A recent study from the Internet Crime Complaint Center (IC3) found that there were more than 120,000 cyber crime-related complaints against businesses last year, resulting in more than $800 million in damages and lost revenue. One of the most common means by which cyber criminals attempt to gain access to proprietary data or information is called “phishing.” Internet phishing scams use phony emails or pop-up messages as bait to trick unsuspecting users into divulging personal information such as credit card numbers and account passwords, which are then used for identity theft.
In recent months, an even more insidious version of this scam—dubbed “spear phishing”—has been making the rounds. In a “spear phishing” attack, a criminal uses personal information to pose as a colleague or trusted source. After leveraging the personal information to gain the target’s trust, the cyber criminal will usually make a seemingly reasonable request that is actually a ploy to get access to proprietary data. This could include following a URL link, supplying usernames or passwords, or opening an attachment.
How to Protect Your Business
Although it is difficult to completely avoid the danger that spear-phishing attacks pose, keep the following tips in mind to mitigate the risks to your business:
- Never send financial or personal information electronically, even if you know the recipient well.
- Be cautious when you are asked to divulge personal information in an email. Even if it appears to be from a trusted source, it could be a hacker impersonating another person or group.
- Never click on links or open attachments from unknown sources. Even opening a file format you are familiar with can potentially give a spear-phishing attacker access to personal information stored on your device.
- Ensure that your company’s security software is up-to-date. Firewalls and anti-virus software can help protect against spear-phishing attacks.
- Encourage employees to be aware of what they post online. Spear phishing attacks often use personal information attained through social media sites in order to appear as a familiar source. Make sure that employees know how to keep this information private to protect their own security as well as that of your business.
- Check any online accounts and bank statements to ensure that no one has accessed them without authorization.
At Eaton & Berube Insurance, the protection of your business is our priority. In the event that your company does fall victim to spear phishing or another type of cyber attack that results in a data breach, it’s crucial to have cyber liability insurance coverage in place. To learn more about this type of coverage and to get a free NH cyber liability insurance quote, click here or call us today at 603-882-2766!
© 2015 Zywave, Inc. This publication is for informational purposes only. It is not intended to be exhaustive nor should any discussion or opinions be construed as compliance or legal advice.