/ BLOG

“GONE PHISHING!” – The Real Liability of the Virtual World

May 31, 2017 · 5 minutes to read

Phishing is a criminal practice that exploits individuals via fraudulent electronic communication and interaction. Together with spear phishing, clone phishing and whaling, the Internet can be a scamming minefield.  If you don’t already, it might be a good time to pay attention to the security breaches you hear about in the news, like Gawker.com in 2010, Sony, Epsilon and others in 2011, and most recently Zappos in early 2012.

Generally speaking, social engineering is putting bait on a virtual fishing pole, casting it out into the vast ocean of the Internet, and waiting to see who might naively take a bite. After being hooked by the apparently trustworthy communication, the unknowing target then proceeds to give up confidential information (social security number, credit card number, etc.) – anything that can help perpetrate identity (ID)  theft or credit card fraud.  In other cases, the scammer can even get cash from his hooked ‘phish’ by sending emails from a hijacked email account posing as a friend in need.  It’s been estimated that scammers can make $500 a day from their victims, if not more.

Businesses of all sizes are subject to security breaches. It can be because their networks were compromised, an employee lost a laptop or perhaps there was an accidental disclosure of confidential information (like posting a spreadsheet of client data to a public website). When this type of breach happens, and it does often, the business can be liable for a host of breach-related costs. To mitigate the consequences, the negligent company must bear the responsibility to:

  • Notify customers their data has been disclosed,
  • Incur information technology (IT) forensics costs to investigate what caused the breach,
  • Be subject to privacy regulatory activity, and/or
  • Third-party liability from those who were caused financial harm from the breach.

The liability does not stop at the business that lost customer data; it extends to that company’s subcontractors, independent contractors and vendors who may be the linchpin in the breach.  When contracting with business clients, a subcontractor may take on its client’s highly sensitive customer information and therefore is also responsibile for maintaining its security.

Let’s consider what happened to Epsilon in April 2011.  Epsilon is one of the largest email and online marketing firms, whose customers includes seven of the Fortune 10 amongst its 2,500 clients.  Their breach exposed the names and email addresses of massive customers like Best Buy, Citibank, and Walgreens.  While it may not seem like highly prized data in and of itself, names and email addresses are quality bait and useful in constructing a successful scam.  Receiving a personalized message from a company that you already have an account with can be convincing and leaves many people susceptible to ID theft.

Whether you’re a big vendor like Epsilon, who performs email marketing services for huge Fortune 500 clients or an independent contractor working on your personal laptop with your client’s confidential data, you can become liable for a security breach of your customer’s (or your customer’s customers’) data if you or your equipment is somehow the weak link.  The general consensus from the privacy/security community is not whether someone will be hacked, but when.  After that happens, it’s about what was done to mitigate the loss.  In a recent study entitled “Empirical Analysis of Data Breach Litigation,”[1] law researchers at Carnegie Mellon and Temple University found that a company that offered credit monitoring after a breach was six times less likely to get sued.  If it’s not preventable, then why not at least transfer and minimize the risk and cost.  Having a strong service contract that protects your position in the event of a security breach is one way to start, along with maintaining industry standard privacy and security controls.  One cost-effective way to transfer the risk of this liability is through Cyber Insurance.

Cyber Insurance combines Technology Professional Liability (a.k.a. Errors & Omissions), Miscellaneous Professional Liability, Privacy Liability and Network Security Liability into one omnibus coverage that protects a company against today’s ever growing need to safeguard electronic information.  The coverage can help cover costs like Information Technology forensics, third-party liability, and credit monitoring.  The nuance of whether you’re subject to a third-party liability claim or first-party privacy cost claim can be avoided, when you have a policy that covers you from all angles.

One obvious lesson is to be very careful with all communications and actively protect your own confidential information and passwords.  If you’re not careful on a personal level, you may have your account hijacked and have to deal with your email’s support team who may, or may not, be able to retrieve your emails from the last five years.  Not to mention the scorn of your friends and family who may have given up money or other confidential data to someone perpetrating a scam from Nigeria.  For a business, however, it’s critical to not be known as the company that let down its guard and made its customer’s data vulnerable to the scores of hackers, scammers, and organized e-crime syndicates that are on the prowl.

As you explore and utilize the wonderful World Wide Web, enjoy surfing, but don’t get hooked!

