As I have come up with topics for this blog I have found that often a brief title triggers multiple thoughts. Dun & Bradstreet was the subject of a prior blog which related my distaste for fear based marketing. But, it is because Dun & Bradstreet has a well known name that it can engage in the marketing I find objectionable. And, for my company, its common marketing tactics of telephone calls that “You have new information in our files; pay us to find out about it…” are such that it did not surprise me when we got a similar email addressed to one of our employees. However, although the email stated something like the above, at least at that time, D&B had not sent such an email. The employee who received the email got very nervous about it – it did scare him. The message said something like “A complaint has been filed…click here to read it.” Coincidentally, all of our staff had been warned by our computer technician shortly before this not to open any strange email even if it looked official as this one did. My employee contacted me via email while I was out of town to ask what to do. Sadly, before I could respond, temptation got the best of him and he hit the “click here” button. Nothing happened immediately, but within a very few minutes a virus took over our email system and server. This happened on a Friday and quick actions were taken to power off all of the computers, but much damage was done. Many hours and thousands of dollars were spent correcting the problem, a problem that should never have occurred. The email purportedly from D&B had numerous typos and errors, for example, it said it was from “Dun and brad street.” The employee should have realized it was not real. But, it sounded real and came from a well known entity. Not to pick on D&B further, we subsequently received similar emails from “Bank of america” (again with typos), and others mimicking well known entities. The computer terrorists who use such tactics are despicable and I could rant about them for a while. But, the point of this post is that when I think of D&B I cannot help but to think of how damaged we were by a thoughtless, careless action of an employee. This one was not D&B’s fault at all. It can’t be faulted for having a well known name. The message for business owners is be wary and train employees to be wary of anything like this. The fear tactics work – they get response – but fear needs to be managed and not allowed to do damage. For employees – “hold your horses” – ask before doing something on the computer, or perhaps in other areas, think of the consequences, be sure, not sorry.
Sometimes, despite our best efforts in preventing disasters, disaster strikes, usually, without warning. The Dun & Bradstreet / Dun and brad street debacle was, at the time it was perpetuated on Magnus, well known within the computer industry, to the point that Magnus’ long time computer consultant held a special meeting with David, me, and all of our employees, to warn us about the high likelihood of it happening to us. This meeting is still memorable to me, after all these years, because it was/is the only meeting my company has ever had with any computer consultant which had, as its sole purpose, such a warning. Our computer consultant went as far as mentioning the name of Dun & Bradstreet as an example of a common example of this type of fraud! Interestingly, although many years have passed and I remember the details of this meeting as if it were yesterday, Magnus’ employee forgot everything he was told within a few short weeks of participating in the meeting. This employee’s failure to: (1) follow long established written policies regarding proper computer use, including the prohibition of downloading anything questionable onto our server; (2) failure to adhere to the clear warnings of the computer consultant; and (3) failure to follow David’s instructions not to do anything until David could look at the suspicious email resulted in the complete destruction of our company’s computer system. In addition, the absence of work productivity that resulted from having the computer system shut down while the virus was being eradicated is something from which we never fully recovered. Besides the fact that we spent thousands upon thousands of dollars to repair our computer system, we also suffered the indirect costs associated with terminating, then interviewing and hiring a replacement for, this employee. All of this could have been prevented if only the employee had followed instructions. At some point, I began to wonder whether anyone could be so stupid to have done such a thing (and so soon after being told not to), such that I considered whether Magnus had been victim of intentional sabotage on the part of this employee. Although we will never know what led this former employee to “click here,” thus, unleashing great havoc on our company, we will always have a somber reminder of the consequences of failure to follow directions.