Fighting Cybermonsters™ With Mindfulness With Sandra Estok
Technology is present in everything you do, which means no one is safe from cybercrime. This is why you need to practice mindfulness because hackers will try every trick to get to you. Join Moneeka Sawyer as she talks to Sandra Estok about cybercrime and cybersecurity. Sandra is the Founder and CEO of Way2Protect where her main goal is to simplify cybersecurity for everyone. She is also the author of Happily Ever Cyber!. Listen to this episode to fully protect yourself from all the cybermonsters™ out there.
Watch the episode here
Listen to the podcast here
Fighting Cybermonsters™ With Mindfulness With Sandra Estok
Real Estate Investing For Women
I am so excited to welcome to the show, Sandra Estok. Sandra, Founder of Way2Protect, is a cybersecurity keynote speaker, corporate trainer, and author of the international bestselling series Happily Ever Cyber. Through her publication, Sandra is committed to share her journey, experience and expertise, using simple concepts and inspirational stories to help others protect what most matters to them against hackers, scammers and cybermonsters.
She brings years of multicultural and cross-functional experience in the US, Latin America and Europe in the areas of cybersecurity, IT and data privacy. Sandra has held numerous positions in Fortune 500 companies, private and public organizations. Sandra holds an MBA, Industry Certificate in IT, cybersecurity and data privacy.
Sandra, how are you? Welcome to the show.
Thank you so much. I am so excited to be here with you.
This is such an interesting topic. I never even considered having anybody talk on this show about this until I met you. First of all, most people talking about cybersecurity make my brain feel like it’s going to blow up. They are often very boring, which you are not. I see a lot of relevance with regards to real estate. I’m excited about what you are going to be talking about with your relationship to real estate. Before we even get into that, could you tell us your amazing story about how you even got into this?
It started many years ago. I was returning from visiting my mom when I was in Columbia. As we were landing in Miami, the pilot announced that Homeland Security Officers were boarding the plane. I hand in my passport with my work visa. The next thing I know, I’m the only one being marched off the plane and thrown into a room. That room exists in every airport and every country. There is a room. I was escorted there. There are no phone calls. I don’t know what’s happening. My husband was waiting for me in Chicago and I’m about to miss my connecting flight. Ten hours later, they handed back my passport and it was revoked.
I did not know what was happening. A few weeks later, I’m back in Venezuela, where I am from. I have everyone supporting me. I have attorneys. We are in the interview trying to get a new visa. In this interview, the officials kept asking me about China. They were like, “Why were you in China? Who do you know in China? Who is your contact?” I don’t know what they are talking about. I have never been to China. Somehow, a smuggler in China got ahold of my information and has been smuggling women into the US using my identity.
Any industry that has money, big or small, is a target of cybercrime.
I convinced them that I’m not a small smuggler. I get my new visa. I come back home and everything is okay. Two weeks later, I’m returning from Europe. My job was to travel. That was part of her idea at the time. I’m returning. I get off the plane. I get to passport control and I’m right back into the same room because I have to prove that I’m the real me over and over. Every time I travel for six years. When I go, my name and everything was in Chinese. I had the import and export companies under my name. Nobody wanted to travel with me, not even my husband.
Finally, I got my US citizenship, passport and my new name. I changed my name. A year later, I entered the world of cybersecurity after I got my US citizenship. At the time, I did not realize what happened to me. I was like, “This is probably normal.” This was back in 2006. We didn’t have a lot of news about cybersecurity. It was not every day we see it now, back then was not. Being only IT, I did not connect the dots. A year later, I joined and it blew my mind. Understanding the cybermonsters, we can talk about that later, but understanding how it works, what, why, how and who is behind all the cybercrime. It became a passion.
I was in the corporate world for a long time. The more I learn about cybersecurity, the more I got passionate about it. The more I wanted to share that passion differently. I had many different positions and having building a team or building a program and teaching the employees of those companies that I worked for. I discovered that I enjoy that part. It is boring, it is not something appealing. Nothing is exciting about cybersecurity. That is what I want to change because the reality is identity theft or cybercrime can happen to any of us. Unless we know how and what to do, it could happen to any of your audience or you as well.
Many people in my family have experienced identity theft, not cybersecurity and such. It’s a big deal. It happens to so many people. Cybersecurity, we don’t think of it on a small scale. We think of that as that happens to the big companies, those are the targets. I would contend to say that the onesies and twosies, us that’s normal person people or consumers, we are the bigger target.
