Are your clients prime cybercrime victims?

By Lindsey Elias, Marketing on October 3, 2022

Many cybercriminals would say ‘yes.’

11.5 Trillion dollars. An unfathomable amount of cash—and yet, this is the amount that cybercrime is predicted to cost the world in 2023—skyrocketing up 40% from 2022. But why is this number so massive? The answer is pretty simple. As new technological advances are made, cybercriminals benefit, too. Every year, they tap into all sorts of new capabilities, and if your clients include churches, municipalities, healthcare facilities or schools, they’re considered top-tier targets.

Check out these industry-specific stats from Privacy Sharks:


  • Healthcare cybersecurity breaches cost more than breaches at other industries: around $17.3 million each year.
  • On average, healthcare services have had 113,491 confidential files exposed per organization.
  • In the past two years, 89% of healthcare organizations have experienced a data breach and in the past three years, 93% have experienced one.


  • Schools are the second most targeted industry for ransomware attacks.
  • Out of 17 industries, education was ranked as the least secure when it comes to cybersecurity.
  • Education records are highly profitable for cybercriminals, selling for up to $265 per record on the Dark Web.


  • Churches are the most targeted group when it comes to phishing attacks.
  • Every 60 seconds, $17,700 is lost because of a phishing attack.
  • Phishing attempts increased by 667% in March of 2021.


  • S. Governmental entities had 1.2 billion sensitive records compromised in 2018 alone.
  • Ransomware is used on about 30% of government attacks.
  • The average amount of monthly ransomware transactions in 2021 was a massive $102.3 million.


  • An average ransomware attack on a business costs about $133,000, and the overall loss a company incurs due to a data breach is around $3.92 million.
  • Over 77% of businesses lack an incident response plan when it comes to cybercrime.
  • Small businesses, those consisting of between 1 and 250 employees, are most at risk of receiving malicious emails —with 1 in every 323 being targeted.

It’s terrifyingly easy for today’s hackers—and your clients could be at much more risk than they realize. But there are several things you can help them do (and you can do at your agency as well,) to deter these times of malicious attacks. It all starts with communication and education. The more that you, your agency’s employees and your clients know about cybercrime and red flags, the better. Here's a quick regroup on best practices for red flag spotting.

Recognize red flags: 

  • Emails that make you feel like you need to rush to do something—because they request a fast response or talk about some sort of immediate deadline
  • Emails with misspellings and grammatical errors
  • Emails that want you to click on links or open documents
  • Names, email addresses and websites that are misspelled— (they can be off by just one letter, so look closely)
  • Misleading links – (if you see a link, hover over it with your mouse before clicking to see what website appears. Does it send you to where it indicates, or does the website look strange?)
  • Any email involving money—telling you that you owe something or have to pay a bill, or asking you to log in to your bank account to fix something
  • “Winning” content that offers you a prize of some sort

Recognizing the warning signs for cybercrime is a great first step—but more can be done to proactively protect your agency and the clients you serve. Consider these best practices, too.


Smart cyber practices: 

  • Click with caution – A general rule of thumb that can give a big boost to your overall security is: don’t click on any links in email or text. If you think someone you know is sending you a link, double check with them personally before opening it.
  • Power up passwords – Substitute passwords for full passphrases, complete with characters and symbols, for example “TwinkleTwinkleLittleStar7&9.” Change them every six months or more.
  • Step up your security question game  Don’t choose security questions with answers that people could find online (for example: What was your childhood street? or Who is your favorite band?) When you talk about things online (or share photos of a concert with your favorite band,) these questions become all too easy to hack.
  • Communication is key – Cyber threats are changing all the time—so stay up-to-date on the latest best practices, read up on expert recommendations, and share them with your team and your clients.

As we’ve seen over the last few years, cybercrime is predicted to continue to exponentially grow. Cybercriminals likely see many of your clients as the “perfect victims,”—and chances are they see your agency in the same light. As cybersecurity month is upon us, it’s more important than ever to talk to those around you about their risk and put some proactive, best practices into place. Check out our Cyber Security Risk Resource Hub here, and share with your clients and coworkers.

Get more cybersecurity resources for agents and clients

Lindsey Elias, Marketing

As our Marketing Content Manager, Lindsey is passionate about producing quality content. When not at the office or planning her next Disney getaway, she loves hanging with her husband, family and fur babies and indulging in the two c's: carbs & coffee.


The information contained in this blog post is intended for educational purposes only and is not intended to replace expert advice in connection with the topics presented. Glatfelter specifically disclaims any liability for any act or omission by any person or entity in connection with the preparation, use or implementation of plans, principles, concepts or information contained in this publication.

Glatfelter does not make any representation or warranty, expressed or implied, with respect to the results obtained by the use, adherence or implementation of the material contained in this publication. The implementation of the plans, principles, concepts or materials contained in this publication is not a guarantee that you will achieve a certain desired result. It is strongly recommended that you consult with a professional advisor, architect or other expert prior to the implementation of plans, principles, concepts or materials contained in this publication.

This blog post may contain the content of third parties and links to third party websites. Third party content and websites are owned and operated by an independent party over which Glatfelter has no control. Glatfelter makes no representation, warranty, or guarantee as to the accuracy, completeness, timeliness or reliability of any third party content. References to third party services, processes, products, or other information does not constitute or imply any endorsement, sponsorship or recommendation by Glatfelter, unless expressly stated otherwise.

Related posts

Here are five ways you can build, expand and strengthen your professional network on LinkedIn.

Continue Reading

Telling a story doesn’t have to be long or complicated—in fact, sometimes simple is best.

Continue Reading

So, you’ve signed up for LinkedIn, filled in all of the basic information (like your work history and education) and contact information—what’s next?

Continue Reading

Submit a Comment