Archive for September, 2014

New Threat to Employers: Pregnancy Discrimination

Since the Equal Employment Opportunity Commission issued an advisory about pregnancy discrimination in July, the agency has been busy targeting employers it accuses of breaching the Pregnancy Discrimination Act.

Consider these recent actions:

In September, a Wisconsin Merry Maids franchise owner agreed to pay $40,000 to settle a pregnancy discrimination lawsuit filed by the EEOC. The agency accused V&B L.L.C. of firing a woman because she had suffered from pregnancy-related issues at work.

Pet food manufacturer Triple T Foods Inc. in August settled a pregnancy discrimination case filed by the EEOC for $30,000. The company had been sued for firing a lab technician an hour after she had informed the company she was pregnant. The company said it had to let her go due to safety concerns for the mother and baby.

The EEOC in August sued a company for pregnancy discrimination after it withdrew a job offer upon learning the candidate had just given birth. Savi Technology Inc. is accused of withdrawing the offer for its human resources director position after the woman told the company vice president and general counsel that she had recently given birth and had had surgery related to her pregnancy.

If you are surprised, you shouldn’t be. Since the last quarter of year 2011, the EEOC has filed more than 45 lawsuits involving pregnancy discrimination.

Said an EEOC lawyer in a recent press release:

“Employers should be well beyond archaic prejudices against women who are pregnant. Too many employers have continued to deny female workers equal opportunity to earn a living for their families and themselves, simply because they are pregnant or ‘showing.’

“The EEOC continues to combat such prejudices and practices as part of its efforts to educate the public about the rights of women in the workplace [and] everyone should be free from this obvious form of sex discrimination.”

 

What you can do

Many employers erroneously make decisions to fire or remove pregnant employees from certain jobs out of misguided notions of protecting the employee or the unborn child from certain work conditions, or out of a general fear that the pregnant employee will get hurt and sue – or file a workers’ comp claim.

Hiring managers and supervisors must understand that this type of thinking is no longer acceptable for both the federal and many state governments.

The best strategy to take if you are concerned about the well-being of a pregnant worker or her unborn child is to make individual assessment of each situation and take appropriate action when necessary based upon the unique facts of that situation.

You should try to have in hand good data and all the facts before taking action. You should also talk to the employee and not overreact.

As an employer, you need to take this issue seriously because the EEOC has made one of its top priorities obtaining not just monetary damages, but also “targeted, equitable relief” such as all sorts of injunctions.

 

Guidance

The EEOC in its Pregnancy Discrimination Act (PDA) Guidance gives numerous examples of what would constitute discrimination. It specifically warns again using outdated notions or stereotypes in making decisions about a worker or applicant’s ability to perform their job while pregnant.

The guidance specifically addresses the issue of when normal pregnancies without complications reach the threshold of a “disability” under the Americans with Disability Act (ADA). It’s typical in many pregnancies for an employee to reach a stage where she has a 20-pound lifting restriction, or the need for an occasional sit-down break. Must an employer accommodate those restrictions under the PDA?

At that point, the EEOC says, the employers must accommodate those restrictions if it also makes accommodations for non-pregnant employees. In the large majority of situations, the employer will have provided (or normally would provide) the accommodation to some non-pregnant employees – notably, those workers with an actual disability the employer is required to accommodate under the ADA.

The EEOC’s PDA Guidance, released in July, states:  “[A]n employer is obligated to treat a pregnant employee temporarily unable to perform the functions of her job the same as it treats other employees similarly unable to perform their jobs, whether by providing modified tasks, alternative assignments, or fringe benefits.”

A final word about being sued: The best protection, after having policies in place to ensure your business does not take any discriminatory actions against pregnant employees, is to have employment practices liability insurance.

Should you get sued, such a policy will pay for legal costs, fines and damages for not only pregnancy discrimination, but a myriad of other lawsuits your employees may file against your company.

