Cyber criminals constantly look for ways to make money, and scamming people with phishing emails is very profitable. For these criminals, information is money, and emergency situations — like the current pandemic — provide opportunity.
How to spot a phishing scam
Insurance agencies and carriers are entrusted with a lot of valuable information (e.g., passwords, bank information, Social Security numbers, and more) that these criminals would love to get a hold of. Remaining vigilant can help keep this valuable information secure. Here are some tips to help you identify potential phishing emails:
- Beware of emails and websites related to the coronavirus. Recently, a leading provider of cyber security solutions cautioned that “coronavirus-related domains are 50% more likely to be malicious than other domains.”
- Check the sender. Is it someone you normally deal with? Are they addressing you in a way or with a tone that you would expect? Is it a name you know, but a different sending address? If you’re unsure, contact the sender using a phone number that was not provided in the suspicious email to verify who sent the message. Don’t reply to the email to ask if it’s legitimate.
- Check what is being asked of you. Are you being rushed, asked for a favor, or asked to bypass an established process? Are they asking for unusual information?
- Be wary of attachments and links, especially if it’s not something usually sent by the sender, or a different type of document delivery such as Dropbox or DocuSign.
- Don’t forward the suspected scam emails to coworkers. This can spread malicious mail.
If you think you have spotted a scam email, or just aren’t sure, it is best to contact the person who manages technology and/or systems for your agency.
Check Point Global Threat Index
MAR LC 2020-166