BizInsure Guest Blogger: Natalie Chin


[1] Romanosky, Sasha, Hoffman, David A. and Acquisti, Alessandro, “Empirical Analysis of Data Breach Litigation” (February 19, 2012). Available at SSRN: http://ssrn.com/abstract=1986461 or http://dx.doi.org/10.2139/ssrn.1986461

Talk to us

Today’s BizInsure offerings are just the beginning. Please take the time to tell us what you think, offer advice, ask questions, give compliments, or make a request…customer feedback defines us. We’re listening. Click here to contact us.

Get Free Online Quotes and get coverage instantly

The coverage you need for your business.

Business insurance is divided into different policies. We offer 4 types so it's easy to design the coverage that fits your business.

Professional Liability Insurance

Get a quote

General Liability Insurance

Get a quote

Business Owner’s Policy (BOP)

Get a quote

Workers Compensation Insurance

Get a quote

Let's find

The coverage you need for your business

Professional Liability Insurance

Get a quote

General Liability Insurance

Get a quote

Business Owner’s Policy (BOP)

Get a quote

Workers Compensation Insurance

Get a quote

Responsive and professionalCompetitive price. I highly recommend Bizlnsure as an insurance provider
Zynab B.
1710433556
Your service is easy to renew as needed and your company informs the client in advance for renewal.
Henry B.
1710352389
It has been a pleasure doing business with Biz Insure Llc.Their representatives are very courteous, helpful and customer service oriented.
Shonta I.
1710297732
Quick and easy....
Tammy K.
1710172643
I follow the instructions & would prefer to paid every month. I did not have the options to pay every month.
Alamo H.
1709935830
Thank you, Amy, for making my experience enjoyable and funny. Thank you so much for your kindness!!!
George J.
1709840615
I'm pleased with the business quote I received from Bizinsure LLC. Thank You!
Shanda J.
1709586997
Very satisfied with the online experience
Nicole h
1709238653
Been a happy customer for years! Easiest company to receive a quote and get insured. No hassles! Easy payment! Finance plans, if needed!
jodi H.
1709226367
Love it
Hanna R.
1708272180
Every year, BizInsure is my go to for general and professional liability insurance! Thenrates are unbeatable.
Calandra K.
1708044666
The agent was quick and efficient in generating a quote for my needs.
Theresa F.
1707895796
I enjoy working BizInsure they always answer all my questions and make sure i have the correct coverage for my business.
Prompt and professional service from Biz Insure. Thanks Leslie and Liza!
Bev G.
1707524454
Very easy to sign up for insurance.
Great company
Brown G.
1706896003
Fast and efficient!
Kim C.
1706746693
عالی
alireza J.
1706727364
It was great being able to get a policy that suits my company's need in less than 30 minutes. They were vey thorough. Very competitively priced.
Lynette C.
1706621476
I worked with Andrea for another start up business. She was very knowledgeable and help me pick the correct policy. Amazed at how quickly the process went.
Representative was very kind, helpful, and educated me well. I appreciated today's prompt service with confirmation that I was satisfied with what was provided to me.
Tina P.
1706224051
Great company for.your low cost business insurance needs.
constantin T.
1706156911
Staff was very fessional and friendly. I was able to get a quote and move forward within 20 minutes.
Pebbles S.
1706126428
Wonderful
Complete C.
1705788054
MUY BUENO
Super easy process.
Ashley G.
1704830227
It’s very easy to understand and at a very reasonable price.
Mary M.
1703780096
Professionalism, Quality, Responsive and budget friendly
B D
1703029371
Great rates, easy to understand and select appropriate coverage, can get in a jiffy
Brie C.
1702775397
I have been a customer of BizInsure for a few years now and I love it. There customer service is awesome and the prices are affordable.
Danyale W.
1702132165
Quick easy experience! The rep was knowledgeable & pleasant. Customer care was awesome to respond and clarify my concerns.
Kathy Ann A.
1702059151
bizinsurance makes purchasing Business Insurance...SIMPLE!
Andrea W.
1701380391
Great quality of Service ,faster and convenience way to pay at most. Thank you for your Service to my Healthcare Facility .
Quick and easy!!!!
Terry
1701319042
Great service! Easy process and very informative representative. Andrea was great and very patience with our process. I would recommend using them!!
Terrance R.
1700848536
Always and easy process. Thanks!
Gerald S.
1700244544
Renewal was quick and easy online
Angelita K.
1699752900
js_loader
Google Rating
4.7
Based on 254 reviews
×
js_loader