The Development of Phishing Strategies

The Development of Phishing Strategies

In today’s digital-forward landscape, it’s no surprise that business leaders are more concerned than ever about a potential data breach. In 2019 alone, the average breach of U.S. companies cost around $73,000, which, for some companies, may be the deciding factor of whether or not they can afford to stay in operation.

This concern isn’t going away–in fact, it’s only growing. Phishing attempts have grown 65% in the last year and are expected to continue to rise in 2020, especially as consumer-friendly tech-forward operations are continuing to be implemented and developed. But while technology and services continue to be fine-tuned, so are the strategies behind phishing scams.

2019 In a Nutshell

More than half of all data breaches in 2019 were not performed using malware, according to Crowdstrike. That’s an important factor to consider because malware is usually easily detectable and can be caught more quickly. What’s happening is that hackers are finding alternative and more sophisticated ways to access a company’s network using its own existing systems. This can be done by logging on with an employee’s stolen information.

As these breaches go more unnoticed, this opens the door for major issues such as losses, further damage to a network, and irreversible damage to a company’s reputation with its customers and clients. The average amount of time a hacker spent inside an organization’s network in 2019 was 95 days before being detected, up from 85 days in 2018. That’s a lot of time that one hacker can create big trouble.

The Development of Phishing

Phishing used to be detected via malware installed on a computer after someone had opened an email or a link within an email that was tainted. Now, hackers are evolving and finding their way into systems in various ways. These attacks are becoming more sophisticated.

For example, a hacker might spoof an email address of someone at a company and send out messages to the company from there. Once the employees who receive the message click on the email or a link inside it, not realizing it was fake, they’ve given away their login credentials and on down the list it goes.

Hackers are also taking strides to emulate a company’s leaders and supervisors by reading their emails to get the cadence of their messaging down. It used to be that a phishing email contained choppy language or misspelled words. Now, hackers are doing their due diligence to make their emails they send out look, sound, and feel like authentic messages. They’ll even head to an executive’s social media account to see what information they can use to personalize a message.

Combating Hackers and Phishing

It may sound like trying to nail down hackers and what they’re doing to accomplish their network infiltration attempts is a fool’s errand, but there are in fact measures that can be taken.

First, companies should be sure to lay a foundation of security around their networks and their operations. While they need to make sure they invest in the best cybersecurity enforcement available, protecting information, reputation, and assets through cyber risk services insurance is another step that needs to be taken.

Cyber risk services insurance helps to provide coverage for everything from social engineering to post-breach remediation costs to business interruption. Having this will help calm the storm of having to deal with the fallout of a phishing scam.

Next, a company should make sure all employees are properly trained and educated around phishing and data hygiene. Have procedures in place for anything that could possibly happen. Also, it helps to not be factored into the potential for risk.

An important understanding is that any company of any size and industry can be a target. Knowing that hackers are hungry for any and all information should alter a company’s mindset so that they are able to face the reality of having to be more mindful of daily tasks and network security.

About Connected Risk Solutions


At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at 678.359.6365.

About Connected Risk Solutions

At Connected Risk Solutions, we provide our agent partners with bold solutions for comprehensive insurance and risk management that are unmatched in the industry. We have market connections and collective decades of industry experience, including deep specialization in healthcare liability and managed care E&O, cyber and tech liability, management and professional liability, as well as captive management and risk management. We strive to develop creative solutions no other wholesaler can match and to help our agent partners give their clients the ability to achieve continued growth while simultaneously protecting against loss.

Our specialists, located in offices throughout the country, are responsive and engaged. To learn more, connect with us.

Table of Contents

Related Posts:
ConnectedRisk_HealthcareReform
Healthcare Reform and Its Impact on the Insurance Industry
The healthcare landscape is continually changing, and healthcare reform is a critical driver of change....
ConnectedRisk_SeniorCare
Looking at the Advancements in Senior Care
Senior care has undergone some extraneous advancements, and there are budding reasons for optimism. Now,...
ConnectedRisk_HealthcareStaffing
The Latest About Healthcare Staffing
The healthcare staffing industry is going through some changes as things fluctuate on the backend of...