News

5 Ways to Spot a Phishing Email

A phishing attack is a form of social engineering by which cyber criminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague. The email might ask you to confirm personal account information such as a password or prompt you to open a malicious attachment that infects your computer with a virus or malware.

Phishing emails are one of the most common online threats, so it is important to be aware of the tell-tale signs and know what to do when you encounter them. Here are five ways to spot phishing attacks.

  1. The email asks you to confirm personal information

Often an email will arrive in your inbox that looks very authentic. Whether this email matches the style used by your company or that of an external business such as a bank, hackers can go to painstaking lengths to ensure that it imitates the real thing. However, when this authentic-looking email makes requests that you wouldn’t normally expect, it’s often a strong giveaway that it’s not from a trusted source after all.

Keep an eye out for emails requesting you to confirm personal information that you would never usually provide, such as banking details or login credentials. Do not reply or click any links and if you think there’s a possibility that the email is genuine, you should search online and contact the organization directly  – do not use any communication method provided in the email.

  1. The web and email addresses do not look genuine

It is often the case that a phishing email will come from an address that appears to be genuine. Criminals aim to trick recipients by including the name of a legitimate company within the structure of email and web addresses. If you only glance at these details they can look very real but if you take a moment to actually examine the email address you may find that it’s a bogus variation intended to appear authentic ‒ for example: @mail.airbnb.work as opposed to @Airbnb.com

Malicious links can also be concealed with the body of email text, often alongside genuine ones.  Before clicking on links, hover over and inspect each one first.

  1. It’s poorly written

It is amazing how often you can spot a phishing email simply by the poor language used in the body of the message. Read the email and check for spelling and grammatical mistakes, as well as strange turns of phrase. Emails from legitimate companies will have been constructed by professional writers and exhaustively checked for spelling, grammar and legality errors. If you have received an unexpected email from a company, and it is riddled with mistakes, this can be a strong indicator it is actually a phish.

Interestingly, there is even the suggestion that scam emails are deliberately poorly written to ensure that they only trick the most gullible targets.

  1. There’s a suspicious attachment

Alarm bells should be ringing if you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected. The attachment could contain a malicious URL or trojan, leading to the installation of a virus or malware on your PC or network. Even if you think an attachment is genuine, it’s good practice to always scan it first using antivirus software.

  1. The message is designed to make you panic

It is common for phishing emails to instill panic in the recipient. The email may claim that your account may have been compromised and the only way to verify it is to enter your login details. Alternatively, the email might state that your account will be closed if you do not act immediately. Ensure that you take the time to really think about whether an email is asking something reasonable of you. If you’re unsure, contact the company through other methods.

Ultimately, being cautious with emails can’t hurt. Always remember this tip-
STOP. THINK. CONNECT.™ tip:

When in doubt, throw it out: Links in emails, social media posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.

 

Author Bio

Mike James is a Brighton based writer and cybersecurity professional who specializes in penetration testing, ethical hacking and other cybersecurity issues facing businesses of all sizes

To see the original article, click here.

Wishing you a Happy and Joyful New Year

In honor of the New Year, the Tedrick Group will be closed Monday. January 2, 2023  and will reopen at 8am on Tuesday, January 3, 2022.  

We wish you all a safe and Happy New Year!

The Tedrick Group Celebrates Cheryl Kwiatkowski and her 20 Years of Service

The Tedrick Group office was closed February 28 from 11:30AM to 1:30PM in order to honor Cheryl Kwiatkowski and her 20 year anniversary with the Tedrick Group with a staff luncheon.  Congratulations and Thank You to Cheryl for her long time service!

$7.01 Million: Average Cost to Resolve a Data Breach

Data breaches are not only becoming more prevalent among companies located in the U.S., recovering from them is also becoming more expensive.  

According to the 11th annual benchmark study conducted by the Ponemon Institute, the average total cost to resolve a data breach increased by 7 percent since the previous study conducted in 2013, to a staggering $7.01 million. The average cost for each lost or stolen record containing sensitive information increased by 2 percent, from $217 to $221 per record.  

The 2016 study, released in June, examined costs incurred by 64 U.S. companies in 16 industry sectors. Data breaches involving more than 100,000 compromised records were not included in the results as the institute found that the types of breaches incurred by most organizations averaged 29,611 compromised records.  