Forty-three percent of all the hacks in 2021 happened to small businesses. If you think about the industries like the financial industry, healthcare and small businesses. You can include all companies from 0 employees to 1,000 employees. That is usually considered small businesses or 2,000. Forty-three percent of all the hacks happened there. Real estate, your industry, is one of the industries that is impacted because any industry that has money, it’s a target. It’s a good place for hackers to get what they want. It’s either your identity or the way to impersonate you so they can get what they want from you, which in most cases is money.
Talk to me a little bit about how your approach is different from cybersecurity.
It starts with that realization that cybersecurity is very personal. Everything that we do every day in our lives somehow relates to technology. Why my approach is different is because I’m using that personal connection or stories that we all have and connecting them into the cybersecurity, cybercrime and identity theft world. I didn’t even realize that, but throughout my life, many things have happened to me that connect to cybersecurity in a way.
I’m a cyclist. I do yoga. My identity was stolen, but somehow each part got a connection. That is what I want to share because this is not my story only. The most amazing thing that happens to me when I share either the stories or training is that each person discovers their story. When we start making that connection that cybersecurity becomes personal. It’s not something super technical. I don’t have to be a geek. There are many things we all can do to reduce the chances of identity theft and cybercrime every day. That is the muscle that I want to develop and all of us to start training. When we see it that way, it’s not overwhelming anymore.
Could you tell us the biggest misconception that people might have about cybercrime?
It cannot happen to me because I’m not rich. In real estate, for example, I’m just selling a small house or I’m renting this property. It won’t happen to me. The reality is it can happen to anyone. The amount of scams that happened, especially in your industry in 2021, $149 million were lost in scams related to real estate. There are so many parties involved. In this case, you have a buyer, seller, titles and you have all these many companies. If every person in that chain thinks, “It won’t happen to me.” Unfortunately, if it happens to at least one of those all parties involved, your whole deal could be in jeopardy. That is where the loss happens. The money does not go to the seller, it goes into a different country and you can recover it.
Thinking that it won’t happen to you is one misconception. The second misconception is thinking that it’s all about technology and technical. When we were kids, we learned how to cross the street. We learned how to look both ways. We learned probably not to stick things into electrical outlets. I learned that I should not be doing that. In the same way, if you think about cybersecurity, there are things that are common things that we all can do that can reduce the chances of becoming a victim of cybercrime. The misconception that it is only technology is not true.
When we have a phone call for a deal, you are expecting a transaction to happen in your selling or buying a property. Someone calls you and says, “Your Social Security or any of the information that is related to that property. We are going to validate that. You are going to get the best rate on your mortgage. You are going to have the best deal that you can have for these new investments.” Most of us can recognize that it is a scam, and most of the time, we hang up because they are easy to spot. You know that the IRS is not going to call you. The Social Security surveys are not going to put you in jail.
Most of us have developed that. When we see a call and it’s a scam, we react to it and we hang up. There are many other things like that we will start developing. One common thing is using your password and using one password that has meaning to you. I do yoga and I do all these things. I use a password with an intention and affirmation. It helps me to get centered.
A common misconception about cybercrime is that it’s all technology and all technical. That’s not true.
A password, you won’t think that it could be used in a fun way. You might think it always has to be a lot of characters and boring but you could use that password in a way that has meaning to you. If you are an investor or buying a property and you want a big house on the beach or you have a dream of something bigger for your life, you could use your password in a way that gets you to that dream.
That is a super tip right there. I use that one. My password is also a declaration of how I’m feeling or something that I want for the future. What is funny about that is that normally, you should be changing your password every three months. If it is a declaration or affirmation, it’s fun to change it every three months, too. That is a good security tip is you don’t want to keep the same password for all your accounts. You want to have some different ones that have meaning, but the other thing is you’re wanting to change them frequently. This is a good way to encourage yourself to change them frequently.
A different password for every account is important. I love that you mentioned that. If you get hacked and compromised, you have an account where you have a rental property. You have a password that lets you go into the portals to watch or monitor what that rental property is doing. Somehow, you use the same password for your Netflix account and your Netflix account is compromised. If you are using the same password, your other place where you have sensitive information about your real estate business could be compromised as well.
Using a password manager is one of the best ways to have a very long-phrase with your declaration, but then you don’t have to remember all the other passwords because we have so many other things that we have to do remember and think about. A tool like that allows you to keep track of your passwords and make it easy for you.
Talk to us a little bit more about the password manager. Do you have a favorite? They are going to be a lot of ladies that are reading to this that this is the first time they are knowing it. Tell us a little bit about what that is.
