Preventing Loss

Cyber Threat: With connectivity comes risk

“Good morning, Leslie. In light of an investment that I’m finalizing, I need you to wire $150,000 from the cash reserves in our primary brokerage account to United Industries. The wire instructions are attached.”

Leslie, the personal assistant for a highly successful entrepreneur, didn’t find anything unusual about this email request from her employer—not until she received a second, similar request within a week of processing the wire.

“Leslie, we’ll need to move another $90,000 to United Industries. Please process accordingly using the same instructions.”

Although this email, like the one prior, was sent from her employer’s personal email account and included his customary signature and private details of his personal account, something seemed off, prompting Leslie to pick up the phone. As it turned out, her employer hadn’t made either request.

Though some of the details have been changed, this is an actual example of a spear phishing attack that resulted in a significant financial loss for this individual. This tactic is increasingly being used by cybercriminals to reach high-level executives and other wealthy individuals.


The High Net Worth Face a Greater Risk When it Comes to Cyber Threat

The overwhelmingly prevalent motive for attacks remains financial gain for the thieves. Your wealth and the complexity of your lifestyle make you a very appealing target. While you may fully trust the individuals whom you employ to help care for your children, manage your finances, maintain your homes, automobiles, collections and so on, each one creates a potential vulnerability and increases the attack surface for a thief to focus on. Your employee may not have malicious intent, but he or she may be the unknowing entryway into your network.

As connectivity spreads into every corner of your personal and professional life, it becomes more and more critical for you to take precautions to protect yourself against the ever-evolving threat of cyber attack. To help in this effort, PURE has taken a number of steps:

  • We introduced CyberSafe SolutionsSM, a unique collection of services designed to make it easier to assess, prevent, detect and respond to cyber risks. Among the services available are:
    • Cyber Advice Line

      Cyber Risk specialists are available to assist PURE members with specific questions or concerns. Call 855.573.PURE (7873) between 9 a.m.—8 p.m. EST, Monday through Friday for assistance.

    • 10-Point CyberSafe Fundamentals Check

      This assessment is designed to help identify and mitigate major vulnerabilities in your home network, devices, and online activities. It’s now part of our PURE360™ Risk Management Consultation and is available through the Cyber Advice Line.

    • Identity Restoration

      For members who are the victim of identity theft, PURE will arrange for and cover the costs of restoring your identity. Our identity theft restoration partner will take on many of the administrative burdens associated with the process, including canceling and replacing credit cards, driver’s licenses, Social Security cards, insurance cards, and more. We will even cover the costs of identity monitoring for two years following the incident to help prevent it from happening again.

    • World-Class Services Provided by Concentric AdvisorsTM

      Through Concentric Advisors, innovators in the field of personal security, members have access to custom fee-based solutions designed to address evolving cyber threats to your family, home network, devices, social profile and more.

  • We created PURE’s Cyber Knowledge Center, located within the PURE Situation RoomTM at puresituationroom.com/cyber, as a way of sharing both expert information on the risks, and advice to help protect against them. Included in the website is our white paper, CyberSmart: Understanding And Managing Cyber Threats To High Net Worth Individuals.

  • We continue to invest our time in helping our members, and those who serve them, become smarter about cyber risk.

Ross Buchmueller, President and CEO of The PURE Group, shares the solutions available to help individuals protect themselves against breaches in a CEO roundtable discussion held in partnership with Chief Executive magazine in July 2015.

Martin Hartley, COO of The PURE Group, together with Roderick Jones, CEO of Concentric Advisors, presented on the risks and solutions to a group of PURE members, independent insurance brokers, and financial advisors in November 2015.

REDUCE YOUR RISK TO SPEAR PHISHING ATTACKS

As shown on the previous page, cybercriminals follow the path of least resistance. The easiest way for them to gain access to your data is usually by tricking someone into handing over the keys and not by way of a clever piece of code. For this reason, it’s critical that the individuals and organizations who are trusted with access to your network and personal information follow protocols set by you. For example, for those who may be involved in money transfers:

Require oral confirmation, which should include a code word or phrase in order for the transfer to process.

Set up a separate, hard-to-identify email address used solely for your financial accounts.

Ask your financial institution what their policy is regarding stolen funds. All institutions have their own policies in place for this. If you are not satisfied with their response, consider another institution.

Request that additional layers of security, such as multifactor authentication, be required on your account prior to any transactions.

For additional advice and specific steps you should take to help reduce your risk to cyber attacks, visit PURE’s Cyber Knowledge Center at puresituationroom.com/cyber.