The report provides information regarding trends gleaned from research as well as findings on factors that generate higher costs and those factors that reduce the costs of data breaches. Over the years, results from the Ponemon studies have revealed these trends:

  • The cost of a data breach has not fluctuated significantly, suggesting that the cost should be incorporated by businesses in data protection strategies.
  • The biggest financial consequence of a data breach is lost business which, not surprisingly, is greater in certain industries such as the financial, health, technology, life sciences and service industries. Organizations need to include in any plan steps to keep or retain customer trust. 
  • Most data breaches continue to be caused by criminal and malicious attacks which take the most time to detect and contain, and therefore have the highest cost per record.
  • The costs of data breaches are higher for entities in regulated industries, such as healthcare and financial services, because of fines and higher than average loss of business.
  • Improvements in data governance programs often result in cost savings. These may include having incident response plans in place, appointing a CISO, implementing employee training and awareness programs, and having a business continuity management strategy in place. Investment in data loss prevention controls, encryption programs, endpoint security solutions and threat sharing reduced costs.

The three factors were found to increase data breach costs the most:

  • Third party errors
  • Extensive migration to the cloud
  • Rush to notify

Third party involvement resulted in the highest increase with a $20.30 increase in cost per record lost or stolen, with cloud migration coming in second with an increase of $15.40.

The lesson to learn is to carefully choose third party vendors and make sure that all vendor agreements require the vendor to maintain standards to mitigate risk, and requires the vendor to take responsibility in the event of a breach (or at the least provides for an equitable sharing of the risk and costs if a breach occurs). Many vendor agreements include provisions limiting the vendor’s liability, which if not modified to except out a data breach can leave the customer with all of the costs of the breach. Requiring vendors to carry appropriate insurance and, in certain circumstances, name the customer as an additional insured may help mitigate the risk.

The risks and costs of data breaches are not likely to lessen, so planning and taking steps to mitigate and deal with a data breach will need to be part of the strategy of most, if not all, businesses.

By:  Lynn Wangerin http://www.ne16.com/t/175833/21878368/847986/0/1001710/
Source: The SKO Insider

Top 10 Causes of Distracted Driving—and What They All Have in Common

It’s no surprise that distracted driving is a major cause of car-related injuries and deaths. In fact, it’s estimated that roughly 25% of motor vehicle accident fatalities [3] are a result of distracted driving.

But what causes us to be distracted while driving in the first place? A Pennsylvania-based insurance company [4] examined data from the Fatality Analysis Reporting System, which surveys all American motor vehicle fatalities.

The results reveal the top ten causes of distracted driving, and make it clear that not all distractions are created equal.
1. Smoking related – 1%. Only one in a hundred accidents is related to lighting a cigarette, smoking or putting it out.
2. Moving objects – 1%. Moving objects in the car such as insects and pets can lead you to take your eyes off the road—and at least one source suggests [5] that it may be an underreported cause of distraction.
3. Using devices/controls to operate the vehicle – 1%. Surprisingly, adjusting things like mirrors or seatbelts plays a relatively minor role in distraction-related car accidents.
4. Adjusting audio or climate controls – 2%. Fiddling with the radio or adjusting the A/C for even a moment is a factor in a small number of traffic fatalities.
5. Eating or drinking – 2%. Every car has cupholders—and using them can be a definite source of distraction.
6. Using or reaching for a device brought into the car – 2%. We all know that using devices like cellphones can take our minds off the task of driving. But it turns out that even reaching for them can lead to a serious accident.
7. Other occupants – 5%. Other people in the car can place major demands on your attention when you’re driving, which can result in a collision.
8. Outside person, object or event – 7%. It turns out that looking at something or someone outside the car, like gawking at an accident or at people in other cars, is even more of a distraction than the person in the passenger seat.
9. Cellphone use – 12%. The second-leading cause of deaths due to distraction-related car accidents won’t be a surprise to anyone, as cellphones can distract us in a number of ways. But if they’re not the biggest cause then what is?
10. Generally distracted or “lost in thought” – 62%. By far the biggest cause of distracted driving fatalities is a driver’s mind wandering for long enough to lead to a collision—and someone’s death.

Though these 10 factors have a vastly different rate of occurrence, what’s interesting is they all have one thing in common. The one factor in every distracted driving accident is drivers paying attention to something other than driving. So what causes so many drivers to feel they can take their eyes and mind off the road?

There’s a simple but dangerous answer: complacency.

After you’ve been driving for a while you get comfortable and can forget just how dangerous it can be—because you’re complacent to the risks of driving. As a result, you’re more likely to feel like you can send a quick text or daydream without putting yourself in danger.

Compounding the problem are other states of mind like rushing, frustration and fatigue. These can further contribute to taking your eyes and mind off the task of driving and influence your decisions to do things when driving that increase your risk of a collision.

So what can you do about it? Check out this free guide on distracted driving [6] that examines why we’re so distracted when behind the wheel—and what we can do about it.