A password manager is a tool and there are many different types, either free versions or paid versions. When it comes to something that protects my password, I would feel more comfortable paying for a service that I know is going to have a more secure solution. This is where one thing that I will caution on free, however, if you are an Apple person, there is a password manager that is embedded into your iPhone or iPad. It is part of the iOS system. There are many other versions and companies that do this. This is their business. A password manager is a tool that you will integrate all of your passwords that are associated with your email address.
If you are using five different email addresses, you can put it into your password manager and it will scan every word you have a password and it will bring that information to you. The good thing is you have a dashboard and you have a tool that will tell you where you repeating the same password. When was the last time you changed that password? How strong that password is?
One simple password of seven characters can be broken in less than point .29 seconds. A password manager allows you to have that phrase, your big declaration, inspiration or affirmation. You change everything once you achieve that declaration. It’s one more tool that you can use because you have to type it so many times. I say that phrase to myself every day, “My password makes me happy.”
Do you have a password manager that you particularly like that you might recommend?
I use Dashlane. It’s one of them, LastPass or 1Pass. What I like about that one is it includes a VPN. It’s a way that makes your connection more private. Think about you are going on a highway and when you are on the internet, there are no roads. All the cars are everywhere. When you are using a VPN, it’s like you are on your own freeway. All the information you are sharing goes only through that tunnel or lane that you are going through. Nobody can enter your lane. Especially in real estate because you do so many transactions that are very important with money.
I will suggest when you do those transactions, you activate your VPN. There are either antivirus tools that will have a VPN included or a password manager will have it or you can have a VPN on its own. Every time you do a sensitive transaction, what I recommend is that you use that VPN service because that way your information cannot be taken. Let’s say you are in a public place and using public Wi-Fi. Unfortunately, when you use public services in the same way you have access to those public services, cybermonsters, hackers or cybercriminals have also access to that.
Even if you are sending a simple email, they can intercept that information. Why is that important for your business and real estate? You are buying or selling a property. You are connecting with your buyer or seller and you are interchanging emails. If I am in a public place and I saw that house went for sale because it’s all public records. It goes to the MLS, you see that. I can start watching the communication between the two parties. When I intercept that information, I can know more details when that close is going to happen.
As that date approaches, this is one way the scams have happened is that the person that is supposed to transfer the money receives an email with fake information on the account, but you are seeing it real because it is impersonating that other person. You talked with that person. If I’m watching your email, watching how you communicate, what language did you use and how do you greet each other, it is easier for me to impersonate that agent, lawyer or person and send you a bank account that it’s not real. It sounds like a movie, but if you search online, you can see how many people have fallen for this. In real estate, many people have lost all the money because it went to a foreign country and it cannot be recovered.
In EXTRA, you are going to be talking specifically about how to protect your email. Ladies, make sure that you stay tuned for that because this is a horrifying story. Are there some other basic things that we can do that can help us to protect ourselves?
You’ll use your password every day, so choose one that’ll make you happy.
I love your show because you have a lot of guests that always are bringing positive, good vibes and there are many different topics. One topic that comes to my mind, which is connected to cybersecurity is mindfulness. If I’m going to do an email, go into social media or do this deal I’m practicing mindfulness and less at the risk of becoming a victim of cybercrime. Something that simple as being present when you do your work can be a game-changer for identity theft or cybercrime.
Give me an example of that. I’ve got about ten that I can give you, but I’m sure you’ve got some good ones.
I love to know yours, too.
Frequently, you will get something that says in your email, “It’s time for you to change your password. Please press this link.” You have to put in your old password and you have to put in a new password. If you look at the page that it goes to, it is not the actual page where you are changing the password. It was masked and it’s different. That is one.
Don’t ever put in a password unless you go to the site. Use yourself, go to that site and change the password there, don’t do it through a link that is sent to an email. The thing is that sometimes we are moving so fast, we are like, “I got to get that done.” You get it done. You move on and then you’re like, “I gave somebody my password.” You go through and you have to change all your passwords. That is one of them.
Another one is entering your email address for a similar situation. You are asked for your email address so that they can send you a verification, but you sent that email address to someplace that is not where you thought and suddenly, your email has been completely hacked. Those are a couple that I know my husband and I have experienced. How about you?
Congratulations for being attentive to all of those. Good job on keeping an eye on those emails or those things that can happen. I can give you one example that has happened a lot. It is related to when you do your banking. Most banks will have two authentications or a two-way to verify that you are you. They send you a text message and they say, “Someone is trying to get into your account. Is this you?” Even if you are not trying to get into your account. When you have to sign up for your banking, you will ask to validate that you are you and it will require a PIN that you have to enter to say that is you.
