NCLM Volume 70, Issue 4, 2020

NCLM.ORG 27 “Spear phishing” is the term for when a cybercriminal selects a spe- cific victim (such as a city hall employee who has access to what the criminal wants), makes a fraudulent request that appears credible to that person (often by impersonating a supervisor or other legitimate authority), and is successful in getting that unsuspecting employee to act on that request. That’s the slickest type of phishing scam and accounts for more than 90 percent of the attacks. Again, costly. Ransomware is brutal when it happens. It’s a type of malware that the criminal uses to lock a victim out of his or her own computer files or accounts. It can apply to entire city governments. Ransom- ware typically spreads through phishing emails. Outdated applica- tions and operating systems are the target of most attacks. ˘˘˘ The League’s virtual training sessions go deeper into the topic of attacks, vulnerabilities and how to stay safe. You can access this training at https://www.nclm.org/insurance/eRisk. It’s important that cities and towns go through this training. In the time it took you to read this article, multiple individuals, busi- nesses and government agencies have been attacked. According to a study out of the University of Maryland, an attack happens somewhere every 39 seconds. Cybersecurity Shelby is otherwise a laid-back, beautiful North Carolina city. Pictured is Uptown Shelby on a normal weekday lunch hour. Photo Credit: Ben Brown. Cybercriminals often apply social engineering to get people like city hall employees to break from normal security protocol and best practices in order to gain access to things of value .