Cyber Exposures and Tips

Are you working from home or do you find yourself online more now than ever before?

Below are 6 cyber exposures to be aware of and tips to protect yourself:


#1.  Phishing Email

You receive an email with a subject heading “Important Update or Urgent Update”. The email includes links to direct you to a supposed Microsoft login page that then prompts you to enter critical information.  This is a phishing email scam, and the scammer is looking to obtain your login credentials, (log in and password) to gain access to your system.  These can appear to be coming from a recognized organization, government office or even a friend or family member.

TIP:  Emails with little information other than attachments and links in many instances are scams.  Do not click on a link or open an attachment without verifying it is from a valid source.

Be wary of emails or texts that you are not expecting, especially when they contain links or attachments and you do not know the source.  Emails or texts from friends or family that seem out of the ordinary for that individual.  If it makes you 2nd guess, it is probably a cyber scam.

If you are unsure, contact that person directly to verify it is legit.  Picking up the phone is best.  Do not forward the email to the person asking if it is legit as the hacker may have already infiltrated the system.


#2.  Hacker

You are working from home browsing a site you believe to be legitimate and click on a link which then causes your company’s network to be infected with a ransomware virus that makes your company’s network and data inaccessible.  All employee’s systems have crashed and now your company is being faced with ransom demands.

TIP: Pay attention to domain names.  Hackers will make small changes to known company domain addresses to trick you such as  Double check the website address bar prior to visiting a website.  Before you enter any personal information, be sure the site is secure and uses encryption.  You can be sure it is safe if the site starts with “https” and ends with an “s”.  Sites with just “http” are not secure.



You receive a text on your mobile phone that tells you there are relief funds available to you faster if you click on this link.

TIP:  Never click on links from suspicious senders.  If you were not expecting the text, it is most likely a scam.  You can also copy the link or website provided into your browser to determine if it is a legit company.  If this is suspicious, do not reply and delete it immediately.


#4.  Phone VISHING

You receive a phone call.  They are claiming to be the IRS indicating you owe back taxes and the government is taking legal action against you. They trick individuals into providing banking account information to avoid legal action.  Other times, they may claim to be a government agency offering you aid and will deposit funds into your account.  This is a form of social engineering called vishing and it tricks you into providing your financial or personal info.

TIP: Never reveal financial or personal information to unsolicited callers.  Hang up.  Call the organization yourself to verify legitimacy.  Be sure your employees are also aware of these scams.


#5.  Man-in-the-Middle

You are working from home and use your personal email to respond to some pressing customer needs.  Your personal email is not encrypted and a hacker gains access to your email correspondence with your customer that contained confidential sensitive information.  The hacker uses this information against your customer in an identity fraud situation and you are now faced with a 3rd party liability claim.  Your employers’ cyber insurance carrier may not cover the loss as you were not using your companies encrypted, secure email at the time of the incident.

TIP:  Only use company protected networks when working from home.  Personal emails are outside of your company’s information technology departments control and may not have the security measures in place that corporate networks contain.  Many companies will use VPN’s (Virtual Private Networks), 2 Factor Authentication and/or Multifactor Authentication along with additional security.


#6 – IoT Hacks

Internet of Things or IoT devices are commonplace in the home and offices (Alexa, Lexi, Ness).  By design, they make life easier and products supported by IoT user-friendly.  In 2020, an unsecured, internet-connected coffee machine was infected by ransomware.

TIP: If using IoT devices, but sure you have a secure internet connection with strong password protection.  VPN’s for your personal devices are available now.  Check with your internet or mobile phone provider to inquire on this valuable protection.

Use these tips to protect yourself, whether working from home for your employer, running your own business or shopping online for your own pleasure.  Educate your employees on the various scams out there and how to avoid becoming a victim.

Aside from financial losses like paying a ransom or having a thief run up your credit card bill or charges to your atm bank card tied to your checking account, you may also incur expenses to restore your identity, legal fees for government penalties or lawsuits and even temporary living expenses due to cyberbullying.

If you are concerned about the financial consequences of a cyberattack, insurance coverage is available to both businesses and families to cover losses such as cyber extortion, viruses, identity theft, data breaches, fraud, and cyber bullying.

If you have questions, contact us today!

Sources: Victor Insurance; Central Insurance; PropertyCasualty360

Comments are closed.