As a business leader working in the information security field, I usually add extra doses of "question everything", "trust no one" and "double check everything" into my life. As the holiday season approaches, everyone seem happier, more cheerful and sometimes more trusting.
Scammers are out in force trying to steal your information and identity so this post is a little reminder to be extra vigilant this holiday season. One tip is to
never ever ever ever ever share your password with anyone.
Understand that the "bad people" out there are experts at social engineering. Social engineering is the art of using social and psychological tricks to convince someone to hand over valuable information [that they normally wouldn't]. The minute you let your guard down, you are susceptible to being duped. Your bank or service provider should never ask for your password.
Make sure when someone claims to be from XYZ company, they actually are. Never give personal information unless you can verify someone's identify or the are able to verify the validity of their claims.
If you receive a call from "the bank" asking for personal info stop and question everything? Ask for their identification and call back details. Call your branch to vaidate the provided information. Only after conducting your due dilligence should you even consider providing your info and then only the bare minimum. Remember that elements like CalledID can be faked.