ABOUT CAREERS AGENTS INVESTORS SUSTAINABILIT Y CONTACT US

LOG IN
For Individuals For Business Claim Center Prepare & Prevent

! Types of Cyber Criminals and How to Protect Against Top Stories

Them ;Video=

5 Types of Cyber Criminals

Share

HowYs Your Cyber Knowledge? ;Tool=

Take this short cyber IQ quiz to see if you can

talk the talk.

Take the quiz

Related Content
Watch on Cyber Terms 101

Are You Prepared for Cyber Risks? Download

Understanding the types of cyber criminals and their techniques can help protect your organization the Cyber Guide
from a data breach. Here are some common threats and steps a business can take. Developing a Data Breach Incident Response
Plan [Video]
#? The Social Engineer

Cyber criminals pretending to be someone else can trick unsuspecting employees to compromise

data. In one scenario, a spoof email purporting to be from the CEO of the company directs an Related Products & Services
employee to send a PDF with employees’ 1099 tax forms for an upcoming meeting with the Internal
Revenue Service. The social engineer is able to capture Personally Identifiable Information (PII). Travelers Pre[Breach Services
provided by Symantec™
“We often see people making mistakes like this,” says Jennifer Coughlin, a partner at Mullen Coughlin
LLC, a data breach law firm that works with Travelers Insurance. “Encourage employees to make a Better together when it comes to cyber
phone call and speak to the person, instead of leaving a voicemail – to verify all requests for sensitive, protection.
confidential, or protected information and financial information before they reply with the requested
information. Employees should also ensure the “Reply To” address is, in fact, the email address of the
requesting employee, and send this type of information via an encrypted email message.” Beware
time-sensitive requests, as social engineers sometimes use a sense of urgency to compel victims CyberRisk for Multiple Industries and
into unsafe behavior. Business Sizes

#B The Spear Phisher Broad cyber liability coverage customized to

fit the needs of small businesses to Fortune
Social threats factored into just under one-third of confirmed data breaches, with phishing the tactic 500 companies and every organization in
used in 92 percent of social-related attacks.1 An email can appear to be from a legitimate sender, but between.
actually contain a malicious attachment or link that can give spear phishers access to banking
credentials, trade secrets and other information that they are able to access.

“Companies can have employee training that both prepares and tests employees to recognize and View More Cyber Insurance Options
respond to malicious phishing attempts,” says Tim Francis, Travelers Enterprise Cyber Lead. If a
phishing attempt is successful, having the proper security in place provides another line of defense:
protecting the rest of your network by segmenting the network and implementing strong
Need an Agent?
authentication between the network and important data.

#C The Hacker ZIP Code Find an Agent

Nearly two-thirds of confirmed data breaches involved leveraging weak, default or stolen passwords.2
Malware poses a serious threat, as it can capture keystrokes from an infected device even if
employees use strong passwords with special characters and a combination of upper- and lower- See All Cyber Content
case letters.

Still, strong passwords are the first line of defense against hackers, according to Tim Francis. “Use
multi-factor authentication, enforce strong password requirements, patch operating systems,
software and apps, and increase redundancy and bandwidth,” Francis says.

#E The Rogue Employee

Disgruntled employees present an insider threat to data. Insider threats accounted for 15 percent of
breaches across all patterns,3 and they can be especially challenging for companies because
employees often have both access to data and knowledge of what is stored and where.

Restricting access to sensitive data to only employees with an immediate need to use the data can
help reduce the threat. Companies can limit, log and monitor internal account usage to protect
against rogue employees, as well as protect against external attackers disguising themselves as
legitimate users.

#! The Ransom Artist

Bad actors have been modifying codes and implementing new ransom attack methods, sparking a
rise in ransomware as the fifth most common form of malware, up from the 22nd most common in the
2014 Verizon Data Breach Incident Report.4 Many companies are paying ransom, often via
anonymous bitcoin payments, to have their data restored.

“The people who fall victim to ransomware are not following the information security rules, including
encryption and frequent backups,” Pascal Millaire, Vice President and General Manager of Cyber
Insurance at Symantec. If you are able to independently restore the data, you will be less affected by
the ransom attempt, but you will still need to determine how the cyber thief gained access to your
network before making their ransom attempt.

Sources:
1 http://www.verizonenterprise.com/resources/reports/rp_data-breach-digest-2017-perspective-is-

reality_xg_en.pdf
2 Ibid.
3 Ibid.
4 Ibid.

Learn More About Travelers Cyber Insurance Options

More Prepare & Prevent

BSB? Travelers Risk How Does Cyber Building Resilience to

IndexU Cyber
;Infographic=
Here's a look at key findings
from the 2021 Travelers Risk
Index, including what are the
top cyber-specific concerns.
Insurance Work?
Learn more about having the
coverage that is right for your
company.
Cyber Threats
For more information on how
to help protect your company
from cyber risk, see our
whitepaper.

Travelers and The Travelers Umbrella are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries.
© 2022 The Travelers Indemnity Company. All rights reserved.

PRODUCTS & SERVICES OUR COMPANY CONNECT LEGAL & COMPLIANCE

For Individuals About Travelers Customer Support Terms of Service

For Businesses Careers MyTravelers® Privacy & Security
Claim Services Investors For Agents Accessibility
Prepare & Prevent Sustainability Find an Agent Producer Compensation Disclosure
Travelers Institute