One way that cybermonsters check you out is they will try to impersonate you. There is a lot of information available to all of us for data breaches or hacks. They call the bank and they try to log in to your bank account like you. They are not going to have that PIN. That PIN, they are going to request the bank to send you a new one. When you go to your online banking and you say, “I forgot my password.” It will email or text you that validation. That scammer or cybermonster will call you and say, “We are from this bank. We sent you a verification code.”
You will be surprised how many people didn’t read the entire text. That is a request for your password to be changed. You give that PIN to the person that is calling you to validate. In some cases, they call you and say, “We are seeing transactions in your account. We are going to stop the hacker.” They are pretending that they are saving you when in reality, they are hacking you. Mindfulness is going to so many levels because whatever situation you are in, my advice is don’t take an action. Breathe.
If it is your bank that is calling you. What I will do is I hang up and I take my credit card number or I have my contacts in my bank and I will call them directly. Whatever it is, you can have a few seconds where you can breathe and then think about, “What actions do I have to do?” Call the bank. Call whoever you need to call and validate that the information that you are receiving is valid.
What I love about what you said is often, we will get a phone call from our bank or credit card company, “Is this charge valid? Are you in this location?” We think, “This is an authority. This is the bank. I don’t get my money unless I cooperate with the bank.” What you said is it may not be the bank. It’s okay to say, “Hold on. This is not a great time to chat. Let me call you right back.”
You hang up and you call the numbers that you know. It’s the same thing as verifying where you are putting your passwords online. Make sure you check the URL. I have never done that before. That’s amazing. You can say, “I’ll call you right back or this connection is not good.” You don’t need to be rude, but you do need to take a couple of more minutes. This is going to be more time out of your schedule, but is it worth it?
If you think about that for a few seconds, it can save you. In my case, six years from the nightmare. If you put it into perspective, how much can you lose for making that extra phone call and whatever transaction you are doing, validating what it is that you are doing?
Pick three things you care about the most. Know what matters most to you and start there—no need to overwhelm yourself.
Tell my ladies how they can reach you if they want more of this good stuff.
They can visit me at HappilyEverCyber.com. They can get in there. I have a gift for them. It’s the three critical but super-simple steps they can take to start protecting their information. They also have access to download a checklist. I did this checklist with all the years working in cybersecurity, data privacy. I incorporated all the things that at minimum, we should be doing to keep ourselves safe. I love for them to get that information. You don’t know, something that you have never heard before or you don’t know how to do it, do not worry because what I am committed to do is to develop content. My book is a book series where I will be creating books that are more specific about different areas.
A book only about social media and how to protect your identity, passwords or computer. You can’t protect everything. You have to know what matters most to you and start there. Pick three things that you care about the most. When you protect those three, you can pick another three and another three. You don’t have to overwhelm yourself with, “I got to do all of this.” That is the misconception that I want us to acknowledge. Don’t let the cybermonsters hack you. Start taking the action to end that. When we are training, you don’t start with a marathon. In the same way, that is how we are going to build a muscle and to make it as easy, fun and relevant to what matters most to you as possible.
The thing that comes to mind for me is technology is changing so fast. What was relevant in the past is not relevant now. Do you feel with regards to cybersecurity, things are constantly evolving and what we need to do changes? Do you feel there is a baseline of things that we need to do and then we can improve it later by working with a professional like you? Is it always changing? Is this something I constantly have to be thinking about and be aware of?
The answer is both. Things are always changing, but there are many things that when we don’t take care of the basics, that’s when we make it easy for cybermonsters to get into our lives. If you are in your house and you see holes in the walls of your house. You get up the next day and see another hole. People can sneak through any of those holes and show up in my living room where my kids, family or business is. When we see all of that, most probably, we will take action right away and close those holes. In the same way, when we don’t update our computers and our phones, they have holes in the programs or operating systems.
Those are the holes that cybermonsters take advantage of. If you are using a computer and you never update it and that is one basic thing. No matter how new technologies come and your refrigerator is talking to you, if you don’t do that basic thing, which is updating your devices and computer, you are leaving with open holes that allow cybermonsters to break in easily. It is both. New technologies are here and cybermonsters are always looking for ways to break in and to innovate, but at the same time use technology and we don’t do the basics, we will make it easy for them.
