Bryson Blog

What is phishing and how does it work?

Imagine your personal information as the fish and the scammer the fisherman out to catch the fish of the day. The fisherman has many fishing rods on his boat and is constantly casting them, waiting for someone to bite.

Phishing is a method scammers and hackers utilize to lure people into giving up their sensitive and personal information including passwords, credit card details, banking and payment information and any other piece of information. The primary method to doing this is through fraudulent email where the hook is a malicious link that entices you to input private information.

How does phishing differ from SPAM?

Phishing is like fishing. Boat with fishing rods in ocean to represent analogy for cyber phishing.

Simple… phishing is like fly-fishing. Phishing attacks are targeted, and intentional emails are sent one at a time.  SPAM is most like casting a big net in the ocean and seeing what turns up. SPAMers send the same email to many email addresses. The content is generic and broad.

What types of phishing emails are there?

There are various types of phishing emails to seek out. In general, they fall into three buckets.

  1. Business Email Compromise (BEC) – Targets are primarily employees authorized to initiate money transfers. The game for business email compromise scammers is to have employees in accounting and finance roles provide information to help future social engineering attacks.
  2. Clone Phishing – Everyone is targeted with clone phishing. The game is to create replica emails that imitate legitimate communicating, with the intention of tricking its target into sharing personal information.
  3. Whaling – Targets are the big game fish in an organization. The game is to specifically target C-Suite employees with crafted content that slowly pulls private information.

What are some examples of phishing attacks in organizations?

Phishing isn’t the endgame for scammers and hackers. It is one part of a bigger game to scam companies out of financial resources. For these examples, imagine them happening in your organization. How do you think employees, clients and other stakeholders would react?

  1. Employees at Wichita State University received an email asking them to input their university ID number and password. This allowed the scammers to access bank account numbers, student records and other personal information. What happened? The scammers were able to redirect payroll deposits from the employee to the scammers’ bank account. Numerous employees did not get their regular payroll deposit and that money was gone for good.
  2. A number of US health service providers have fallen victim to phishing attacks in 2019. The examples are all similar in nature. The employee opens an email, clicks a link, provides some private data (login credentials) that allow the scammers access to the client database. The type of information exposed includes health records, payment information, social security numbers, names and emails and other financial information.

    Examples of these types of phishing attacks in 2019 include Prisma Health, Baystate Health, Catawba Valley Medical Centre. There are many similar examples and while we have grown accustomed to seeing big brand names suffering these types of losses, you can imagine the brand and reputation damage for a local or regional health care provider.
  3. For almost three years, employees at Facebook and Google were receiving fake invoices impersonating a large manufacturer they used as a vendor. Over this time employees sent over $100 million do to this single scammer.
  4. While we do not know the specific details in this whaling example, what likely happened in is the newly appointed CFO opened his email and saw a money transfer request from an employee. Everything seemed legitimate and the CFO authorized transfers of over $30 million. It was the determined after that those funds went to oversees accounts and was lost. In under one month on the job, the CFO of Xoom was out of a job and the company had to take a one-time charge of $30.8 million on their quarterly earnings.

How do you spot a phishing email?

Do you think you can spot when you’re being phished? Google has created a simple quiz to see whether you can tell whether or not you’re being phished. Take the quiz here


Being asked to confirm personal information;
A few of the high-level flags to watch for include:

  • The website domain or email address are odd;
  • The email is poorly crafted;
  • There is poor grammar and misspellings;
  • There is a sense of urgency that isn’t normal for the person sending the email.

What steps can you do to minimize phishing?

avatar trying to find out if there is a phishing scan happening

Regardless of whether or not your company falls victim of a phishing scam, dealing with the flow of phishing is costly to the operational effectiveness of your firm. Employees need to double and triple check before clicking on links and responding to people. IT departments are being forwarded emails to check. Spam filters are being turned up causing real emails from clients and suppliers to go unnoticed in junk folders and on and on.

While we are unable to stop phishing scammers from attempting to hook our information, we can take steps to make ourselves less attractive. Some suggestions include:

  • Never click on a link in an email. If your payroll company is asking you to update your information, open a web-browser and log in directly instead of going through the link;
  • Use complicated passwords and require that all employees use complex passwords;
  • Never share personal or financial information in an email. If a phisher does get into your email, you do not want to keep easy to search financial or personal data in your inbox or deleted folder;
  • Use email filtering and put a reminder in to check your spam folder from time to time.

