What type of coverage do you need?

Hacker At Work

We have been advised of a new phishing attack from one of our carriers and want to share this important information with you. While the recent attacks have been aimed at businesses, this is good information for personal users as well.

New Spear Phishing Attack Using Employee SSN As Bait

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

This new attack is made to look like it comes from FedEx. The phishing emails included the targeted employee's name and Social Security number. Noteworthy here is that these phishing emails "up the game" by actually including employee personal information in the email, which may be the reason the recipients were tricked into clicking on the email's links.

Here's some general information regarding phishing techniques:

By Email

The most common form of phishing is by email. Pretending to be from your financial institution, or a legitimate retailer or government agency, the sender asks you to "confirm" your personal information for some made-up reason. Typically, the email contains a link to a phony Web site that looks just like the real thing – with sophisticated graphics and images. In fact, the fake Web sites are near-replicas of the real one, making it hard even for experts to distinguish between the real and fake Web sites. You enter your personal information onto the Web site – and into the hands of identity thieves.

By Phone

Phishers also use the phone to hunt for personal information. Some, posing as employers, call or send emails to people who have listed themselves on job search Web sites.

Something’s Phishy If

While phishing scams can be sophisticated, the following features are often indicators that something is "phishy." Be aware of a potential scam if:

  • Someone contacts you unexpectedly and asks for your personal information such as your financial institution account number, an account password or PIN, credit card number or Social Security number. Legitimate companies and agencies don’t operate that way.
  • The sender, who is a supposed representative of a company you do business with, asks you to confirm that you have a relationship with the company. This information is on record with the real company.
  • You are warned that your account will be shut down unless you "reconfirm" your financial information.
  • Links in an email you receive ask you to provide personal information. To check whether an email or call is really from the company or agency, call it directly or go to the company's Web site (use a search engine to find it).
  • You're a job seeker who is contacted by someone claiming to be a prospective employer who wants your personal information.

**With the tax season upon us, be advised that the IRS doesn't initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.**

Be aware and stay vigilant about protecting your private information!

Make sure you're protected. Learn more about the cyber liability insurance options Dean Heckle & Hill offers.

(Article Courtesy: Beazley Insurance and IRS)

Share |


spear phishing attack said...
good site and posts

MONDAY, MARCH 26 2018 2:40 PM
jhon said...
Hmmm, Good Work as you said in your post. as Title.
"How Do You Recruit Patients Unaware Of Their Disease?" I like it. Your work is too fab. Thats a great news for us Im also working on health problems as lastly I work on you can see it otherwise your post is too good. Keep it up...
SATURDAY, APRIL 21 2018 2:38 AM

Post a Comment
Required (Not Displayed)

All comments are moderated and stripped of HTML.
Submission Validation
Change the CAPTCHA codeSpeak the CAPTCHA code
Enter the Validation Code from above.
NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2020
  • 2019
  • 2018
  • 2017

View Mobile Version

Our Customer Feedback

Our latest blogs

  • Cincinnati Insurance
  • Liberty Mutual
  • Nationwide
  • The Hartford
  • Travelers
  • Kemper
  • Progressive
  • Blue Cross Blue Shield
© Copyright 2019. All rights reserved. Powered by Insurance Website Builder