Phishing is an effective method for cybercriminals to steal sensitive information, including user id’s and passwords. Westfield wants to be part of the solution with cyber threat intelligence and best practices to help you mitigate phishing attempts.

Through recent investigations of phishing emails targeting Westfield, we’ve learned several agency partners have fallen victim to phishing campaigns resulting in user account compromise. This trend has been identified particularly in agencies utilizing Microsoft Office 365 or some other cloud email service.

Once login credentials are compromised…

Cyber criminals gain access to the agency’s email account and monitor their communications. Next, they distribute malware by sending infected emails to stored contacts. Phishing emails sent from an agency’s email account to existing contacts are particularly hard to detect as trust and familiarity has typically been established between the two parties.

Is your agency taking advantage of an additional layer of security provided by Multi-Factor Authentication (MFA)?

MFA, sometimes referred to as two-factor authentication, is a security enhancement that requires an additional piece of information (typically a pin number or token) beyond your username and password when logging into an account.

Important! Upgrade current phishing protections

Westfield strongly recommends that all agencies enable Multi-Factor Authentication (MFA) for system and email access (e.g. Microsoft 365).

If you don’t use Microsoft, please contact your email service provider of IT support for MFA guidance.

When implementing MFA, the pin number or token to access the account should NOT be transmitted by email as the account may already be compromised.

• How can you tell if your email system may be compromised? Here are some basic hints:
  • Someone in your contacts informs you that they received a strange email from you.
  • Your password was changed and you don’t recall changing it.
  • Agent observes messages that have been read but don’t recall opening them, along with not recognizing messages in the sent or deleted folder.
• If your email system is compromised, the cybercriminal could intercept the pin and use it to login to other systems containing sensitive information.
• The preferred method to transmit a pin number or MFA token is through a mobile device by way of text messaging or phone call. If you do not have a mobile device, set up a landline phone number to have your MFA token communicated to you.

More steps to protect against phishing:

• Educate your employees on the dangers of phishing and how to detect these threats. Topics to include are:
  • Login credential requests sent through email or over the phone should not be trusted.
  • Access websites from a trusted source rather than a link sent through email.
• Engage your employees with mock phishing scenarios to practice detecting these attempts.
• Enable Multi-Factor Authentication (MFA) for system and email access (e.g., O365).
• Keep all systems current with the latest security patches and updates.
• Implement an email security filter to detect and prevent malicious email content.
• Install an antivirus solution on your PC and Servers.
• Implement a web security filter to block malicious websites

Westfield is committed to ensuring the sensitive information entrusted to us by our agency partners and customers. If you are interested in additional monitoring options, InsuraShield, is an independent service dedicated to providing next-generation security software and continuous security monitoring designed specifically for insurance agencies.