Cybersecurity Awareness Month: Avoiding Social Engineering and Phishing Attacks
Live Assured is more than just a tagline; it’s our promise to you that even during times of uncertainty, Preferred Mutual will always be here to protect what matters to you!
October is Cybersecurity Awareness Month and Preferred Mutual is here to help you understand how and why your information could be at risk!
Our world has been moving in the direction of virtual reality for quite some time, but with the COVID-19 pandemic and many companies transitioning to remote workstations overnight, it is even more important now to be aware of how your information can be obtained or compromised.
What is a social engineering attack?
An attacker uses human interaction, such as social media or in-person visits, to obtain or compromise information about you, your company or its computer systems. A professional social engineering attack may seem unassuming and respectable; someone claiming to be a new employee, a repair person, or researcher, going as far as offering credentials to support who they are claiming to be. However, by asking questions, he or she may be putting pieces together in order to collect enough information to infiltrate an organization’s network.
Be wary, because even a snippet of information from you as the attacker is contacting other sources within your organization can still put two and two together!
What is a phishing attack?
A form of social engineering, phishing attacks use email, text or malicious websites to solicit personal information by posing as the trustworthy organization! For example, they may send an email seemingly from a reputable credit card company or financial institution that is requesting account information, often noting an issue. When users respond, the attackers can use it to gain access to the accounts.
Phishing attacks appear as charities, representatives from banking institutions, taking advantage of current events and cyclical events such as political elections. Here are a few other times of year phishing attacks take place:
- Natural disasters (e.g., hurricanes, tropical storms)
- Epidemics and health scares (e.g., H1N1, COVID-19)
- Economic concerns (e.g., IRS scams)
- Major political elections (e.g., upcoming primary elections)
How do you avoid being a victim?
- Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Don't send sensitive information over the internet before checking a website's security.
- Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic.
If you believe you might have revealed sensitive information in any of the ways mentioned above, report it to the appropriate people within your department, including your network administrators. They can be on the lookout for any suspicious or unusual activity! If your personal information was compromised, consider reporting the attack to the police, and filing a report with the Federal Trade Commission.
Live Assured is more than just a tagline; it’s our promise to you that even during times of uncertainty, Preferred Mutual will always be here to protect what matters to you! That’s why we offer Identity Fraud Coverage as an endorsement to your Homeowners, Mobile Home, Condo or Renter’s insurance policy with us!