The COVID-19 pandemic has pushed businesses toward a model where an essential point of contact between a business and its consumers is online, forcing the world into somewhat of a digital transformation. These changes have resulted in the development of new websites, mobile apps, increased digital content and heavier online traffic. In addition, employees continue to work remotely, using personal computers and mobile devices for business.
However, as organizations are relying much more heavily on digital platforms to conduct their business, their exposures to cyber risks, vulnerabilities and liabilities are also enhanced. Use the following tips to identify and avoid scams:
- Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts claiming to have inside information on the virus.
- Do your homework prior to donating to charities or crowdfunding sites. Confirm the validity of the organization as fraudsters are now advertising fake charities. Do not let anyone rush you into a donation, particularly those who ask for cash, gift cards or wiring of funds.
- Do not click on links or open attachments from sources you do not know. Cybercriminals are using the COVID-19 headline as a tactic to spread viruses and steal information. Do not provide personal information, payment information or sensitive workplace information via suspicious email addresses.
- Be suspicious of urgent demands and emergency requests. The health and safety of you and your family is the top priority. Do not fall for scammers threatening fees or fines, cancelled deliveries and health concerns in exchange for financial gain.
- If it sounds too good to be true, it likely is. Many individuals have begun to receive robocalls and social media requests for social security numbers, banking information and gift cards. Scammers promise high paying work-from-home opportunities, free sanitation and cleaning, as well as COVID-19 protection in exchange for payment and sensitive information.
- Be mindful of scammers using government aid packages for criminal gain. Regarding the issuance of stimulus checks, the government will not request payment, nor will anyone reach out requesting personally sensitive health or financial information in exchange for financial support.
- Obtain your news from a trusted source. Be mindful of text message scams, social media polls and fraudulent email accounts sharing false information to create panic. Before acting on information, review its source and check a trusted news outlet to confirm its validity.
In one prevalent fraud tactic known as social engineering, criminals first gather information, then form relationships with key people and finally execute their plan, often via email. Gone are the days where malicious actors send poorly worded emails; sophisticated methods are deployed and can fool even the most trained employee into releasing sensitive data.
Given the rising incidence of social engineering fraud, especially in these challenging times, all companies should implement these basic risk avoidance measures:
- Educate and train your employees so they can be vigilant and recognize fraudulent behavior.
- Establish a procedure requiring any verbal or emailed request for funds or information transfer to be confirmed in person, or via phone, by the individual making the request.
- Consider two-factor authorization for high level IT and financial security functions and dual signatures on wire transfers greater than a certain threshold.
- Avoid free web-based email. Establish a private company domain and use it to create valid email accounts in lieu of free accounts.
- Be careful about what is posted to social media and company websites, especially job duties/descriptions, hierarchal information and out-of-office details.
- Do not open spam or unsolicited email from unknown parties, and do not click on email links. These often contain malware that will give subjects access to your computersystem.
- Do not use the “Reply” option to respond to any financial emails. Instead, use the “Forward” option and use the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
- Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via their personal email address when all previous official correspondence has been on a company email, the request could be fraudulent.
Despite these efforts, organizations can still fall victim to social engineering schemes. These incidents can be reported to the joint FBI/National White Collar Crime Center—Internet Crime Complaint Center (www.ic3.gov).
Fortunately, the insurance industry has developed policies that can transfer these risks. Crime insurance policies can cover fraudulent funds transfers, while cyber insurance policies may cover costs related to the unauthorized access of protected or sensitive information. However, the insurance buyer needs to be wary of various policy terms and coverage limitations. For example, some crime policies can contain exclusionary language for cases involving voluntary transfer of funds, even though they were unknowingly transferred to a criminal. Other insurers might add policy language to crime or cyber policies to cover this situation.
Cyber risk is a very real issue that can impact a pest control business and have a lingering effect on the business’ ability to operate. Taking the proper risk management steps, as well as obtaining the proper insurance coverage, will help ensure that the business’ bottom line is protected. Working with a specialty insurance broker, who understands the coverage issues and negotiates coverage that is customized towards your business’ risks, is key in preventing additional disruption to your business.
For an expert consultation or information on insurance and risk management solutions, please contact Weisburger Insurance Brokerage at 800-431-2794, email@example.com, or visit our site at www.weisburger.com. Weisburger, a division of Program Brokerage Corporation, is the nationally endorsed insurance broker of the National Pest Management Association (NPMA). With over 80 years of experience, our experts are able to review your current coverage and identify ways to best protect your pest control business during the dips and peaks of the industry.
BY GARY SHAPIRO, SENIOR VICE PRESIDENT, WEISBURGER INSURANCE BROKERAGE