Skip Navigation
  • Careers
  • Report a Claim
  • Contact Us
Risk Strategies Logo
  • Industries

    • Agriculture
    • Architects & Engineers
    • Aviation
    • Cannabis
    • Construction
    • Dental
    • Education
    • Entertainment
    • Financial Services
    • Fine Art
    • Healthcare
    • Law Firms
    • Marine & Yacht
    • Nonprofit & Human Services
    • Private Equity
    • Public Sector
    • Real Estate
    • Relocation
    • Transportation
    • Waste & Recycling
    • Wineries
  • Solutions

      • Captives
      • Casualty
      • Cyber
      • Environmental
      • International
      • Management Liability
      • Property
      • Surety
      • Employee Benefits Overview
      • Benefit Administration and Technology
      • Benefits Compliance Support
      • Data & Analytics
      • Human Capital Advisory Services
      • International Benefits
      • Absence Management & Ancillary Programs
      • Voluntary & Lifestyle Benefits
      • Medicare
      • Financial & Wealth Overview
      • Life Insurance
      • Private Client Services Overview
      • Homeowners
      • Flood
      • Collections
      • Umbrella & Excess Liability
      • Auto
      • Collector & Exotic Car
      • Boat & Yacht
      • Travel Medical & Trip Insurance
      • Family Office
      • Cyber Insurance - Family Office
      • Cyber Insurance - Individuals
      • Specialty Coverages
      • Private Client Risk Resource Center
    • Reinsurance
      • Risk Management Services Overview
      • Analytics
      • Claims Management & Advocacy
      • Loss Control
      • Safety Consulting Services
      • Pro Safety Training Courses
      • Workers’ Comp: Premium Review & Recovery
  • Consulting

    • Consulting Overview
    • Actuarial Services
    • Healthcare Claim Audit Services
    • Health and Welfare
    • Mergers and Acquisitions
    • Pharmacy Consulting
    • Retirement Benefits
  • News and Insights

    • All Insights
    • Blog
    • Emergency Resource Centers
    • Employee Benefits Compliance Center
    • Events
    • Media Coverage
    • State of the Market Reports
    • Press Releases
    • Private Client Resources
    • Webinars
  • Company

