Since 2014 OBLIC has provided all policyholders access free of charge to the Cyber Toolbox, an online repository of cybersecurity resources. Among the resources available are articles warning of new cybersecurity threats, sample cybersecurity policies, and video training courses that can be shared with lawyers and staff.

A new article on the Cyber Toolbox titled, “Beware of Callback Phishing Emails Impersonating Cybersecurity Companies” warns of a new malicious phishing campaign. Emails from attackers impersonating well-known cybersecurity companies are being sent claiming that the company has detected a breach and urging the recipient to call a phone number for assistance. When the recipient calls the number, the attacker collects information from the recipient that allows the attacker to gain access to the computer system and deploy ransomware.

Awareness is the key to protecting against scams like this one. Lawyers and staff should be:

• advised of the scam,
• notified that legitimate cybersecurity companies will not contact users in this manner, and
• instructed to never allow anyone to remote into their systems unless the request is verified using contact information that was obtained from a source other than the suspicious email

We urge policyholders to log in to the Cyber Toolbox to learn more about this scam and others. The featured article can be found on the opening page of the website. Policyholders should contact us if password assistance is needed. As always, we are here to help.