Are you leaving agency and client data in unsafe waters where cyber criminals are known to phish?So let’s talk about phishing. Cyber crooks make a living stealing data and are always looking for opportunities. Phishing is a scam in which an identity thief pretends to be someone else, typically through an email or phone call, in order to gain your trust and phish for your financial or other sensitive data. If you don’t close the loop on your agency’s vulnerabilities, you may be baiting the hook the cyber crooks use to catch you unaware and reel in your and your clients' valuable data.
Phishing for Information
In the old days, phishing emails often came from a faraway place, with the promise of millions of dollars. These days, identity thieves have gotten smarter. Modern phishing emails or phone calls usually appear to come from a well-known company that many people do business with, such as a bank or popular software company.
Or, you may receive an email from your credit card company or bank saying there’s a problem with your account. The email looks similar to the ones you’re used to receiving from your bank. You want to take care of that problem right away, so you click the link and are taken to a website that looks just like the bank’s website. Then you log in. Unfortunately, this isn’t your bank’s website, and you’ve just given your username and password to an identity thief.
Phishing scams can appear to come from any company, big or small. All an identity thief needs to do is copy an email template and create a look-a-like website – or sound like an IT representative on the phone.
Tips to Keep Data Safe
So, how can you tell if an email or call you received is a phishing scam?
First, most companies won’t ask you to provide private or secure information from within an email or during a call they made to you. If they do, don’t trust the email or caller. Call your bank and talk to your banker about whether the call or email is legitimate.
Second, always check links before clicking on them. Slide your mouse over top of the link, and check the address that pops up or appears in the status bar. If the link doesn’t go to the company’s official site, don’t click.
Third, even if you trust the email or phone call, don’t provide any information there. Open your browser and go directly to the company’s site, rather than clicking the email link. If it’s a phone call, hang up and call the company back using the phone number from their website or your latest statement.
Protect Your Clients
Cyber coverage plans provide a variety of services to address the modern day risks and threats of business identity theft and data breach. Ensure your agency and clients are protected with cyber liability coverage. Not a member of the AmTrust family?
Barbra Merwin is SVP at AmTrust North America, a multi-national property and casualty insurer specializing in coverage for small businesses.
Want to get more policy updates, industry news, and hot tips for growing your agency? Subscribe to our blog below to be the first to know when we publish a new post. Love this article? Check out How to Avoid Public Wi-Fi Risks.
Editor’s Note: This blog was originally published on November 9, 2016 and has been updated and edited.