If you are experiencing communication or transaction delays, please accept our sincere apologies.  As a result of the recent transition of IRAs from Quest Trust Company and NuView Trust Company, Inspira Financial is undergoing significant account integration activities and, as a result, we are experiencing an increase in call volumes, a backlog in processing certain transactions, and a disruption of certain technology features.  Please know we are receiving your messages and are working promptly to remedy the situation for all accountholders, including prioritizing those with urgent pending transaction dates. We appreciate your patience and value our relationship. 

Article

When something seems phishy: cybersecurity tips 

By Inspira Financial
May 11, 2023
Security
B2B
Article
a cybersecurity team working in an office

We all get them, whether at home or at work, through email, text, or our social media accounts. They appear to be from a family member, friend, vendor, or client. They seem innocent enough, asking you to check in on an order, share a photo, verify personal information, or just click a link. 

Don’t. 

As legitimate as these communications can appear, they aren’t always coming from the source you think. Cyber hackers have gotten increasingly good at mimicking legitimate emails and texts from companies, acquaintances, and even co-workers. After all, they have a vested interest in getting you or your employees to breach your company’s cybersecurity protections and provide private data or inadvertently download malware, or ransomware, onto your device — and more likely onto your company’s server. 

 

5 Cybersecurity tips for employers to defend your data 

But just because hackers have improved their digital design and writing skills doesn’t mean you don’t have ways to defend yourself and your company against phishing and hacking attempts. Here are some best practices to help keep your — and your company’s — data secure.

 

Always verify the sender 

With emails, it only takes a few seconds to hover over the sender’s signature block to reveal their email address.  

Pause and ask yourself whether the requested action seems legitimate. Would the CEO really reach out to you and ask you to buy e-gift cards, forward sensitive client data to him while on vacation, or wire money as a personal request? If you have any doubts, verify the colleague, vendor, or client’s address or website independently and email your contact at their known address and ask if they sent this to you.  

For phone calls and texts, especially those requesting urgent action, similarly, verify that the number is legitimate before responding. 

 

Watch out for bad grammar 

Typos are still a tip-off that something might be phishy. While we all make them, corporate communications go through so many rounds of reviews, that misspellings and numerous grammatical errors are uncommon. Though hackers are getting better at proofing, being as judgmental as your eighth-grade English teacher can save you from a regrettable click-through.

 

Build up your cybersecurity policies 

Have and enforce password policies that align with the latest guidance from the National Institute of Standards and Technology (NIST) and other cybersecurity specialists.  

That includes requiring minimum password lengths of at least eight characters. Prioritize length over complexity — longer is better. Use phrases or sentences that are easy to remember. If you can, also incorporate multi-factor authentication. It’s one of the strongest protections you or your company can use to prevent accounts from being compromised. 

 

Use cybersecurity technology to your advantage 

Apply software patches as soon as they come out. Consider presetting your computer to ensure that those patches update automatically as soon as they are available. This is especially helpful if you’re an employer. 

 

Communication is key 

If you’re an employer, communicating online etiquette to employees clearly and reminding them of it often is important.  

For instance, many may not realize that they should not be downloading files, such as fonts they may need, or free software, without requesting permission from your IT department first. But you can put in firewalls that will prevent them from being able to do so.  

And should something unfortunate happen, consider if you should share some of the details on a company-wide basis so that everyone is aware of the attempted breach. It helps make the precautions you ask employees to take even more credible. 

The best defense for individuals and companies of all sizes is to keep your collective guard up by being hyper-vigilant to suspicious communications.

Explore more insights