Not-for-profit organisations carry unique yet significant risks, making it critical to get the right insurance cover. At Acacia Insurance, we know how difficult it can be to get the right insurance solution to meet the needs of your not-for-profit or charity organisation. That’s why we take the time to really get to know you and leverage our industry expertise and experience to help you protect the important work that you do.
On top of the considerations you have already made regarding your business and insurance due to the implications of COVID-19, now unfortunately you have increasing cyber risk to manage as well.
Cyber attacks have always been intentionally engineered to prey on people’s fears, concerns, and ultimately, their bank accounts. In the wake of the COVID-19 era, attacks remain as malicious as ever, with themed tactics tailored to the worries of today’s society. 43% of all cyberattacks target small businesses, taking various forms such as web-based attacks, phishing attacks and malicious codes. It’s a disappointing reality that there are those who would take advantage of people during a global pandemic, but that doesn’t mean there’s nothing you can do to protect yourself and your business.
Where is your cyber risk coming from?
On average, 92% of all the malware is delivered by email. Although you may not have complete control of what messages land in your inbox you can still regulate which communications, attachments and information you share and open.
Recently, Australia Post has made people aware of fraudulent emails being sent using their branding and prompting customers to click on a link. The emails incorrectly claim a package has failed to be delivered and includes a link to click to ‘Pay fee’ or seek ‘Further information.’
SMS remains the second most common delivery method. The Australian Cyber Security Centre reported on a COVID-19 themed scam via text message, appearing to originate from ‘GOV’ as the sender and including a link to find out when to ‘get tested in your geographical area’ for the virus. The link is not legitimate and may install malicious software on your device, designed to steal your banking details.
And traditional phone scams are also making a reappearance. We’ve recently been notified about scammers calling individuals and pretending to be the ATO, asking for bank account and other personal details, implying that this is in respect of JobKeeper payments. Please do not provide the requested information as JobKeeper payments are only made to employers so there is no necessity for the ATO to be calling employees as the required bank account details were already provided to the ATO during the enrolment process.
Additionally, we’ve heard reports of scammers calling individuals and pretending to be from Microsoft – they will allege that there has been a security breach on your Office 365 account and ask for your 2 factor credentials so they can log in and ‘secure’ your account.
These phishing campaigns are often sophisticated, with cybercriminals aligning malicious activities with government announcements such as relief payments or health guidance and advice.
Tips for protecting your business from cyber risk
- Do not click on hyperlinks in text, social media messages or emails, even if it appears to come from a trusted source.
- Instead, go directly to the website through your internet browser to verify the legitimacy of a contact.
- Never respond to unsolicited messages or calls that ask for personal or financial details. Even if a source claims to be a from a respectable organisation – just press delete or hang up.
- NEVER give anyone your 2 factor credentials – they should be treated as highly confidential and no provider would be asking for this information.
- Keep the security on your network and devices tight and up to date, with a good firewall to protect your data.
- Stay up to date on the latest types of scams by subscribing to the government alert service here: https://www.staysmartonline.gov.au/alert-service
Be sure to remember that no matter how official and sophisticated they may sound, your bank, government, healthcare provider or any other contactor will never ring you to ask for personal details over the phone. This also translates to email; no official source should include a log in link.
The Scam Watch website provides information on the latest scams, tips and alerts. You can subscribe for the latest email alerts on current scams, as well as visiting its social media pages for information
Initiatives you can take include updating your systems with the most current security patches, reviewing your business continuity plans, implementing two-factor authentication to log into systems and platforms, most importantly, educate and remind your team about best practice cyber security practices.
Cyber insurance acts as a safety net should your business be impacted by a cyber-attack or data breach. Having an appropriate cyber insurance solution is no longer a ‘nice to have’ but a ‘need to have’ for many businesses to have adequate protection. Acacia Insurance provides specialist solutions to work as your safety net should your business be targeted by a cyber-attack or experience a data breach.
Contact us to discuss your situation or for a free, no obligation quotation.
Please note that this should be regarded as general advice only, and we would strongly encourage you to call us to discuss your specific situation before making any decisions about your insurance solution or risk management programme.
While Australia has been relatively protected from the spread of Corona Virus (COVID 19) many businesses have been disrupted due to social distancing requirements, travel, import and or export restrictions.
In response to some frequently asked questions we've received from clients, we wanted to help clarify how insurance responds (and in some cases doesn't respond) in the pandemic environment, as well as provide some resources and risk management considerations.
Acacia Insurance is pleased to announce its appointment as the insurance partner for the Institute of Automotive Mechanical Engineers (IAME).
Acacia Insurance is part of the Insurance Advisernet network, and we're so pleased to note that the Australian and New Zealand Institute of Insurance and Finance (ANZIIF) has named Insurance Advisernet as the Authorised Representative Network of the Year for 2018!
Acacia Insurance is pleased to note that our Director, Martin van Rhoon, was recently interviewed for an Insurance Adviser magazine feature on not-for-profit insurance. In particular, van Rhoon highlighted that more than half of non-profit organisations do not have a risk management plan in place, and even fewer have a risk register.
So, you build a business, work six or seven days a week, long days, long nights for years on end – a journey your young family endures along with you. Why? Because you want to build the lifestyle you’ve always envisaged and to be able to give your kids something better than what you had.
Finally, you’re getting somewhere, you have a good business, a good lifestyle and your life’s plan is on track. So why then do so many business owners play Russian roulette with their survival?
With experience of advising clients on their insurance and risk over many years, we innately know the value of getting an insurance agent, broker or adviser to help you protect yourself and your business.
We have seen the peace of mind and benefit you get from having the right size insurance solution, and the right person to contact when things don't go to plan.
At Acacia Insurance, we're proud to be part of Insurance Advisernet.
Not only do our clients benefit from being part of our network, but so does the community!
You can check out a wide variety of ways that IA gets involved and gives back (there are a number of stories on their news page here), but one that recently caught our eye was the donation of a defibrillator to the Port Hacking Open Sailing Club.
We've seen countless headlines, both in Australia and overseas, about data breaches, human error and sensitive information leaks. As you may or may not have already heard, laws have been strengthened with amendments to our privacy legislation, which came into effect on 22 February 2018.