Skip to main content
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
Hiscox Insurance
Menu Toggle
  • Home
  • Small Business Insurance Toggle Menu Toggle Menu
  • Why Hiscox Toggle Menu Toggle Menu
  • Resources Toggle Menu Toggle Menu
  • Policy Management Toggle Menu Toggle Menu
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
  • About
  • Get a Quote Get a Quote
  • About
  • Get a Quote Get a Quote
  • Blog Home
    Start Your Business
    Grow Your Business
    Protect Your Business
    Celebrate Courage
    Search

    Small Business Insights

    Sign up to get the latest small business news delivered right to your inbox.
    Protect Your Business
    Credit card on fishing hook being lifted from on top of a computer keyboard. Phishing cyber attack.

    Gone phishing: Protect your company against cyber crime

    Cyber | Thought-leadership
    By: Hiscox Blog

    Share Image

    Embed Image

    Copy

    Share Article:

    It’s no secret that cyber attacks are on the rise and becoming more sophisticated every day. In fact, according to The 2019 Hiscox Cyber Readiness Report™, 53% of US firms were victims of cyber crime in the past 12 months, up from 28% in 2018.

    There’s one type of attack that small business owners should be particularly aware of, because it is both simple and effective for hackers. It’s phishing, and here’s what you need to know to avoid falling for it hook, line and sinker.

    What is phishing?

    Phishing is a way that hackers gain access to a computer system or sensitive information. They send an email that may look as though it comes from a familiar address – perhaps even one that’s inside the organization – that includes a link. The link looks like it will open an important file or take you to a website, but in fact it may infect your computer system with a virus or malware. Some phishing attempts will ask you for log-in credentials which are then used to access your accounts.

    There are different kinds of phishing, including spearfishing (targeted phishing emails), smishing (phishing by text message), and others, but they are all forms of social engineering designed to separate consumers or companies from their sensitive data or assets.

    How can it be prevented?

    The first step in preventing phishing is to recognize it. Here are some telltale signs that an email may be a phishing attempt.

    1. An email address that doesn’t look quite right. If your company uses First DOT Last AT company DOT com for email addresses, don’t open one that is addressed to FLast AT company DOT com. But keep in mind that valid email addresses can be spoofed, so even if the address is correct, the email may be fraudulent.

    Verify the sender’s email address by hovering over it in the preview pane. The actual address the message came from will appear. If it’s not what you were expecting, don’t open it!

    2. There’s a link in the email that you’re instructed – or even threatened – to click on. As with the sender’s email address, you can hover over the link to see where clicking it will take you. If it’s a phishing attempt, the web address will be different from what you’d expect to see.

    Never click on a link in an email unless you’re absolutely sure it’s legitimate. Instead, type in the website address yourself.

    3. The request is out of character for the sender. An urgent message from the CFO to an accounting clerk asking for an immediate wire transfer of funds is a huge red flag. So is a request that is described as ‘secret’ or sent outside of business hours, or a request from a vendor to wire payment to a different account.

    Confirm any request to transfer funds with the requester, either by phone or face to face.

    4. The language or format of the message may be unsophisticated or incorrect. A message that appears to be from a large corporation but includes spelling or grammatical errors is suspect.

    That said, hackers often steal the logos of major companies and spoof their email addresses. Don’t assume that an email that looks like it’s from your bank actually is.

    What if someone in my company gets a phishing email?

    The first instinct is often to delete the message, but a better plan is to notify your IT department or consultant. Don’t open the message beyond the preview pane, and certainly don’t click on any links. Once IT gives you the all-clear, delete the message and, if you forwarded the message to IT for investigation, delete the forwarded message as well.  If you handle your own IT issues, follow your internet service provider’s guidelines for reporting suspicious email.

    Notify everyone in your organization so they know to be on the lookout – hackers will often target many employees in the same company.

    Staying one step ahead of hackers can seem like a full-time job, but it’s critical to keeping your business safe from cyber crime. For more on how to be cyber ready, download the 2019 Hiscox Cyber Readiness Report.

    Protect Your Business

    Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

    Get a Quote
    Get a Quote
    Subscribe to our newsletter

    Related Articles

    4 Min Read
    Yorkie being groomed by professional at a salon

    Everything you need to know about additional and named insureds

    Insurance 101

    Have you heard the terms 'named insured’ and ‘additional insured,’ and ever wondered if there's a difference? We break it all down for you in this post. 

    Read More

    5 Min Read
    Small business owners in capes, protecting what they've built from impacts of recession

    Ideas on how to make your business recession-proof

    Management | Entrepreneur

    Here’s what you need to know about the recession and some things you can do to reduce its impact on your small business.

    Read More

    4 Min Read
    sole proprietor learning what insurance policies are best for her business.

    Useful information on the best insurance for sole proprietors

    Insurance 101 | Entrepreneur

    As a sole proprietor, were you aware that you should have business insurance? Get the details on what type of policies are best for your small business needs.

    Read More


    We’re here to help.
    We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
    Get a Quote
    Get a Quote

    Footer menu 1

    • What We Cover
      • Business Insurance
      • General Liability Insurance
      • Professional Liability Insurance
      • Errors and Omissions
      • Cyber Security Insurance
      • Workers Compensation
      • Other Coverage
    • Who We Cover
      • Small Business Owners
      • LLC
      • Sole Proprietors
      • Entrepreneurs
      • Side Hustle
      • Contractors
      • Home Businesses
    • For Our Customers
      • Refer a Friend Program
      • Covid-19 Response
      • Claims Center
    • For Business Owners
      • Save with our Partners
    • About Hiscox
      • About Us
      • Careers
      • Contact Us
      • Hiscox Corporate
      • Investors
      • Foundation
      • Newsroom
      • We Stand Together
      • Affiliate Partner Program

    Footer menu 2

    • Accessibility
    • Site Map
    • Privacy Policy
    • Terms of Use
    • Legal Notices
    • Español

    Do Not Sell or Share My Personal Information

    Feefo Reviews: Hiscox rated 4.7/5 with 1,067 reviews between January 1, 2022 - January 1, 2023

    © 2023 Hiscox Inc. All rights reserved. Underwritten by Hiscox Insurance Company Inc., 30 N. LaSalle St., Suite 1760, Chicago, IL 60602. As of December 31, 2022, HICI had admitted assets of $1,458,861,470 and policyholders surplus of $380,056,863. Total liabilities were $1,078,804,607 (inclusive of $529,538,410 of loss reserves) and paid-up capital stock was $4,242,000.

    icon-facebook
    icon-youtube
    icon-twitter
    icon-linkedin