<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=905697862838810&amp;ev=PageView&amp;noscript=1">
Latest
HR Administration Employee Health & Wellness Recruiting & Employee Retention

Boosting Employee Benefits: Why HRAs Are a Smart Choice

by Andrew Grove

Taking care of employees is crucial for attracting and retaining top-tier talent. A progressive company culture, competitive salaries, and traditional benefits will always be a strong foundation for a...

Read more

Subscribe

    Fraud & Cyber Security | 3 min read

    #FightThePhish: Tips for Combating Today’s Top Cybersecurity Threat


     Written by Jeffrey Julig

    The COVID-19 pandemic accelerated the use of technology to help business leaders overcome challenges quickly. Employers across the country have spent the past 18 months managing the transition from working in the office to mobilizing their employees to work from home—and back, in many cases. The workforce transition and the adoption of new technology created opportunities for malicious actors to launch phishing attacks and scams. In fact, phishing attacks now account for more than 80% of reported security incidents.

    October is Cybersecurity Awareness Month, and the theme for this week is Fight the Phish. To help combat this threat, we encourage business leaders to promote awareness and educate their employees about the dangers of falling victim to social engineering attempts by clicking on suspicious emails, links, or attachments, or responding to unsolicited text messages or phone calls.

    In this blog post, we’ll give you tips to share with your employees about protecting themselves from phishing attempts and other cyber threats.

    Beware of Phishing Emails Targeting Remote and In-Office Employees

    In a phishing scam, cybercriminals use social engineering tactics to trick unsuspecting users into opening an attachment, clicking a link, or downloading a malicious file. Even companies with the most mature and well-tested cybersecurity controls are susceptible to this kind of attack because successful phishing attempts are able to bypass layers of technical safeguards and exploit human vulnerabilities to compromise networks and steal sensitive information.

    Phishing attacks are most often emails, text messages, or chat engagements that come from a stranger, someone you were not expecting, or from an account of a trusted person that was compromised. They are often disguised as promotions, workplace emails, requests for access, or communication from a company. Other popular examples of phishing tactics include:

    • Remote work services enrollment
    • Workplace policy emails
    • VPN or other software updates
    • Password updates/reminders
    • Multi-factor authentication setup
    • Unsolicited calls from IT support
    • Emotional appeals that include the need to act with urgency or outside of normal communication channels
    • Requests to complete financial transactions (i.e. transfer funds, buy gift cards, etc.)

    Quick Tips to Share with Your Employees About Avoiding Phishing Attempts

    Arming your employees with the following information can help them protect themselves—and your business—from risks posed by phishing scams:

    • Examine the URL. If you click a URL that directs you to a login page, look at the URL to ensure it is correct.
    • Think twice. Read emails thoroughly and be wary of offers that seem too good to be true.
    • Bookmark sites. Avoid using search engines to find deals. Using trusted sites can help reduce the chance of landing on a malicious site using a fake domain.
    • Look at the domain name. Some attackers modify domains to catch targets off guard. For example, if the correct domain was www.example.com, the phishers may register “examp1e.com” or “example.co”.

    • Always verify. Verify that the email is from a trusted sender before engaging. Call or email the sender to confirm it is legitimate. It is also wise to be suspicious of messages from trusted senders that ask you to act with urgency or complete financial transactions, because their account may have been compromised.
    • If the email seems suspicious, report it! Even if you’ve already interacted with the link or attachment, report the threat to your information security team.

    All employees represent a critical line of defense against relentless phishing attempts carefully designed to gain access to your (and your customers’) sensitive data and information systems. Each email they receive may be a threat, so it’s important to remind your team to be cautious with all messages, even from people they have previously communicated with and trust. When viewing email, remind your employees to think before they act, and report suspicious messages immediately.

    This Cybersecurity Awareness Month—and every month—remember to do your part and #BeCyberSmart!

    Cybersecurity Checklist 2021

    Related Categories

    Fraud & Cyber Security

    Jeffrey Julig

    Jeffrey Julig is Vice President and Chief Information Security Officer (CISO) for SWBC. In this role, he leads a team of security professionals to protect SWBC’s diverse lines of business from internal and external cyber threats. Jeffrey is passionate about information security and privacy and belongs to numerous international, national, and local professional and community organizations. He has a Bachelor of Science degree in Cybersecurity from the University of Maryland University College and earned several of the information security industry’s most respected certifications, including the Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and Law of Data Security and Investigations (GIAC-GLEG) certifications. Jeffrey attended the Department of Defense Cybercrime Investigations Training Academy (DCITA) and is a certified digital forensics examiner.

    You may also like:

    Fraud & Cyber Security

    Cyber Liability Underwriters Require Companies to Do These 6 Things

    If your organization isn’t practicing basic security hygiene, you may not have access to cyber liability insurance. Most...

    Fraud & Cyber Security

    Common Retail Insurance Claims and How to Avoid Them

    Retail business owners often operate on tight margins, and challenges like shoplifting, employee theft, weather and fire...

    Fraud & Cyber Security Insurance

    Reimagining To-Go Revenue with Ghost Kitchens and Virtual Brands

    Ghost kitchens and virtual brands represent an exciting new trend in the restaurant industry. By totally reimagining the...

    Let Us Know What You Thought about this Post.

    Put your Comment Below.

    Blog-CTA-Icon_Webinar-Video

    FREE WEBINAR

    Navigating Mental Wellness: Strategies for Conquering Workplace Challenges

    Join our webinar for strategies on mental wellness and prioritizing your and your employee's well-being. 
    Wednesday, May 8 | 10 a.m. CDT 

    Watch Now
    About Disclosures Privacy Policy Privacy Policy for California Residents

    © 2020 SWBC. All Rights Reserved. Headquartered at 9311 San Pedro Avenue, San Antonio, Texas 78216.