Protecting Your Organization Against Cyber Attacks

In today’s world everyone is susceptible to cyber attacks. In recent years, cyber attacks have emerged as one the more significant threats facing organizations of all sizes. According to a recent report from the information Systems Audit and Controls Association (ISACA), cyberattacks currently reign as the fastest growing form of crime. Some of the most common cyber attacks from 2020 were social engineering, ransomware, software update issues and web application attacks. These attacks can carry serious consequences for your organization-including lost data, disrupted operations, revenue loss, and legal fees. Consider the following measures to protect your organization from ransomware attacks:

Educate your employees. The biggest threat to your cyber security is your employees. According to historical claim data analyzed by Willis Towers Watson, 90% of all cyber claims stemmed from some type of employee error or behavior. Train your employees on how to prevent and respond to a malware attack.

Implement smart software. Install strong spam filters, anti-virus and malware programs, firewalls and patch management systems on all devices.

Enforce access controls. Only allow trusted, competent and qualified individuals access to sensitive systems or data. Such as multi-factor authentication, VPN and remote desktop protocol.

Ensure business continuity. Be sure to back up data frequently. In additional, conduct annual penetration testing and vulnerability assessments.

Ensure adequate coverage. It’s crucial to secure proper insurance coverage to stay protected in the event of a cyberattack. After all, even with proper cybersecurity measures in place, attacks can still occur.

The below link is a Cyber Risk Exposure Scorecard. After completing all of the questions, total the score to determine your organization’s level of cyber risk.

At Libertate, we want to insure that every organization is protected and prepared. We offer the following solutions and services for PEO’s and their client companies.

  • We have access to over 25 cyber carriers for the PEO.
  • Master cyber programs to protect PEO client companies.
  • Incident response platform to help identify cybersecurity issues. The cloud based platform has a 100% detection and close ratio. It is also backed by a $250K warranty should it fail the end user.
  • Our experts can evaluate your current cyber coverage that is placed outside of our agency.

For additional cyber security guidance and insurance solutions, contact us today at sales@libertateins.com.

Regions Bank Treasury Management sends out information on Emerging COVID-19 Scams

Be aware of Emerging Covid-19 Scams
Author credit: Jeffrey Taylor of Regions Treasury Management Products and Services

Several government agencies have issued a bulletin warning of a new type of COVID-19 scam. Along with the previously reported scams involving personal protective equipment (PPE), COVID-19 testing, and economic stimulus payments, fraudsters are now leveraging the availability of the COVID-19 vaccine. According to the bulletin, victims are being coerced to make an out-of-pocket payment for the vaccine and provide personally identifiable information with a false promise to move their name up on the list of vaccine recipients.

The FBI warns of the following potential indicators of fraudulent activity:

  • Advertisements or offers for early access to the vaccine upon payment of a deposit or fee
  • Requests asking for out-of-pocket payment to obtain the vaccine or be added to the COVID-19 vaccine waiting list
  • Offers to provide additional medical testing or procedures when obtaining the vaccine
  • Marketers offering to sell and/or ship doses of a vaccine, domestically or internationally, in exchange for payment of a deposit or fee
  • Unsolicited emails, telephone calls, or personal contact from someone claiming to be from a medical office, insurance company or COVID-19 vaccine center requesting personal and/or medical information to determine eligibility to participate in clinical vaccine trials or obtain the vaccine
  • Claims of FDA approval for a vaccine that cannot be verified
  • Advertisements for vaccines through social media platforms, email, telephone calls, websites or unsolicited/unknown sources
  • Unsolicited emails, telephone calls, or personal contact from someone claiming to be a government official requiring you to receive a COVID-19 vaccine


Tips to avoid COVID-19 vaccine-related fraud:

  • Consult your state’s health department website for up-to-date information about authorized vaccine distribution channels
  • Check the FDA’s website (fda.gov) for current information about vaccine emergency use authorizations
  • Consult your primary care physician before undergoing any vaccination
  • Don’t share your personal or health information with anyone other than known and trusted medical professionals
  • Check your medical bills and insurance explanation of benefits (EOBs) for any suspicious claims and promptly report such information to your health insurance provider
  • Follow guidance from the CDC and other trusted medical professionals


General techniques for online/cyber fraud prevention:

  • Verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be imitations of legitimate websites
  • Ensure operating systems and applications are updated to the most current versions
  • Update anti-malware and anti-virus software and conduct regular network scans
  • Do not enable macros on documents downloaded from an email unless necessary and only after ensuring the file is not malicious
  • Do not communicate with or open emails, attachments, or links from unknown individuals
  • Never provide personal information of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate
  • Use strong two-factor authentication, using biometrics, hardware tokens, or authentication apps
  • Disable or remove unnecessary software applications

If you believe you are a victim of a COVID-19 scam, please call Regions Client Services immediately at 1-800-787-3905, and report it to the FBI at www.ic3.gov; wwwtips.fbi.gov; or 1-800-CALL-FBI.

Want more information, or have questions?
For more helpful practices regarding fraud prevention, please visit regions.com/stopfraud and www.regions.com/fraud-prevention.

Phishing Scam Targeting PEOs

See below from our friends at NAPEO…

 

 

 

 

Today, a PEO notified NAPEO that they and their clients were the victims of a novel phishing scam. Under this scheme, fake Google advertisements were created to mimick the PEO’s legitimate ads and appeared when any variation of the PEO’s name was searched. The phony ads then redirected anyone who clicked on them to a phony log-in page for the PEO’s payroll software. The unaware victims had their personal information captured, including usernames and passwords.

The PEO is working with Google to take down the fraudulent ads. They have also notified all victims and have secured any jeopardized accounts.

Please remain vigilant against these types of scams. You should also consider checking to see if any of your company’s Google ads are being mimicked to commit fraud. Additionally, you should consider recommending that all clients and employees enable two factor authentication, where available.