse: With that, like you said, first thing, just to re-clarify for anybody, like you said, take action if you get an email like that. Don’t reply and don’t click to send them bitcoin or anything with the person that sent it to you, right? More of take action on if you get that kind of an email, your information to whatever degree is out there for the bad guys, right? In some way, shape or form. In my instance, hen I got that email, I don’t know, it was probably a year or two ago, the password was some password I know I used like 10 years ago and I really wasn’t concerned even though I did check on it. I think the nature is to be completely dismissive I guess is my point is it’s to be completely dismissive when you get that email, like that’s a bunch of BS, obviously they’re trying to scam me, but what we’re trying to say here is that will legitimately … Legitimately is probably the wrong word because it’s illegitimate to an extent but that really was pulled down from some available source to the “bad guys” and it’s obviously for ransom now.

We flip that around to you guys at Core ID with the CIA product, which I’d love for you to talk about and help people kind of get a quick nickel tour on is not that you’re going to do that same thing to scare people, like, “Ha, I got your password, check it out, would you like to know more of what’s available?” But more of like as a proactive service saying, “Hey, we can come in,” and if I’m butchering this please correct me Scott, but “We can investigate and see with you or your organization that you have different levels what information is out there for you,” to kind of pull that back from all these resources, all these lists on the dark web so to speak and then obviously the business and the individuals can decide what to do with it there. We’ve kind of painted the picture of the ransom dudes and the fake emails that you don’t have to worry about, but that it’s a real problem to investigate. Could you draw kind of a box around the service you provide in this respect with that same compromised information and how people can do something with it once they get it?

Scott: Certainly, and the one thing I would add to the email story that you were painting there is all email phishing is intended to do is to get you to act without thinking. So if you ever get any kind of email that’s requiring you to take immediate action, always take a breath. Take a couple of breaths. Count to five, count to ten, simple stuff and say, “If they’re asking me to click on something, instead, I’m going to go look at whatever it is they may be telling me,” your bank account or whatever else it is. Go directly. Don’t use their link. Go directly to it with the resources that you know you have and go and check out and adjust or fix something that they may be telling you is a problem.

That’s the one thing that I would always suggest is those emails are intended to make you act without thinking. Instead, take that breath and then you’re going to be a lot safer. So if we take the scenario again that we’re talking about, these things are happening every single day and hack notices enable Core ID to be able to bring a set of services to small and medium-sized businesses and we call it CIA, which is short or Cyber Intel and Awareness, and what CIA is doing is it’s trying to provide guidance, information, guidance and steps to keep a company safer and we do that by providing business intelligence about a business’ email domain, we keep it really simple, and then second, it’s providing third party risk awareness. So all businesses are dependent upon other third parties to help them deliver their great product or service and so our CIA product is bringing those two types of things at a very high level together so that a business can keep themselves safe by being aware of the information, by being able to see transparent and actionable information.

It’s a really powerful set of tools and information because instead of being overwhelmed by a business trying to figure out how do I get to the dark web, how do I stay safe on the dark web, where do I go, what do I do? Instead, CIA, Core ID and HackNotice, we together are doing all the things that you don’t want to have to do so that you can be safe and be protected. A combination of human assets and technological services that are HackNotice partners are using, Mike’s team is using, gathers up the data and the amount of data that they’ve gathered up is just extraordinary and it’s happening 24 hours a day, seven days a week. They’ve brought that data together and then they’ve made it possible for small to medium-sized businesses to be able to consume that information and take action. So you don’t have to be a cybersecurity expert. You don’t have to be an IT security expert. You can just be that small to medium-sized business who’s running your business every day, and you don’t want to have to waste your time trying to figure out how to do something or where to get it.

Instead, we’ve gathered that information together in a very simple and easy to use portal that a business can essentially set up and allow it to run and any time the service finds information about the business related to their email domain or individual email addresses or their third party business’ domain, we’re going to send out a notification a couple of times a day to them to say, “Hey, we have found some information. We want you to review that information and not only just tell you to review it, give you some guidance on what to do next. How to remediate that? How to mitigate that?” So at the end of the day, Mike and the HackNotice team have taken the extraordinarily challenging and complex steps to make this possible and then together, we’ve tried to make this very digestible for small to medium-sized businesses.