Most important is to have a conversation with an insurance broker that specializes in cyber risk transfer. No matter the level of risk mitigation a company takes on it will never completely eliminate the cyber risk to their business. Surprising, great coverage is often much less than people think.

Let's have a chat. Email me at sbryson@brysoninsurance.ca!

Storing your RV for a Canadian winter

Winter is coming… properly preparing your RV for winters in Canada can drastically extend the life of your home on wheels. Unless you are part of the lucky few RVers in Canada who spend their winter touring warmer climates, then ensuring your RV is properly winterized is a top priority.

If you want to get into action preparing your RV for winter, you can also take a look at GoRVing’s Winterizing Your RV Checklist.

We will go into a little more detail on some of the main focus areas to consider when winterizing and storing your RV over the winter season:

Seek out tears, openings or cracks in the body or roof

Properly sealed external breaches are little more than minor aesthetic issues. Untreated external breaches can lead to a world of trouble and cost. Even the smallest opening can lead to water leaks and, through the winter, mildew formation.

Give the exterior of your RV a solid clean and wax

This is more advice to maintain the appearance and value of your RV over the long-term. Rubber and vinyl can be damaged in the sunlight, causing unnecessary repair or fading. Sunlight can also have negative effects on the paint job. If you decide to store your RV outside and uncovered for the winter, you will definitely want to make sure you take this step.

Manage pest control by covering external vent and pipe openings

Brrr…. winter is cold for rodents too. In their search to survive the winter, they will be looking for anywhere warm. Your RV is a perfect winter getaway. Take the time to properly cover any external access points.

Give a quick tire pressure check

Inflated tires minimize tires weakening during storage season. An even better step is to jack your RV up to reduce pressure on the wheels through the winter, but this is an optional step. If your tires are going to be resting on asphalt, drive the RV wheels onto wooden planks instead. Surface oils on the asphalt can wear on your tires, causing blowouts during your next adventure in the Spring.

Make your vehicle unattractive to thieves

A special lock designed for your RV is a smart investment. It is a good investment both for storage season and while you and your family are out on day-trips, away from your RV. Thieves prefer easy targets so making your RV a challenge will have them looking elsewhere quickly.

If you are choosing a storage facility, ask the manager to show the security features that will keep your RV safe over the winter. Cameras, outdoor lighting and onsite security are ideal.

And, of course, ensure you keep appropriate insurance in case anything does happen while your RV is stored away.

Wash the interior fully and thoroughly

First, it is great feeling to walk into a clean RV at the start of next season. Beyond that, cleaning your RV limits potential for mould and odours from growing through the winter. It is also a good way to find any cracks or holes you do not know about.

Keep the cabinet, closets and fridge doors open

This step minimizes moisture and mould build-up while the RV is stored away. Place a box of baking soda inside the fridge as well to limit odour.

Clear the RV or items that shouldn’t freeze

Things like liquid soap, water bottles, pop, and RV cleaning items and others can easily freeze. These items can burst and thaw, leading to an unfortunate mess when returning.

Remove anything that pests may like as food or nesting material

Little rodents spend their winter season trying to stay warm and fed. They will look for anything and anything that can fulfill these needs. They’ll look for any type of food, toilet paper, soaps, rags, newspapers, towels, blankets and more. Ensure these items are packed up and moved out for the winter.

Remove batteries from the RV

Keeping your primary battery from freezing will prolong the life of the battery and save you money in the long run. Store the battery in a dry place that does not freeze. It is also a good idea to remove other batteries as well from things like your radio and other appliances.

Use antifreeze in your RV’s piping system

It is a good idea to run antifreeze through your RV’s pipes, valves and drain traps. This is primarily important if you are storing your RV outside for the winter, but it is also good practice for indoor storage as well.

Shut off the liquid propane gas supply valve

This is a pretty simple step and a good precaution. While you are doing this, it is also good practice to turn off all the appliances and pull out any fuses.

Plan some fun visits through the winter!

Even though you’re not adventuring in your RV through the winter doesn’t mean you can’t go say “hi” to it! Going to check on your RV every once and awhile ensures everything is in order. This is especially important if you are storing your RV outdoors.

~

By being proactive with your end of year RV maintenance, you will be good to go when adventure season rolls around again. While you’re waiting for the warmer weather to come back, take a minute to find out if you have the best insurance for your RV with our instant quoting tool.