Surging Cyberattacks Take on Another Deceptive Form: Spear Phishing

As we are increasingly aware, cyberattacks are becoming a major concern for businesses and private citizens in our modern digitized world. According to CNBC, malicious cyberattacks have escalated by more than 164 percent over the past year—compromising more than 2 billion data records.

Recently, cybercriminals have started using a new tactic called “spear phishing.” Instead of sending random emails, cybercriminals dispatch targeted attacks through your employer’s or trusted partner’s (like a doctor or a friend) email address. Cleverly concealed, users only learn the truth by mousing over the sender’s email address to reveal the actual dispatcher.

Within the emails themselves, fake links put you at additional risk. Hackers can attach malware to check your browser history and follow up with fraudulent emails. Per Anirban Banerjee, co-founder of StopTheHacker, “Let’s say you just logged into your bank account, [hackers] will send you an email to reset your password and capture your banking information.”

And once you’ve been “hooked” by spear phishing, you’re dragged into an uncertain area between cyber and criminal coverage where your stolen digital identity can lead to real-world theft.

As covered in the following video, there are many specific actions you can take to protect yourself from cybercrime, but making sure you have cyber liability coverage with policies specifically underwritten to cover social engineering, cyber extortion and cyber crime should be part of your solution. Without proper cyber liability protection, if hackers steal the money from your accounts, it’s gone forever.

Here’s a checklist to selecting the right cyber liability insurance provider:

  • Talk with your insurance broker. Schedule some time with your broker (or a trusted resource) in order to review your current liability coverage.
  • Determine What’s Covered. General cyber liability insurance covers business losses due to downtime, notification outreach, forensic investigation and extortion fees. It’s a good idea to ask many questions because each cyber policy will have different coverages and restrictions. Make sure your policy will cover social engineering, cyber extortion, and cybercrime.
  • Is third-party coverage offered? Does your company share sensitive data with external partners? If so, make sure your policy covers third parties, including data breaches and cyber attacks that attack your business but originate at your vendor.

Cyber liability protection is an issue that will only continue to rise in importance in the years to come.

Having adequate protection for a potential data breach should be a priority during your next annual review of your insurance coverage.

As we continue to move into an evermore connected future, providing insurance for your digital assets will become as serious a consideration as protecting your physical ones.

If you have additional questions about cyber liability protection, please feel free to reach out to me.


About Jamie Gershon

Jamie Gershon specializes in developing long-term, strategic insurance and risk management programs for a range of Bolton's Northern California clients. As a member of Bolton's Education Practice Group, Jamie is dedicated to the diverse and ever-evolving needs of his education clients. In addition, he is passionate about supporting the needs of nonprofit and human service organizations, wholesalers, real estate and technology firms.

Subscribe to the Bolton Blog