Keeping pace with the ever evolving and increasingly sophisticated nature of cyber threats is important for all businesses. Once again, we take a deeper look at key cyber threats, identifying emerging cyber trends, and sharing our insights and understanding with brokers. 

Join us as we shine a light on the murky world of phishing attacks in 2023 and take the lid off some of the more common methods being used by cyber criminals, as well as some unwelcome new threats that we’ve spotted.

Surprisingly, many businesses are still under the mistaken belief that their security strategies of previous years are sufficient for today’s cyber threats, or that they can’t possibly be a target themselves. Unfortunately, we believe that they’re wrong. Ultimately, nobody is immune to cybercrime, and phishing and ransomware attacks continue to be the mainstay cyber threat that criminals employ to gain access to accounts, stealing key information in the process.

The fact is phishing is all too common and the threat is on the rise:

• Phishing attacks occur once every 11 seconds online

• Nearly 83% of companies experience phishing attacks  

• 36% of all data breaches involve phishing of one kind or another

To start with, you need to recognise a scam when you see it and businesses should familiarise themselves with the giveaway signs that allow you to spot when something is not above board:

• Email address: Check the sender's email address carefully. Phishing emails often come from fake or suspicious looking addresses. 

• Urgency: Phishing attacks often create a sense of urgency to make the victim act quickly without thinking.

• Misspellings and grammatical mistakes: Many phishing emails contain spelling and grammatical errors, as they are often sent out in large quantities without much effort put into them. 

• Suspicious links: Hover over any links in the email to see where they lead. If the URL looks suspicious or unfamiliar, do not click on it.

• Request for personal information: Legitimate companies will never ask for personal information such as passwords or credit card numbers through email. 

• Attachments: Be cautious of attachments, as they can contain malware or viruses.

• Unfamiliar sender: If you receive an email from someone you don't know, or who doesn't seem relevant to you, it's best to delete it without opening it.

At present, five of the most common types of phishing include:

1. Spear Phishing: This type of attack is highly targeted and personalised, often using personal information and social engineering to make the victim more likely to fall for it.
2. Whaling: Like spear phishing but targeted towards high-level executives or individuals with access to sensitive information in a company.
3. Clone Phishing: Attackers create an almost identical copy of a legitimate email or website to trick victims into providing their personal information.
4. Vishing: A form of phishing that is done through phone calls, where the attackers’ tactics are to entice victims into divulging sensitive information.
5. Smishing: Like phishing but done through by sending deceptive text messages instead.

Today, phishing accounts for 16% of all cyber-attacks which clearly indicates that cyber security measures and staff education only go so far in protecting a business.  

Cyber insurance goes a step further and it’s a step we strongly recommend a business takes.

Our cyber insurance solution goes further 

What’s best for businesses of every size – small, medium, and blue-chip – is to plan for every eventuality, even a dreaded data breach. Any form of attack though could significantly impact a company, both financially and operationally, which is when cyber insurance could prove invaluable. 

Our own product provides businesses with a simple, robust solution for a range of first party and third-party risks related to cyber-attacks, all backed by strong breach response and restorative support services.

We hope you agree on the importance of learning more about the world of cyber and its risks. To this end, we’ve created Decoding Cyber, an education tool designed to help brokers talk to their clients about cyber risks and coverage with confidence. 

By continuing to supply brokers with insightful thought-leadership and engaging content, we can help increase awareness of the cyber threats that businesses face and increase cyber resilience within our industry and beyond.

_Disclaimer

_{The information provided in this content is intended for UK insurance brokers acting on behalf of their prospective or existing clients.}

_{Any description is for general information purposes only and does not constitute an offer to sell or a solicitation of an offer to buy any product. Policyholders who have questions or wish to arrange or amend cover should contact their insurance broker. Insurance brokers can find details of how to contact us here.}

_{Any descriptions of coverage contained are meant to be general in nature and do not include nor are intended to include all of the actual terms, benefits, and limitations found in an insurance policy. The terms of any specific policy will instead govern that policy. Any guidance for UK insurance brokers is intended to provide general information only, and should not be used as a substitute for legal advice.}