The guide collects the best research on distracted driving and provides an interesting new model for understanding distracted employees in the workplace. Discover an effective framework for improving focus and reducing distraction.

Source URL: http://safestart.com/news/top-10-causes-distracted-driving-and-what-they-all-have-common

Group Owned Captive Insurance Seminar

The use of captives in insurance can be a very confusing concept. On one extreme, companies who are unfamiliar with the concept believe captive risk financing is a magic bullet which can be used to solve all their traditional market pricing and coverage problems. On the other extreme, companies believe captives are solely the domain of the Fortune 1000 and not applicable to smaller companies.

~~The reality is that there are a variety of types of captives which are used to finance a variety of risks. While some captives have been established for companies with larger risk profiles, there are many more middle market companies who successfully use some form of captive.
 
We will cover:

•Elimination of the insurance market cycles – stabilize your cost of risk

•Reduce direct and soft costs of claims through highly specialized claims management and loss control services

•Share ideas and experience with an exclusive club of other top tier companies

•Opportunities to enhance your operating income

•Own an equity stake in your insurance company – “Rather than just renting insurance”

•Earn investment income on loss funds and claim reserves

•Contain your corporate tax burdens by enjoying the inflows of captive program profits in tax preferential environment

•Risk management resources from the Tedrick Group to reduce your total cost of risk

~~Location and Date:

Tuesday, April 26, 2016
9:15 - 9:30 am: registration
9:30 - 11:00 am: presentation

Cedarhurst Center for the Arts
2600 Richview Road
Mount Vernon, IL 62864

Breakfast will be provided


RSVP by April 12, 2016 to:
Carrie Wheeler  618.244.5800 carriew@tedrickgroup.com

About the speaker:

Keith Merkel
Captive Resources, LLC
Captive Resources, LLC is an independent consulting company and industry leader in the creation, development and oversight of member-owned group captive insurance companies.  Their captive model empowers businesses to control their insurance costs and develop organizational cultures that exemplify the very best safety and loss prevention practices.

 

 

Workers' Compensation Symposium

Implementing & Managing the Ultimate Workers’ Compensation Program

MARCH 10, 2016
John A. Logan College
8:00 AM to 4:30 PM

*space is limited, registration begins at 7:30 AM

COST: Free
RSVP: Before February 24, 2016

Join us for Southern Illinois Healthcare Workers’ Compensation Symposium to learn best practices from experts in prevention and injury-navigation management.

Visit workcarereadycare.net for complete symposium agenda.

Learn how to:
• Integrate employee wellness
• Choose the right workers’ compensation form, policy and procedure
• Get an end result in a chronic pain case
• Determine the costs through the Preferred Provider Program
• Understand the workers compensation law in Illinois
• Understand the legal and employee care guidelines

Speakers:

Eric Justin, MD, MPH, MBA

Vice President & Chief Medical Officer
Lockton Companies

Deborah Pape, PhD
President
Performance and Process Improvement Associates

James Atchison, DO
Medical Director, Rehabilitation Institute of Chicago Center for Pain Management &
Professor of PM&R at Northwestern’s Feinberg School of Medicine

Elizabeth Kerr
Vice President of Strategic Partnerships,
HFN and IL Workers’ Compensation Preferred Provider

Brandon Phelps
State Representative 118th District

Tom Margolis
Corporate Workers’ Compensation Attorney

Risk Management Center-Online Training

This year, we have added and revised over 40 online training courses, including
  
• Abusive Conduct Prevention
• Active Shooter Preparedness
• Crane Rigging
• Fire Extinguisher Safety • Heat Stress Prevention
• Incident Investigation & Analysis
• Lockout and Tagout
• Modified Transitional Duty • Personal Protective Equipment
• Slip, Trip & Fall Prevention
• Trenching & Shoring
• And much more

In addition to our enhanced online training curriculum content, we have added a new resource, the Safety Video Library with over 150 topics, each available in both English and Spanish.

Plus, we've added or updated over 150 additional documents within the Risk Management Library, including policies, posters, PowerPoints, and training shorts.

In 2016, we will continue to develop additional Risk Management Library and training course materials.

Please enjoy a safe and happy holiday season!
 

New Year's Holiday Schedule

In observance of the New Year's holiday, the Tedrick Group office will be closed Monday, January 2, 2017.

All of us at the Tedrick Group wish you and your family an enjoyable and safe holiday season.

Thanksgiving Holiday

All year long, but especially during this season, we are grateful for the many associations we have with clients, partners and friends. In celebration of Thanksgiving, we will be closed November 25th and 26th.  We hope you have a wonderful day celebrating all there is to be thankful for. 

We wish you all a safe and happy Thanksgiving holiday!

Pages