. >> the phishing emails, click here to enter these sweepstakes? >> some of them are not as cheesy and obvious as those. ame of them, the good ones do well-crafted e-mail. say theyreason, let's knew we were meeting today. they might send an e-mail, thanks for coming today, i thought you would find this article interesting. they can make things believable by knowing you would have a conference at a certain time or something like this, but as soon as you open the pdf document or whatever it is, you are infected, and many times don't even know about it. >> a lot of it is technology. but also social engineering. >> absolutely. almost all the advanced attacks start with the exportation of a person i. a really simple attack, tricking someone to click on something. >> are the regulations of the federal level that apply to all this? >> there are standards and regulations for how we protect systems. many of them, depending on processing payments, a set there, storing government and classify data, another set of standards. there's increasing discussion on wh

so that no one can simply guess your password and be very mindful of these phishing scams, where people send out official emails've seen them and thought that looks too good to real, maybe i'll click, but i'm not going to click. if apple or your bank or email service provider, if they really need to get in touch with you to change something, they are not going to send you an email. they are qog to reach out to you in an appropriate matter. >>> how do you protect your information in the cloud? >> i will say to you. the number one -- what he says to celebrities, don't upload your images to the cloud, because there are many ways that the cloud could be hacked. we can't say it was hacked, but there could have been a vulnerability that allowed a hacker to exploit someone. if you delete your photos, oftentimes it takes four to six weeks for those photos to go away from the cloud. maybe you shouldn't up load to the cloud. make sure you have those strong passwords. instead of maybe a password, what you can do is have a pass phrase which is essentially a long sentence you would use as your password to remember it. >> i'

. >> maybe it's his email, and they may guess your password, or that's not as likely. they might phish it. how? i could pretend to be someone else and you could unknowingly give me your password. hap that happens on the internet too many times today. that's the number one issue by far. it's not an apple issue, it's an internet issue. millions of gmail users were phished. my understanding is it wasn't a breech of the infrastructure, it was a phishing expedition. there are lots of bad people that do this. what we said was, instead of just saying, hey, there is a lot of bad people that do this, we need to figure out how can we try to protect our customers on this? that the our top goal. so we're working internally about how to bring more awareness to these schemes and trying to do things to -- >> charlie: public information process? >> some of it is that. some of it is like the old -- like an old public service announcement used to be. >> charlie: right. we have to do that and in addition we have to do things where it notifies the customer quickly if it does happen. that's reactive and we