One of the nicest and most humane things we can teach others is to embrace digital distrust.
As happens when you tap into a zeitgeist, this term came to me after my daughter was tricked into handing over her Instagram account details.
Then I discovered that "digital distrust" has been talked about by others, albeit with some different meanings.
What I'm going to argue is that we all need to distrust unexpected messages we receive in digital format, especially messages from friends and family.
This goes against the grain of our social nature as human beings and is a challenge for those of us who've been brought up to be decent, trusting humans.
So let's dive in.
What is digital distrust?
When I use the term, digital distrust, I mean adopting the position that every unsolicited message you receive from family, friends, colleagues, or strangers, needs to be viewed with suspicion.
This is especially the case when there is something a little out of the ordinary or sensitive in the message.
For example, requests for money, or for passwords, or for helping them re-establish their new social media account they had to open because they've been hacked, etc.
Similarly, emails, messages, or phone calls about overdue accounts, subscription renewals, fines, or parcel delivery are to be ignored until you can verify them through independent channels.
Digital distrust differs from normal distrust because when you are face to face with somebody, you can read their eyes and body language, hear any telltale signs of stress or deceipt in their voice, and observe the situation in which the exchange is taking place.
For digital messages, all you have are the words and the phone number/email address/DM account - and each of these can be mimicked or spoofed.
My daughter's experience
We had an eerie start to the day, recently, when one of our daughter's messaged to say her phone was being called by a stranger claiming to be the Instagram help desk to help recover her account from being hacked.
And the thing that drew her into this web of misdirection and hacking was a seemingly innocent message from a friend explaining that she had lost her social account and was starting a new one, thus needing my daughter to copy and send a message back to her.
We all want to help a friend in need but in this case it wasn't a friend, it was a vicious, broken, despicable human being practicing the art of phishing and hacking.
It took a few days to follow Instagram's guidelines for getting account ownership back, including one hurdle that was unexpected.
Because we try to follow good digital hygiene, my daughter does not share photos of herself on her account (she is still a minor), but one of Instagram's account verification steps is to compare a photo of you with photos of you already on your account. That failed, of course.
We ultimately worked through the maze but my daughter's shock and fear over something that might be described, unkindly, as a "first world problem", prompted me to write this post because it all could have been avoided if she'd been taught to embrace digital distrust.
As we discussed, she could have called her friend through What's App, to confirm that she had actually lost her account and was trying to establish a new one.
That one step would have avoided this mess.
Let's all try to embrace digital distrust together to build more trust and safety
It's ironic, practicing digital distrust to build actual trust, but that's where we are as a species.
Everything in our DNA wants to help and trust others, but it turns out the greatest love of all is not as Whitney Houston sang, learning to love yourself, but rather it's learning to love and prefer the organic, analog connections you have with others and to not feel bad about treating digital messaging with much suspicion.
A few small steps were canvassed in my article, 7 quick wins for small business cybersecurity: How to keep your website, passwords, and email secure, with the most effective of these being turning on 2FA or two factor authentication for all online accounts.
And yet, despite many online companies offering the service, some of them still seem to prefer us not bothering.
For example, I use Hubspot's CRM service and I have 2FA turned on but every time I log in and enter my code it asks me whether I wanted to keep using two factor authentication.
That is guaranteed to make people err on the side of saying no and returning to non-2FA.
So, if big companies won't force us, we need to find the intrinsic motivation to turn these settings on ourselves.
And it will need a mindset shift.
For example, by expecting to have to open an authenticator app to get a code every time I open various online services, it removes that frustration of wanting to log in quickly and then having to stop and check for a code. A simple shift of expectation makes a world of difference.
So, whether it's using authentication methods for email, accounting software, banking, social media, and other accounts, or being steely disciplined in employing digital distrust with every single message, you will be doing the best you can to protect your business, savings, and privacy in this new world.
PS As AI services make it easy for scammers to write with better English and even mimic voices, we will need to double down even further into the future. Watch this space carefully.