Jesse: So if I understand this correctly, just to kind of frame it for everybody too, and I should say you’re going to offer a 30-day free trial to all the listeners here before I give the address, that’s correct, right?

Scott: Absolutely. Absolutely. I’d be happy to do so.

Jesse: Go to LocalSEOTactics.com/CoreID and so with that, if somebody jumps on board with this, there’s kind of really two phases. One is kind of an initial discovery, like, “Okay, here’s all the stuff,” but then something I think that’s super interesting with what you’re saying is this is definitely like an ongoing thing you need to, this isn’t like a cleanup or an audit if you will, right? This is something that’s kind of always working there for you if some breach happens or something else next Tuesday, you’re going to be made aware, not immediately that it happened but once the data is kind of out there and pops up on Michael’s radar, correct?

Mike: Yeah. What we’re doing is impersonating hackers, getting access to the files that they’re passing around and then these domains, information as Scott said about the individual employees, about the companies themselves, about the companies that they work with are involved there. Just to add on to what he said, yes, we’re collecting continuously. What we’re trying to do is really provide enough context to understand where the information came from so that we can help folks change their habits proactively. You might find that you got one of the emails that you mentioned not because there’s any data out there actually about you but because you signed up for a free vacation and gave away your email address, thinking that it was innocuous and what happened was as soon as you turned that information over to a third party, again that third party doesn’t necessarily take security as their first concern. They lose your email address, you end up as part of this campaign [inaudible 00:26:14] we were talking about folks being opportunistic.

This is what we mean by opportunistic. They’re doing the exact same things that we do in sales which is they’re betting that if they make 1,000 of these emails, that two or three of them will come up a hit or some fractional percentage. That’s how you get involved in these things is really just by innocuous little behaviors that other folks might not take or try to even protect their email address which they figure, “Well everybody knows it by now, so it must be okay for me to enter it on this site.” It’s really not. We want to provide as much context as possible if we have a label for the actual site where it came from, we’ll mention the site where it came from. If we picked up information like the username that we created, which might be unique to that particular service, we’ll give you the username, but you can start to connect the dots with context and change behavior.

Jesse: Nice. So not to be too fear-mongering for everybody, but globally is this kind of true anywhere you enter your username and password and various credentials online, whether it’s on your own website or like you said a third party website, no matter how trusted that may seem, there is a chance for that to be compromised, either directly by some kind of phishing or masking type of hacking where they’re somehow stealing it as you’re inputting it, or in that down the road, that list, that database somehow got compromised or lost or a laptop got stolen, that anywhere you’re putting your information online, there is a down the road chance for it to be compromised without regard to the entity here, right and their levels of security and discipline, that if you’re sitting there thinking this is never going to happen to me, if you’re using your computer and logging into things, you definitely have a chance. Am I understanding it or –

Scott: No, I think you’re making a very good point. You’re keeping it very simple and if you shared information, that information is being digitized and that information therefore is at risk. It’s very simple. Whether you specifically enter your information into a product or a service online or you download an app associated with your device who in turn passes your information along to a third party, and then that third party probably has their own third parties that they depend upon to help deliver that great new app or that great new service or website or product. So yes, our information makes our lives easier, our devices makes our lives easier, but it then puts us at risk and at the end of the day, there’s no need to put our head in the sand to think that we can’t do anything about it. Instead, there are things that you can do and we’re just working very hard to make that easier for individuals and businesses.

Jesse: Right. Again, not to kind of freak people out, but I think it’s worth checking out … At least do the trial, talk with Scott, get engaged with Michael and their services and how this works. I was pretty blown away. The first five minutes when Scott and Jeff were talking to me about it, I was kind of eh, but as we got to talk and it’s like holy crap, this is super powerful, especially for down the road. I really like what you said Michael about … Not to paraphrase, but you’re kind of like a bad guy double agent you’re saying, right? Like you’re hanging out in the same dark web bar as the dude who’s actually trying to compromise me, trying to find the same list as he is, right? You’re not getting this in some different way, you’re actually getting the same data the criminals are, I mean to paraphrase it.