California’s 60-day Waiting Period Limit for Health Plans Repealed

Governor Brown has signed a bill that repeals a California law that required employers in the state to offer health coverage to employees after just 60 days of hiring.

Thanks to the passage of this measure, Golden State law will be aligned with federal law, which requires that employers offer health coverage to new employees within 90 days of hiring them.

The bill, SB 1034, was pushed through the Legislature to also ease administration and compliance for multi-state employers by ensuring they have just one date to keep in mind when determining when a new hire must be enrolled in a health plan.

Also, SB 1034 changes existing law that requires employers offering a plan to send a written notice to an eligible employee who fails to enroll during an open enrollment period that they may be excluded from coverage for a specified period of time.

The new law instead requires the notice to inform the eligible employee that they may be excluded from eligibility for coverage until the next open enrollment.

Why Your Firm Needs Employment Practices Liability Coverage

We’ve been including plenty of information in recent newsletters on employees filing their employers for various alleged infractions. While strong internal policies are the key to avoiding such actions, even firms with the most airtight policies can still be sued or be the target of a complaint with the Equal Employment Opportunity Commission.

If you have employees, your firm is at risk and the costs of defending against a complaint or an EEOC charge can be enough to bury some companies. That’s why you need employment practices liability insurance (EPLI). But what exactly is it, what does it cover and how much does it cost?

This article attempts to answer those questions for you.

EPLI is written to:

•          Protect a company against damages for events relating to its workforce, including but not limited to: wrongful terminations, harassment, discrimination, defamation and unfair hiring/firing practices; and

•          Provide defense costs associated with responding to employment-related lawsuits.

 

What are the sources of EPL claims?

•          Race and sex discrimination

•          Employees, former employees and employment applicants for:

–           Wrongful termination

–           Invasion of privacy

–           Emotional distress

–           Breach of contract

–           Discharge in violation of public policy

–           Assault and battery

–           Harassment/discrimination

–           Defamation

•          Regulatory violations and government investigations:

–           EEOC

–           Department of Labor

–           Age Discrimination in Employment Act

–           Fair Labor Standards Act

–           Equal Pay Act

–           Title VII

–           Americans with Disabilities Act

 

•          Federal, state, city and county statutes

•          Customers, clients and consumer groups

 

Some examples of actions that could lead to EPL claims:

 

Wrongful termination

An insured gets involved in a bitter dispute with an independent contractor. After the dispute, the brother of the independent contractor who is an employee of the insured is suddenly fired. The employee alleges that the only reason for the termination of his employment was in retaliation for the business dispute the company had with his brother.

Settlement and defense costs exceeded $200,000

 

Retaliation

The plaintiff alleges that she had her employment terminated because she testified on behalf of another worker, who had brought a separate action against the company. She alleges that this is a violation of her employment contract, which provides that she can only be terminated for good cause. The plaintiff asserts causes of action for wrongful termination, breach of contract and retaliation.

Total defense and settlement costs exceeded $120,000

 

Wrongful termination    

An executive of a manufacturing company files suit against the company for wrongful termination and intentional infliction of emotional distress. The plaintiff, a former chief operating officer, makes statements that the company improperly failed to pay an employee overtime and terminated the employee for filing a complaint.

He alleges that although the company advised him that his termination was due to performance problems, he was actually terminated in retaliation for the honest statements he made in connection with a fellow employee’s termination.

Total defense and settlement costs exceeded $750,000

 

Discrimination based on disability   

The plaintiff in this case was terminated while out on medical leave due to an injury that occurred at work. He asserts that he was the victim of numerous discriminatory and harassing actions and remarks regarding his disability. The plaintiff alleges he was advised that if he filed a workers’ compensation claim, he would be terminated.

He was in fact terminated without disability benefits after he filed a workers’ comp claim. The complaint comprised three causes of action: discrimination based on physical disability; tortuous termination; and specific violation of state laws.

