Even Insurance Agencies Aren't Immune to Cyber Crime
Last week we experienced an attempted email scam. Someone pretending to be the owner of our business emailed one of the employees asking them to wire transfer money to an account in Iowa. This should have been easy enough to detect but a feature in the email system we use only shows the name of the person emailing, not the actual email address, unless you click on the person’s name.
The person attempting to steal from our company either got lucky or somehow, possibly through hacking, knew the kinds of emails the owner of our agency typically writes. They are short, to the point and rarely include a signature if they’re to his employees. These are the exact kinds of emails we received, they were very short, to the point and didn’t appear to be someone other than who they were claiming to be. This could have been luck, or it could have been more premeditated, we’re still not sure.
Because we weren’t instantly tipped off or suspicious, it took several emails back and forth and eventually a phone call to the owner before we realized it was a scam. Luckily, we didn’t send any money anywhere and were able to alert the proper authorities to, hopefully, prevent this person from any further scamming attempts.
This experience inspired us to go over some best practices for internet security including Cyber Liability insurance. Had we sent the amount being requested it would have been detrimental to our operations and that’s where Crime insurance would have come in. We never thought we would be the victim, or even a target, of this kind of crime but it just goes to show that it can happen to anyone at any time.
The first thing we would like to remind everyone to do is be on the lookout. If you see any suspicious emails, do not open them. If the emails do not appear suspicious but are just a little off, double check everything and make sure you’re communicating with the right person. In our case it took a phone call to the owner to be 100% sure that we were being scammed. Pop-ups aren’t as dangerous as they once were thanks to great pop-up blocking software that is now standard on most computers and in most browsers but be careful with them as well.
The next thing we advise is to reach out to your IT department or consultant and make sure your firewalls are up to date. Hackers are constantly developing new ways to get around the safety measures that are most common, so it can never hurt to make sure you have the latest software. We love our IT consultant because he has our best interests in mind when he advises or helps us with setup and operation of our devices.
Cyber Liability Insurance can also be a great tool. Like all insurance, it’s better if you don’t find yourself in a situation where you need it but in the event that you do, it can be extremely helpful. Cyber liability doesn’t necessarily cover money stolen from a business, what it does cover is the loss of sensitive information collected and stored by a business. If you take payments online, collect sensitive data through various online forms or even store that data on the cloud or in your own servers, you need cyber liability.
Crime insurance is what would cover the scenario we experienced last week. Crime insurance covers, among other things, the left of business property, burglary or robbery and computer fraud. Depending on how you look at what could have happened to us, it could fall into any of those categories. Different insurance companies define their coverage differently and have different exclusions, so it is best to consult an agent prior to purchasing coverage to make sure you’re adequately covered.
We offer both Cyber Liability and Crime coverage for businesses and have been doing it for over 25 years. Our goal when meeting with a new, prospective or current client is to make sure they do not have any coverage gaps, uncovered exposures to loss and that the limits for the coverage they do have is enough to cover a realistic and worst-case scenario loss. New and small businesses are the most common targets for internet criminals, we just don’t hear about cyber crime unless a major company or organization has been breached.
Have you ever been hacked or had someone attempt to breach your sensitive information? Share your experience in the comments.
Follow us on social Media!