Skip to main content
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
Hiscox Insurance
Menu Toggle
  • Home
  • Small Business Insurance Toggle Menu Toggle Menu
  • Why Hiscox Toggle Menu Toggle Menu
  • Resources Toggle Menu Toggle Menu
  • Policy Management Toggle Menu Toggle Menu
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
  • About
  • Get a Quote Get a Quote
  • About
  • Get a Quote Get a Quote
  • Blog Home
    Start Your Business
    Grow Your Business
    Protect Your Business
    Celebrate Courage
    Search

    Twenty-Four Seven

    Sign up to get the latest small business news delivered right to your inbox.
    Close Close
    Protect Your Business
    Credit card on fishing hook being lifted from on top of a computer keyboard. Phishing cyber attack.

    Gone phishing: Protect your company against cyber crime

    Cyber | Thought-leadership
    By: Hiscox Blog

    Share Image

    Embed Image

    Copy

    Share Article:

    It’s no secret that cyber attacks are on the rise and becoming more sophisticated every day. In fact, according to The 2019 Hiscox Cyber Readiness Report™, 53% of US firms were victims of cyber crime in the past 12 months, up from 28% in 2018.

    There’s one type of attack that small business owners should be particularly aware of, because it is both simple and effective for hackers. It’s phishing, and here’s what you need to know to avoid falling for it hook, line and sinker.

    What is phishing?

    Phishing is a way that hackers gain access to a computer system or sensitive information. They send an email that may look as though it comes from a familiar address – perhaps even one that’s inside the organization – that includes a link. The link looks like it will open an important file or take you to a website, but in fact it may infect your computer system with a virus or malware. Some phishing attempts will ask you for log-in credentials which are then used to access your accounts.

    There are different kinds of phishing, including spearfishing (targeted phishing emails), smishing (phishing by text message), and others, but they are all forms of social engineering designed to separate consumers or companies from their sensitive data or assets.

    How can it be prevented?

    The first step in preventing phishing is to recognize it. Here are some telltale signs that an email may be a phishing attempt.

    1. An email address that doesn’t look quite right. If your company uses First DOT Last AT company DOT com for email addresses, don’t open one that is addressed to FLast AT company DOT com. But keep in mind that valid email addresses can be spoofed, so even if the address is correct, the email may be fraudulent.

    Verify the sender’s email address by hovering over it in the preview pane. The actual address the message came from will appear. If it’s not what you were expecting, don’t open it!

    2. There’s a link in the email that you’re instructed – or even threatened – to click on. As with the sender’s email address, you can hover over the link to see where clicking it will take you. If it’s a phishing attempt, the web address will be different from what you’d expect to see.

    Never click on a link in an email unless you’re absolutely sure it’s legitimate. Instead, type in the website address yourself.

    3. The request is out of character for the sender. An urgent message from the CFO to an accounting clerk asking for an immediate wire transfer of funds is a huge red flag. So is a request that is described as ‘secret’ or sent outside of business hours, or a request from a vendor to wire payment to a different account.

    Confirm any request to transfer funds with the requester, either by phone or face to face.

    4. The language or format of the message may be unsophisticated or incorrect. A message that appears to be from a large corporation but includes spelling or grammatical errors is suspect.

    That said, hackers often steal the logos of major companies and spoof their email addresses. Don’t assume that an email that looks like it’s from your bank actually is.

    What if someone in my company gets a phishing email?

    The first instinct is often to delete the message, but a better plan is to notify your IT department or consultant. Don’t open the message beyond the preview pane, and certainly don’t click on any links. Once IT gives you the all-clear, delete the message and, if you forwarded the message to IT for investigation, delete the forwarded message as well.  If you handle your own IT issues, follow your internet service provider’s guidelines for reporting suspicious email.

    Notify everyone in your organization so they know to be on the lookout – hackers will often target many employees in the same company.

    Staying one step ahead of hackers can seem like a full-time job, but it’s critical to keeping your business safe from cyber crime. For more on how to be cyber ready, download the 2019 Hiscox Cyber Readiness Report.

    Protect Your Business

    Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

    Get a Quote
    Get a Quote
    Subscribe to our newsletter

    Related Articles

    4 Min Read
    Choosing the right business insurance for your small business

    How to choose the best insurance for my small business

    Insurance 101 | Management

    Do you have the right small business insurance coverage? Answer these six questions to find out.

    Read More

    4 Min Read
    Business continuity planning is essential for small businesses, learn the steps to create your plan

    Plan for the unexpected. How to make business continuity plans

    Management | Start up

    Don’t let your business become victim to obstacles beyond your control; learn how to create a business continuity plan – it’s essential to your business’ survival.

    Read More

    4 Min Read
    the impact the war in Ukraine has on small businesses

    The war in Ukraine – is there a risk to your business?

    Cyber | Management

    The war in Ukraine could pose a cyber risk to your small business that you haven’t considered. Read how you could be affected. 

    Read More


    We’re here to help.
    We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
    Get a Quote
    Get a Quote

    Footer menu 1

    • What We Cover
      • Business Insurance
      • General Liability Insurance
      • Professional Liability Insurance
      • Errors and Omissions
      • Cyber Security Insurance
      • Workers Compensation
      • Other Coverage
    • Who We Cover
      • Small Business Owners
      • LLC
      • Sole Proprietors
      • Entrepreneurs
      • Side Hustle
      • Contractors
      • Home Businesses
    • For Our Customers
      • Refer a Friend Program
      • Covid-19 Response
      • Claims Center
    • For Business Owners
      • Save with our Partners
    • About Hiscox
      • About Us
      • Careers
      • Contact Us
      • Hiscox Corporate
      • Investors
      • Foundation
      • Newsroom
      • We Stand Together
      • Affiliate Partner Program

    Footer menu 2

    • Accessibility
    • Site Map
    • Privacy Policy
    • Terms of Use
    • Legal Notices
    • Español

    Feefo Reviews: Hiscox rated 4.8/5 with 1,926 reviews between January 1, 2021 - January 1, 2022

    © 2022 Hiscox Inc. All rights reserved. Underwritten by Hiscox Insurance Company Inc., 30 N. LaSalle St., Suite 1760, Chicago, IL 60602. As of December 31, 2021, HICI had admitted assets of $1,250,758,353 and policyholders surplus of $332,792,666. Total liabilities were $917,965,687 (inclusive of $433,752,764 of loss reserves) and paid-up capital stock was $4,242,000.

    icon-facebook
    icon-youtube
    icon-twitter
    icon-linkedin