    • About Us
    • Annual Report
    • Careers
    • Culture and Values
    • Diversity, Equity & Inclusion
    • Environmental, Social, & Governance
    • General Terms of Business
    • Leaders
    • Local Expertise
    • Mergers & Acquisitions
    • Recognition & Awards
    • Risk Strategies Foundation
    • Transparency and Disclosures
  • Join Us
    • Careers
    • Mergers & Acquisitions
  • Industries
    • Agriculture
    • Architects & Engineers
    • Aviation
      • Aviation Business Insurance - Manned Risk
      • Non-Owned Aviation
      • Unmanned Aerial System and Drones
    • Cannabis
    • Construction
      • Alternative Solutions
      • Financing & Pre-Construction
      • Insurance Solutions
      • Risk Management
      • Surety
    • Dental
      • Insurance for Dental Professionals
      • Dental Malpractice Insurance
      • BOP Insurance - Dental Practices & DSOs
      • Dental School Graduates
      • Dental Associates & Hygienists
      • Dental Practice Owners
      • Dental Service Organizations (DSOs)
    • Education
      • Employee Benefits for Education
      • Property, Casualty & Liability for Education
      • Student Health & Wellness
        • Student Health Brokerage and Consulting
        • Student Health Plan Administration
        • Student Health Insurance Plans
        • Solutions for Student Athletes
        • Student Health & Wellness Tools
        • Special Risk Insurance
    • Entertainment
      • Film & Television
      • Advertising Production Wrap Ups
      • Advertising/PR
      • Event Cancellation & Non-Appearance
      • Music & Touring
      • Theatrical Production & Live Performance 
      • Venue Insurance
    • Financial Services
      • Asset Managers
      • Banks & Non-Bank Lending
      • Collections
      • Consumer Financial Services
      • Financial Tech
      • Insurance Companies
    • Fine Art
      • Artists
      • Artist Endowed Foundations
      • Auction Houses
      • Fine Art Packers / Shippers / Warehouses
      • Galleries
      • Museums
      • Private Art Dealers / Advisors
      • Private Collectors
    • Healthcare
      • Employee Benefits - Healthcare
      • Managed Care / Stop Loss
      • Medical Malpractice
      • Property & Casualty - Healthcare
      • Reinsurance
    • Law Firms
    • Marine & Yacht
      • Boat & Yacht For Individuals
      • Commercial & Recreational Marine Businesses
        • Marine Businesses
        • Sailing Organizations - Burgee Program
      • Jackline Insurance Solutions for Cruisers
      • Mega Yachts
      • One-Design Insurance Program
      • Crew Medical Insurance
      • Sailors Health Insurance Program
      • US Sailing Insurance Solutions
    • Nonprofit & Human Services
    • Private Equity
      • Crypto Companies
    • Public Sector
      • Public Safety Organizations & Municipalities
    • Real Estate
      • Commercial
      • Community Associations
      • Hospitality
      • Residential / Habitational
      • REITs
      • Retail
      • Specialty Programs
    • Relocation
      • Domestic Household Goods
      • Expat Renters & Living Insurance
      • Relocation Claims Service
      • International Household Goods
      • Supplemental Movers Coverage
      • Temporary Living Insurance
      • Vacant Home
    • Transportation
      • Business Auto Insurance
      • Last Mile Delivery
      • While Under Dispatch Insurance
      • Forwarding & Brokering
      • Workers' Compensation
    • Waste & Recycling
    • Wineries
  • Solutions
    • Commercial Insurance
      • Captives
      • Casualty
        • Analytics
        • Auto Liability & Physical Damage
        • Captives & Alternative Risk Financing
        • Claims Advocacy & Loss Control
        • Excess Liability
        • General Liability
        • Product Recall
        • Workers' Compensation
      • Cyber
        • Cyber Resolute
        • Cyber Risk Assessment and Analytics
        • Cyber Risk Response & Claims Advocacy
        • Cyber Insurance - Family Office
        • Cyber Insurance - Individuals
      • Environmental
        • Contractors Pollution Liability
        • Environmental Excess
        • Environmental Liability Transfer
        • Environmental Liability - Healthcare
        • Environmental Liability - Higher Education
        • Pollution Legal Liability
        • Environmental Liability - Private Equity
        • Professional Environmental Liability Insurance
        • Real Estate Development
        • Remediation Cost Cap
        • Secured Creditor Protection for Lenders
        • Underground Storage Tanks
      • International
      • Management Liability
        • Management Liability - Entertainment
        • Management Liability - Financial Institutions
        • Management Liability - Healthcare
        • Management Liability - Real Estate
      • Property
        • Builder's Risk
        • Property Claims Services
        • Inland Transit and Ocean Cargo
        • Natural Hazard Catastrophe Modeling
        • Political Violence and Terrorism
        • Property Damage & Business Interruptions Valuations
        • Property Loss Prevention and Control
      • Surety
    • Employee Benefits
      • Employee Benefits Overview
      • Benefit Administration and Technology
      • Benefits Compliance Support
      • Data & Analytics
      • Human Capital Advisory Services
      • International Benefits
      • Absence Management & Ancillary Programs
      • Voluntary & Lifestyle Benefits
      • Medicare
    • Financial & Wealth
      • Financial & Wealth Overview
      • Life Insurance
    • Private Client Services
      • Private Client Services Overview
      • Homeowners
      • Flood
      • Collections
      • Umbrella & Excess Liability
      • Auto
      • Collector & Exotic Car
      • Boat & Yacht
      • Travel Medical & Trip Insurance
      • Family Office
      • Cyber Insurance - Family Office
      • Cyber Insurance - Individuals
      • Specialty Coverages
      • Private Client Risk Resource Center
    • Reinsurance
    • Risk Management Services
      • Risk Management Services Overview
      • Analytics
      • Claims Management & Advocacy
      • Loss Control
      • Safety Consulting Services
      • Pro Safety Training Courses
      • Workers’ Comp: Premium Review & Recovery
  • Consulting
    • Consulting Overview
    • Actuarial Services
    • Healthcare Claim Audit Services
    • Health and Welfare
    • Mergers and Acquisitions
    • Pharmacy Consulting
    • Retirement Benefits
  • News and Insights
    • All Insights
    • Blog
    • Emergency Resource Centers
      • Cybersecurity
      • Earthquake
      • Hurricane
      • Pandemic
      • Riot & Civil Unrest
      • Severe Storms
      • Violence & Active Shooter
      • Wildfire
      • Winter Weather
    • Employee Benefits Compliance Center
    • Events
    • Media Coverage
    • State of the Market Reports
    • Press Releases
    • Private Client Resources
    • Webinars
  • Company
    • About Us
    • Annual Report
    • Careers
    • Culture and Values
    • Diversity, Equity & Inclusion
      • BeHEARD Series
      • DE&I Structure
      • Employee Resource Groups
    • Environmental, Social, & Governance
    • General Terms of Business
    • Leaders
    • Local Expertise
    • Mergers & Acquisitions
    • Recognition & Awards
    • Risk Strategies Foundation
    • Transparency and Disclosures
      • General Terms of Business
      • Conflict of Interest Policy
      • Compensation Disclosure
      • Enterprise Risk Management
  • Join Us
    • Careers
      • Benefits & Wellness
      • Investing in Growth & Leadership
      • Life at Risk Strategies
      • Next Steps
    • Mergers & Acquisitions
      • Partnership Benefits
      • Why Join Us?
      • Onboarding & Integration
  • Careers
  • Report a Claim
  • Contact Us

You are about to leave Risk Strategies website and view the content of an external website.