We are going to be talking about email in EXTRA. I’m excited about that and how to avoid the situation that you talked about where there is a transaction, the emails get intercepted and our money goes somewhere that it should not be going. I’m sure there are many other examples, but that’s a good one. Before we close the show, are you ready for our three rapid-fire questions?
Tell us one super tip on getting started in real estate investing.
Be passionate. If you are going to invest either being a buyer or having a business, make sure that is your passion. When that happens, you will breathe, dream and live for that. There is no better feeling than being passionate about and doing what you love to do.
What is one strategy for being successful in real estate investing?
If you are a beginner, have someone that can guide you through your journey. In my case, I have so many mentors and people helping me through the process. Whether in real estate or business, I always seek someone that knows what he is doing. I’m buying and selling a house, so I will never do it without the help of experts because this is what they do and they can learn if that is my passion. If it’s not something I want to do, I want to do it right. Always seek someone with that expertise that can take you much faster to wherever you want to go.
Always find somebody that can get you faster to the place that you want to go. That is so good. I love that. That is a good soundbite. What is one daily practice you do that contributes to your success?
Gratitude. There is not a single day that I wake up and I am not grateful for another day. Grateful for another opportunity to play and serve. Even in the tough moments, when you are not happy, something didn’t go right, I use gratitude. It is amazing how fast I get off whatever negative emotion I have and how much clarity I get even if the situation was tough, how much I understand that it was for good that it happened that way. I am always grateful for everything.
Thank you so much for everything you have offered on this portion of the show. I can’t wait to talk more in EXTRA, but thank you so much.
Always find somebody that can get you faster to the place you want to go.
Thank you. My pleasure. Remember, practice mindfulness. Be present and that alone will help you so much to reduce the chances of being a victim of identity theft for cybercrime. It makes you enjoy much more of what you are doing, which is investing.
If you are subscribed to EXTRA, stay tuned. We are going to be talking about how to protect yourself in the email. This is that thing that we use all the time, every day for everything we are doing right. It makes us vulnerable in certain ways. We are going to be talking about how to reduce that vulnerability in your email in EXTRA. This is relevant for everybody. If you are not subscribed to EXTRA, go to RealEstateInvestingForWomenEXTRA.com and sign up. You get the first seven days for free.
Get this EXTRA and find out how to protect yourself. You could read to as many as you like in the first seven days. If you love it, then you stick with it. If not, you can unsubscribe, no big deal. For those of you that are leaving us, thank you so much for joining us. You know how much I appreciate you. I look forward to seeing you next time. Until then, remember, goals without action are just dreams. Get out there, take action and create the life your heart deeply desires.
- Happily Ever Cyber
About Sandra Estok
Sandra works with organizations to increase their cybersecurity programs’ efficacy by making the content relatable and personal. As a result, companies can increase engagement and awareness of their first line of defense again cyber threats: its people.
She utilizes her journey combined with her 20 plus years of experience in the Cybersecurity, IT, and Data Privacy industries to empower your teams to take charge of their cyber safety. Throughout her career, Sandra has held numerous positions in Fortune 500 companies in the United States, Latin America, and Europe in private and public organizations.
Sandra is the author of the international bestseller and award-winning book series Happily Ever Cyber!™ and the Cyber Literacy Series for children. In addition, she is a keynote speaker and corporate trainer. Her latest project, the Inner Cyber online course, combines a unique, purposeful, and long-lasting way to adopt a cyber safety-focused lifestyle.
Love the show? Subscribe, rate, review, and share!
To listen to the EXTRA portion of this show go to RealEstateInvestingForWomenExtra.com
To see this program in video:
Search on Roku for Real Estate Investing 4 Women or go to this link: https://blissfulinvestor.com/biroku
On YouTube go to Real Estate Investing for Women
Moneeka Sawyer is often described as one of the most blissful people you will ever meet. She has been investing in Real Estate for over 20 years, so has been through all the different cycles of the market. Still, she has turned $10,000 into over $5,000,000, working only 5-10 hours per MONTH with very little stress.
While building her multi-million dollar business, she has traveled to over 55 countries, dances every single day, supports causes that are important to her, and spends lots of time with her husband of over 20 years.
She is the international best-selling author of the multiple award-winning books “Choose Bliss: The Power and Practice of Joy and Contentment” and “Real Estate Investing for Women: Expert Conversations to Increase Wealth and Happiness the Blissful Way.”
Moneeka has been featured on stages including Carnegie Hall and Nasdaq, radio, podcasts such as Achieve Your Goals with Hal Elrod, and TV stations including ABC, CBS, FOX, and the CW, impacting over 150 million people.