Skip to main content

Impacted by wildfires or winter weather? Whether you have a business that's been affected or your personal home and assets are damaged, know that you have a team of people to support you. Find resources here.

Marsh McLennan Agency logo

July 18, 2025 - LIMITLESS Magazine

Click With Caution

MMA’s cyber team guides you through the latest online threats.

The email looked so real.

The sender’s address looked legitimate, and the message wasn’t unusual to receive for a personal or business inbox: “You need to update your payment method on this account.” So, the recipient clicks the link, types their password, enters a credit card number, and confirms a few personal details.

It isn’t until later—when their bank flags random credit card charges—that the user realizes their mistake. They had opened their personal and professional accounts to cybercriminals by clicking a fraudulent link and then providing private data that was used nefariously and had likely been shared across the internet. The whole interaction took less than 48 hours.

Cybercriminals have come a long way since the Nigerian prince scams of yesteryear. They start with reasonable, seemingly harmless requests. Instead of “Please wire me $500K for my family,” it’s “Click here for $200 off the newest iPhone release!”

Anna Leone, senior vice president and national product development leader with Marsh McLennan Agency’s (MMA) Private Client Services, says modern cyberattacks are often subtle and reflect a better understanding of how people use their electronic devices. Machine learning and artificial intelligence have also made cyber scams much more convincing.

“It’s a lucrative business, and it’s an anonymous business,” she says.

Leone and her team advise clients, predominantly high-net-worth individuals, to consider how many “attack surfaces” they have—meaning all the different ways people inadvertently put their secure data at risk. Computers and smartphones are just the beginning. Smart home devices, Wi-Fi connections, and even video games can give scammers access to your personal and professional information. Consider, too, that people within your circles, like family members or employees, can unwittingly expose your household or business to cybercrimes via their online behaviors.

The FBI’s Internet Crime Complaint Center received a record 880,418 cybercrime complaints in 2023 (the most recent data available), with potential losses to individuals and businesses exceeding $12.5 billion.

Mario Paez, executive vice president and national cyber risk leader for MMA, advises commercial clients that they need to implement more obstacles to keep criminals out of their business data—and their workforce’s personally identifiable data.

“Our job is to increase the barriers for access. It’s that old adage: you don’t have to be fast enough to outrun a bear, but faster than the person behind you,” he says. “Start with some practical first steps. Multifactor authentication on everything is one easy thing to do. And then look at that next step: should the business institute secure access to its private network across all devices? Or perhaps offer a password manager tool for employees to securely store their passwords? Have a regular cycle in place to review your cybersecurity measures on at least an annual basis. The worst-case scenario is for a client to get too overwhelmed and not do anything.”

Even the most internet-savvy people sometimes fall for cyber scams. MMA cybersecurity experts recommend that victims report any digital crimes to law enforcement immediately. Cyber risk insurance coverage, which MMA recommends to all clients, can also help fraud victims recover financial losses, restore data, protect their liability, and put stronger cybersecurity measures in place for the future.

Reclaiming funds, privacy, reputation, and sensitive data can be costly without the right support.

“From a cyber insurance protection perspective, a client is ultimately gaining peace of mind. There is a lifeline there to help you,” Leone says. “As diligent as you’re going to be, if the worst case happens, we want to make sure you feel safe, and you’re protected.”

Lock it down

Leone and Paez offer these tips for avoiding cybercrime:

  • Enable multifactor authentication on everything.
  • Invest in a password manager, or even multiple password managers, depending on the size of your organization.
  • Monitor your family’s and employees’ internet use and ensure they’re educated on the latest scams. This can include employee awareness training, like phishing simulations.
  • Have a family “safe word.” Did Grandma get a suspicious call that her grandchild is in trouble? AI can make faces and voices seem like the real thing. Asking for the safe word only known to close family members—“chocolate,” “frog,” or any other uncommonly used word—can help root out dupes.
  • Identify and monitor who has access. Many organizations use privileged access management, called PAM, to limit who has access to certain accounts and activities to guard against unauthorized users.
  • Use a virtual private network. VPNs protect users by encrypting data and masking IP addresses. Historically, more of a corporate measure, VPNs are gaining popularity with individuals as well.
  • Have a “cyber hygiene” plan. This can begin with identifying how many devices have access to your data and networks and how often those devices have been updated with software security patches and new, complex passwords.
  • Back up your data. If you are potentially exposed to a ransomware attack, you have a backup.
  • Educate yourself on the latest security scams and think before you click. Independently verify the source of that link or phone number before engaging with it.
  • Don’t invite in bad actors. Be careful about where you plug in your phone or laptop charger, which Wi-Fi networks you access, and which QR codes you scan. Malware is easily hidden in “free” tech.
  • Don’t be overwhelmed by all the cybersecurity choices. Start small and review often, making incremental safety changes when necessary.

And remember, always think before you click!

To read more articles like this one, check out the current issue of LIMITLESS Magazine.

Current Issue

LIMITLESS Magazine Articles

Placeholder Image

The Art of Fine Art Protection

07/18/2025

Explore fine art insurance with MMA's Anne Rappa, protecting valuable artwork and culture.
Placeholder Image

Kindness Matters

07/18/2025

MMA's Northwest region promotes Random Acts of Kindness in November to inspire impactful gestures.
Placeholder Image

The Sky's the Limit

07/17/2025

Discover how the leadership of two women, in a male-dominated field, has propelled Helinet to continued success.
View All