Skip to main content
For Fraud Risk, It’s Y2K All Over Again

The greatest technology scare of the at the turn of the last century was the "millennium bug." This mythical creature, we feared, would wreak havoc as digital clocks in all sorts of devices —from microwaves and fridges, to TVs and computers, to servers and entire operating systems — failed to interpret and deal with the inexorable "clicking over" from one century to the next.

IT experts, especially those who could code in the likes of COBOL, were in high demand. Almost every household and organisation (including FICO) found itself preparing for the risks of "Y2K". In the event, the preparations proved generally thorough and the millennium bug was retired with barely a whimper. Warm congratulations all around — we saved the future!

However, the danger didn’t really pass. Our reliance on technology, and especially aged standards or conventions, can ultimately leave all of us exposed. And it is this very risk which is now revisiting us.

I have often joked with friends and family that the best way to learn how a new piece of technology works is to give it to a teenager. They are generally adept, inquisitive, have a suppressed view of risk, and have more experience handling new technology than the average person. They uncover things by trial and error, they tend to ignore constraints (for once, this works in our favor), and they are far less likely to give up in frustration. The recent film Ender's Game is based on the premise (spoiler alert!) that an alien attack could only be thwarted by youngsters adept at war games.

The problem we have created by allowing our youth to assume the upper hand when it comes to technology is that we are often left feeling out of touch and inadequately prepared for "what comes next." To compensate we put in arbitrary controls, monitoring or blocks, which determined youngers can circumvent. In some cases, these blocks can generate even greater risks.

Consider the "monitoring" e-mails that appear regularly in some parents' inboxes, advising mum and dad about what their son or daughter has recently done or attempted online. The problem is that the child can quickly figure out how to switch off those controls. Meanwhile, the criminal fraternity have come to exploit the fact that parents are used to seeing "if you did not authorise this, click here" messages in their inboxes, and are fabricating messages where a click installs malware.

Criminals are also exploiting the fact that many parents — worried that their children will put in complex passwords that hide electronic information from "mom and pop" — are insisting that their family use only "common" passwords. These may be passwords that apply to many devices and online accounts belonging to the parents and other siblings, making them more vulnerable. They may be passwords that the parents themselves can remember, such as the child's date of birth – as this is public information, it’s easy for criminals to get and use.

All of this is leaving us exposed as a society to increased fraud risk through technology. We are collectively vulnerable because our technology conventions have not kept pace with the passage of time; shades of Y2K. Perhaps the Millennium Bug had a sting in its tail: It has just taken time for it to mature!

related posts