Mike: Yeah, that’s exactly right. So again, it is about information parity. Once you know what they have, it’s easy to see what they could take advantage of but again, to return to the earlier point, this is really about what they might have in the future. If you don’t realize that you’re using the same password over every service is an issue, wait till one of them gets popped and if you don’t have a service like this, you won’t know that until … Maybe you’ll never know until it’s already taken advantage of, but it’s important to see the actual password, understand why you can’t reuse it all the time, understand why it’s weak, and move to some kind of best practice. Because again, these folks are opportunistic and so they’re after low hanging fruit. So one of the best defenses is just to take the small, simple steps that don’t leave you as exposed.

Jesse: I’ll mention it again for everybody and then if you gentlemen have some closing thoughts or things maybe that we didn’t want to cover, you want to make sure everybody’s aware of, and then we can wrap it up because I think this was great information. Again, ties back to our other episode for worrying about your website. You got to protect that sucker. If your web goes on, especially now with the lack of physical interaction we’re having at businesses, your website is more important than ever. Keeping it up, keeping it going is extremely important so any way to get compromised here was the point of that episode and then the continuation on this one. So if you’re interested in this product from Core ID Services, it’s called CIA, you can learn more about it and Scott’s going to give you that free 30-day trial, go to LocalSEOTactics.com/CoreID and get yourself hooked up there. Scott or Michael, did you have any other closing thoughts or things you wanted to leave us with?

Scott: I think I just wanted to help … As you were doing a nice job sort of tying this together, a website functions, which you’re helping people do, and it’s extraordinary, all the things that you do to help businesses as well and learning from you, everything that you’re doing is really valuable and those are connected and tied to credentials. Those things are up and so just because your company has been part of a data breach or your information has been a part of a data breach, not related to your company but to a third party, at the end of the day, that can ultimately turn into your website being defaced. That could turn into your website being brought down so all of this data does interconnect and at the end of the day, your customer and client exposure very much is based on your website, your web presence, and keeping that safe along with keeping the data safe of your clients and your customers is so important.

Again, it’s a solution that we believe involves not only knowing about this but working with the employees on your team to let them know we think this is important and this is how we’re going to protect our business and keep it going with so many more employees now having to work remotely, there are that many more accounts that people are setting up online today that they didn’t have to set up two months ago.

Now people are more spread out. They may not be thinking about all the importance, the regular importance of keeping good cyber hygiene, good password and credential hygiene, so together, we believe that the service not only will help provide exposure to the information that will help keep the business safe, but it will also remind employees this is something we’re all working at together and the more we do together and the more we protect ourselves together, the more successful we’ll be and the more businesses can thrive. So at the end of the day, that’s really what we want to do, help employers, help employees change behaviors and not have to worry about this as a nightmare scenario. Instead they just continue to focus on what they want to accomplish with their business and [inaudible 00:34:08]

Jesse: I think like Michael said early on here too in the interview is this isn’t stopping the cat and mouse game between the good buys, their tools, their hardware, and the bad guys and their tactics, isn’t stopping, so adding something like your service to the arsenal, if it’s not already part of it, definitely fills a big gap for everybody out there, so –

Scott: Absolutely, if they already are using something, they can check ours out and see how it compares. Happy to allow them to do that.

Jesse: Michael, any closing thoughts from you?

Mike: Yeah. Ditto everything Scott said, but please come check it out. The best way is to sign up, see what’s out there and then make your decision but since it’s being offered out there, I would encourage everybody listening to take him up on it.

Jesse: Stellar. All right [inaudible 00:34:58] … Excuse me, that about does it gentlemen. I appreciate you guys being on here.

