The Emergence of a New Cyber Threat: “Vishing”

October 30, 2020

As remote employment has grown in popularity for the convenience and efficiency it provides business owners and employees alike, cybersecurity liabilities have equally expanded. With employees connecting to company servers from mobile devices or unsecured internet connections, the threat of cyberattacks has multiplied. In addition to concerns with malware, ransomware, and phishing attacks, vishing has emerged as a serious threat for the remote employee.

What Is Vishing?

The term vishing is a portmanteau of the words “voice” and “phishing.” In the realm of cybersecurity, phishing attacks target individuals through email or other digital means to gain access to sensitive, personal data like passwords or financial payment details. Most often, the attack is formed through an organization or individual that appears legitimate. With vishing, the attacks occur over the phone.

Using automated voice technology and Voice over Internet protocol, many remote employees are being tricked into thinking they need to establish new login credentials with their virtual private networks. Attackers are then able to gain a foothold in the corporate network, where additional information is retrieved and used in new social engineering attacks. Vishing attacks continue to develop and become more sophisticated, making it an important consideration for businesses sending employees home to work.

What Protection Is Available?

There are many ways you can educate your clients about cybersecurity protection, but the most important thing you can do is inform them of their cyber liability insurance options. There are unique exposures addressed through an insurance policy that cannot be protected by other means. Primarily, the financial ramifications of a cybersecurity attack.

Cyber insurance providers recognize the many elements involved with cyber threats, both the internal exposures of employees mismanaging information or getting caught in a phishing trap and the external concerns of a network breach and data hack. As remote employees expose new weaknesses in cybersecurity strategies, business managers need to know the extent of their insurance coverage. As a broker, you have the ability to direct their attention to comprehensive solutions.

What Does a Cyber Insurance Policy Cover?

Cyber policies address the risks of exposure from data breaches, compromised networks, or other malicious cyber events. Insurance policies may address both first-party and third-party coverages, and your job as a broker is to see what form of coverage would be most beneficial to your client. There are various costs associated with cyberattacks, as a company can be sued for damages from several parties. Litigation to mount a defense, notify individuals, or payout settlements for any of these parties can be more than a company can bear. Cyber insurance steps in as the financial resource for these costs.

Vishing will continue to emerge as a cyber threat, and more advanced attacks can be expected. As a broker, informing your clients of their risks and their subsequent insurance options is the best advice you can give. ◼