Matrix Group International

Month: November 2014

  • Intentional Marketing: Who Should Attend Your Next Conference or Convention?

    Intentional Marketing: Who Should Attend Your Next Conference or Convention?

    Woman on PhoneEarlier this week, I hosted a roundtable discussion with a group of select clients to discuss the future of trade shows. Instead of sending a blast email to our entire list, my marketing team sat down with me to discuss who we wanted at the discussion. We only wanted clients that have trade shows and wanted a mix of trade associations and professional societies. We also wanted Director level or higher. We sent out the first email. We got one response.

    Rather than continue to send emails, we decided I should make phone calls to the Directors, VPs and CEOs who we most wanted at the event. I called, left messages and spoke with a few people. And then I re-sent the promo email. The response was terrific. Nearly all of the organizations we targeted sent a representative.

    When clients ask us to help them increase meeting registrations and/or exhibit sales, we ask: Who do you want at the meeting? Anyone? A specific slice of your membership? Or do you want members that meet certain criteria, like members in a specific geographic area or members at risk of canceling? And then we ask: how we can let this group of companies or individuals know that you want them at your meeting?

    No, I don’t believe sending a generic, blast email is enough. In our experience, a mix of blast emails, personal emails, phone calls, and direct mail works best.

    When Matrix Group is planning its webinar series, I sit down with my team and ask them: Which clients should attend this webinar on Sitefinity, cybersecurity, design, Twitter or x topic? If my marketing team is doing its job right, they will have a list and that list gets a personal email from me, a Director or a Project Manager, or a phone call from my Cultivation Manager, in addition to getting the blast emails. We get the best response from the personal emails and the phone calls and I bet you’re not surprised by this finding.

    The next time your organization is planning a campaign to promote a meeting, publication or show, ask your team these questions:

    • Who do want to target and why?
    • What is the best way to reach them and why?

    In the end, it’s easy to just send another set of emails to your entire list but I believe you must be intentional with your marketing to get the best results.

  • Don’t Be Victimized by These Social Engineering Scams

    Don’t Be Victimized by These Social Engineering Scams

    Phishing conceptA couple of weeks ago, a client called in a panic to ask if their website had been hacked. Here’s the scenario: one of the administrative assistants had received an email from a senior VP, asking for a copy of their membership database. The email looked legit so she exported a member list and emailed it to the VP. Or she thought she did. Turns out the senior VP’s email had been spoofed. She had actually emailed the member list to an outside email; the email only appeared to have come from the VP.

    Eeek. How did this happen? Did the website get hacked? We did a scan of the server, checked the logs, and rechecked the intrusion detection service logs. No breach. So how did this happen? Turns out that the association publishes a full staff list and it would have been easy for anyone to find the email addresses of a senior VP and an admin. It’s not hard to create an email address and “hide” the email by displaying the “pretty name” in the email header. BTW, turns out a number of our clients are getting these types of emails.

    Here’s another scenario that will scare you. Several clients have reported that their exhibitors are receiving calls from people posing as the association staff exhibitor contact. The caller goes on to ask if the exhibitor has booked a hotel room. If the exhibitor says no, the caller asks for a credit card and bam, the credit card has now been breached.

    Eeek and double eeek. These types of attacks are called social engineering attacks. Wikipedia defines “social engineering. in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. The attacks described above are not technical threats, they are human threats and they are on the rise.

    So how do you protect your organization? I could spend days talking about social engineering, but here are my top tips:

    • Talk to your staff about social engineering: what it is, the dangers, what it looks like.
    • Train your staff to be suspicious. One IT Director I spoke with said, “I’ve trained my staff to be paranoid. If they get a request that looks fishy, they need to confirm the request by voice. And they are told that senior staff NEVER ask for exports and reports from the database via email.”
    • Train your staff to never divulge passwords, account numbers or other confidential information over the phone or email unless they can verify the request in person or via voice.
    • If a social engineering attack occurs, don’t sweep it under the rug and pretend it didn’t happen. Talk about it, train on it, discuss it.
    • Talk to your IT vendors about training for your staff.
    • Keep reading and educating yourself and your staff about social engineering.

    How about you? Has your organization been victimized by a social engineering hack? What are YOU doing to protect yourself and your organization?