Scott: Well Jesse, thank you for putting up with the delays in getting here. I’m so glad we did. I’m actually kind of glad you kind of got two podcasts out of this and I’m just excited, so thank you Jesse. Really appreciate it.

Jesse: Absolutely man.

Scott: All right buddy.

Jesse: All right, you can drop off whenever you want.

Scott: Take care sir.

Jesse: We’ll be in touch man. Take care.

All right, so a huge thank you to Scott and Michael for jumping on there. Hopefully you guys and gals learned some things about the dark web, about some of these things that can get compromised and how that rolls back to your business and I want to mention too, I didn’t get into it huge for the sake of their time, because both of them kind of have a hard stop there for the amount of time we could put onto the show, but when Scott and I were talking, not only did Scott share with me some of my own personal information that was out there and potentially compromised, but also some former employees that had worked here and these people were people that definitely were webmasters and web developers within our company that had login credentials to sensitive areas and things of that nature and the point on that is it’s not just about you. The person listening to this, it’s not just your information, it’s people within your business that could potentially have their information compromised out there and this tool is going to be able to help you see all of that.

Anything from your websites, your users, your employees, your team members to third parties so it’s pretty wide open and it’s an amazing tool to kind of give you that security and know that your information is locked down and that your people are managing it correctly and like Scott and Michael said, really change the habits at the end of the day. You’re going to find this information, take some action as needed, but then also leverage it to train people so we have better practices and don’t get compromised in the future.

So with that, let’s jump into our five star review of the week. We’ve got a five star review on our Google My Business page here from Al Boyle. Al, how’s it going? Al and I had just traded some emails here this last week as well and I had asked Al, “Hey, I appreciate the feedback. I’m glad you loved the show.” Helped him out with some questions and said, “Could you … Mind leaving a review if you’re getting value out of it?” He jumped on within a matter of minutes and left us this awesome five star review. Al said, “Love the podcast. Great insights and actionable information. Most episodes are 30 minutes or less making them easy to consume in one listen.” Just like I kind of always say, really echoed some of the things that we try to do on it, so I appreciate the feedback, Al. I think this episode here might be a little bit longer with the interview but still great information and I appreciate that and really that’s what we love about doing the show is folks like Al, people that listen to the show and ask questions and engage with us via email and phone conversations to help your business out.

This isn’t just a show where we get up and talk about some local SEO stuff. This is what we do for a business. We do help you out if you need help. Please reach out to us whether it’s with your Google My Business, SEO on your website, maybe just SEO strategies consultation, whatever you need in the realm of digital marketing and SEO, feel free to tap us on the shoulder. We’ll see if we can help or maybe connect you with somebody who can if we can’t. We’re always here for that, so thanks again Al. Everybody else, we’d love to get a review from you if you haven’t left one yet. Really helps the show out and again lets us know if we’re doing a good job. Go to LocalSEOTactics.com. Down to the bottom left, you’ll see an area for reviews. You can either read our reviews or leave us a review, whichever route you want to go.

You’ll be connected [inaudible 00:38:46] so check that out and of course if you haven’t used our free instant SEO audit, you should check that out too. Top right corner of our website, LocalSEOTactics.com, yellow button. Free instant SEO audit, you plug in your website page, or a competitor if you want to reverse engineer them, plug in the keyword that you want to be optimized for or grade against and it’s going to spit you out an awesome report that you can take action items and assign them to somebody else, delegate them, do them yourself depending on your skill level or again take them to an agency like us or somebody else and point to it and say we need to fix this stuff so check that out, LocalSEOTactics.com. That’s all for this week and I appreciate everybody tuning in and [inaudible 00:39:29].

To share your thoughts:

  • Send us a comment or question in the section below.
  • Share this show on Facebook.

To help out the show:

Your ratings and reviews really help and we read each one.

LINKS

MP3 Audio DOWNLOAD THE MP3 AUDIO FILE

Listen to the episode however you like with the audio file.

VideoWATCH VIDEO OF THE SHOW

SHOW FEEDBACK

We're here to help! Share your thoughts on what you'd like us to focus on, or what challenges you are facing right now.