Hack Day: Phishing: Don’t get caught

Director of SME, commercial insurance, Gareth Hemming, explores what brokers and businesses can to do stave off a phishing attack.

Dozens upon dozens of emails every day in your inbox. Sometimes it’s really hard to keep up. Get that email responded to, forward that one for your boss’s thoughts; complete the actions on that one.

Just complete the information they requested in that email and get it sent. Sometimes it feels like a never ending barrage of unread emails.  Hang on, why is there now a virus on my computer?

Swifty’s hack highlights just how easy it is to get caught.

Sometimes in the busyness of everyday, it’s easy to get on with your job, without always considering the ramifications of what you are doing. That’s where cyber criminals can make an inroad into your business by a Phishing attack.

According to a cyber security survey by the UK government 72% of cyber breaches in 2017 involved phishing? It is the most common type of attack.

How do you prevent Phishing attacks on your business?
Staff awareness is the best start towards avoiding Phishing attacks. They all need to be conscious of what links they are selecting – only going to trusted sites that begin with a “HTTPS”.

Think about hovering over the link to see if it reads correctly. If in any doubt, don’t go to site. And no matter what, don’t ever supply any sensitive data to a website.

Let your staff know never to download files from suspicious emails or websites – they could be infected with Spyware or Malware which could cause real problems on your IT infrastructure. They need to be wary of pop-ups – you can block these but if one does appear, get rid of quickly by using the small “x” in the corner of the window.

What can you do you protect your business against phishing?
It’s a good idea to keep up to date with the latest phishing techniques as there are new developments all the time. You could also consider installing an anti-phishing toolbar – which runs a quick check on the site you want to visit to see if it is a known phishing site.

If it is one, then the toolbar will let you know. You should also keep your web browser up to date – these updates will have the latest security patches to close the door to cyber criminals.

This should also be accompanied by using a high quality firewall – you need to consider both a desktop firewall and a network firewall to act as a buffer between your company and the outside world.

If you are hit by phishing, what do you do?
If you are hit by a phishing attack, disconnect the device from the internet. This can prevent the malware from spreading to other devices in your business and stop anyone from outside your business remotely access your IT infrastructure.

Then back up your files and run your Anti-Virus Software. If in any doubt, consult an IT specialist for help. Many insurers offer cyber cover to protect businesses against this form of attack – including us here at Aviva.

We believe it’s really important to get the right level of cover in place as cyber criminals are smart, but you can put up your best defences against them.

And be sure to check in with our live updates and webinars which reveal the latest insight into the cyber insurance world.

This article is intended to provide a high-level overview and should not be relied upon without further advice or investigation. Aviva is not responsible for its accuracy. Whilst we take reasonable care in providing it, we will not be liable for any loss incurred as a result of any person relying or not relying on it, provided that we do not exclude or limit in any way any liability where it would be unlawful to do so.