You are leaving risk-strategies.com

By accessing this link, you will be leaving Risk Strategies website and entering a website hosted by another party. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of Risk Strategies website. We encourage you to read and evaluate the privacy and security policies of the site you are entering, which may be different than those of Risk Strategies.

OK
  • News and Insights
  • Blog
Subscribe

Subscribe via Email

  • News and Insights
  • Blog
September 26, 2023

Do You Know How to Spot a BEC Phishing Attack?

Cyber
3 min read
William​ Burke, CIC, Senior Vice President
  • Facebook
  • X (Twitter)
  • LinkedIn
  • Email
Do You Know How to Spot a BEC Phishing Attack?
  • Facebook
  • X (Twitter)
  • LinkedIn
  • Email

0nly dumb people fall for email phishing attacks, right? 0f course, everyone thinks they’re immune. 0nly a tech neophyte would fail to pick up on a sketchy note – especially from a familiar source.  

Well, did you notice the first letter in each sentence of the opening paragraph was not a capital “O”? It was a zero. And you’d really have a hard time noticing the same trick in an embedded URL. This deception is a well-established hacking technique called a homoglyph, or homograph, attack. The URL www.g00gle.com looks odd in text, but not so obvious in an embedded link only visible briefly as you click. 

Human error causes nearly 90% of all data breaches 

Lots of people fall for business email compromise (BEC) attacks. Worse, it usually takes a while for a business to discover an attack has succeeded. According to IBM’s “Cost of a Data Breach Report 2023” (seriously, the link is fine), the mean time to identify a BEC was 194 days. The mean time to contain the mess was 72 days. 

Big or small, any business is at risk. If the threat actor targets a corporation of 1,000 employees, it’s a safe bet that not everyone knows each other. Any one person could mistakenly fall into a BEC scam out of simple ignorance. Today’s remote work trend only adds to this type of exposure. Even in an attack on a small organization of 40 people, familiarity can be exploited. A BEC attack spoofed to look like the boss urgently requesting certain login credentials might not raise an eyebrow. A busy staff wearing lots of hats might not look too closely at the details and rush to meet the request. 

BEC phishing awareness training helps employees thwart cyberattacks  

So, what’s a business to do? Educate, educate, educate, and then educate some more: 

  • Make time to train your people – from the top down – on what a BEC can look like. The FBI has some solid training (yes, the link is legit) and real-life examples of BEC attacks. 
  • If you’re not sure how to train your team, lean on your IT professional and your cyber insurance broker. They can connect you with the right resources. 

Remember, time is money. Take the time to verify unique or external emails and requests. In today’s world of electronic banking and ransomware, an extra 10 seconds to inspect an email or link could save your organization from an unauthorized transfer, a large ransom payout, or weeks of time rebuilding locked systems. 

Want to learn more about protecting your business from cyberattacks and their liability costs? The Cyber team at Risk Strategies can help you gain a better understanding of your cyber risk profile, improve deficiencies, connect with cyber resources, and get comprehensive insurance coverage. 

Find Will Burke on LinkedIn here. 

Connect with Risk Strategies Cyber Liability team here. 

About the author 

Will Burke specializes in commercial insurance and contract surety for the construction industry. He advises on risk management best practices, including the importance of phishing awareness training for the whole workforce. 

The contents of this article are for general informational purposes only and Risk Strategies Company makes no representation or warranty of any kind, express or implied, regarding the accuracy or completeness of any information contained herein. Any recommendations contained herein are intended to provide insight based on currently available information for consideration and should be vetted against applicable legal and business needs before application to a specific client. 

Related Posts

See all posts

Cyber Risk
5 min read
April 02, 2025

The Future of Risk: Cyber Threats Affecting Businesses in 2025

Editor’s note: The way businesses approach risk is undergoing a fundamental shift. This article is …
Read article
Cyber
5 min read
March 26, 2025

Understanding the 23andMe Data Breach and Ensuring Cybersecurity

- UPDATE - From breach to bankruptcy: 23andMe’s data fallout continues Little more than 18 months …
Read article
Cyber Risk
7 min read
March 04, 2025

The Future of Risk: Systemic Risks to Watch in 2025

The days of treating risks as isolated incidents are over. As we move deeper into 2025, business …
Read article
Risk Strategies Logo
  • Report a Claim
  • Contact
  • Terms of Use
  • Cookie Policy
  • Privacy Policy
  • Consumer Health Data Privacy Notice
  • Accessibility
  • Health Plan Transparency Compliance
  • Accessibility
  • Cookie Policy
  • Health Plan Transparency Disclosure
  • Privacy Policy
  • Terms of Use
©2025 Risk Strategies. All rights reserved.

Connect with Us

  • LinkedIn
  • X
  • Instagram
  • Facebook