The defense and settlement costs exceeded $75,000

 

Top 10 Productivity Killers in the Workplace

Although technology is often billed as a productivity enhancer, allowing us to do more with less, it can be a major disruptor for productivity, as well.

Employees who get hooked on sending text messages, engaging in Facebook banter or surfing the Internet are having a serious drain on productivity in the American workplace. These are some of the main productivity killers in a recent CareerBuilder.com survey on what’s getting in the way of employees doing their jobs.

Harris Poll, on behalf of CareerBuilder.com, surveyed 2,138 hiring managers and human resources professionals in a number of industries and in companies of various sizes during March and April.

Behaviors of co-workers, meetings and other factors are also creating obstacles to maximizing performance.

When asked what they consider to be the primary productivity stoppers in the workplace, employers pointed to:

1) Cell phone/texting (50%) – One in four workers admitted that during the typical workday they will spend one hour on personal calls, e-mails and/or sending text messages.

2) Gossip (42%) – That chatter in the office may not always be about work. Often it is talking bad about other co-workers, managers or outside acquaintances.

3) The Internet (39%) – One in five workers said that they spend an hour or more every workday searching the Net for non-work-related information, photos and more.

4) Social media (38%) – Other studies have found that Facebook, LinkedIn and Instagram are significant drains on employee time.

5) Snack breaks or smoking breaks (27%).

6) Noisy co-workers (24%) – These are people who have conversations that are too loud while on the phone, or who make outbursts when they get annoyed or upset.

7) Meetings (23%) – Some organizations just have too many meetings, and a lot of time is wasted if they are not succinct and to the point.

8) E-mail (23%) – Employees are often busy sending personal e-mails to friends and family.

9) Co-workers dropping by (23%) – These are those little chat sessions when a colleague stops by another’s desk for some chitchat.

10) Co-workers putting calls on speaker phone (10%).

 

So what are employers doing to cut into these bad habits? Here are some of the tactics that CareerBuilder.com discovered employers are using:

  • Blocking certain Internet sites – 36%
  • Prohibiting personal calls or personal use of cell phones – 25%
  • Monitoring e-mails and Internet usage – 22%
  • Scheduling lunch and break times – 19%
  • Allowing people to telecommute – 14%
  • Implementing an open space layout instead of cubicles – 13%
  • Limiting meetings – 12%
  • Restricting use of speaker phones in the office – 11%

 

To avoid wasting time at work, CareerBuilder.com recommends that workers:

 Organize and prioritize – They should de-clutter their workspaces and clearly lay out their work plans for the week. What do they need to accomplish each day? How much time will each project take? Which projects have the highest priority?

 Limit interruptions – Incoming calls and co-workers dropping by to chat about their weekend can break an employee’s concentration and gobble up precious time. If it’s a problem, let employees block off a conference room to work on a project to avoid distractions at their desks. Urge them to read e-mails at intervals, instead of opening each one as soon as it comes in.

 Avoid unnecessary meetings – Don’t set aside an hour to meet about an issue or initiative that can be addressed with a quick phone call. Politely decline the meeting invitation and follow up with the organizer.

 Get personal on your own time – Whether you want to call a friend, take advantage of an online sale or post a picture of your dog on your social profile, do it during your lunch hour or break time – or after work.

 Communicate wisely – Don’t spend 20 minutes crafting an e-mail to the person sitting in the next cubicle. Save time by walking over to your colleague’s desk. Or if they are in another part of the office, just call them. You can get through a conversation a lot faster than typing an e-mail.

 Don’t delay the inevitable – Finding other things to do so you can put off a less preferred project will only end up wasting more time. Don’t procrastinate. Dive in and tackle the task at hand.

 

Napa Earthquake Fallout: Is Your Business Covered with a ‘Differences in Conditions’ Policy?

The earthquake in Napa last month illustrates the exposure that all California businesses have to this unpredictable risk.

While most modern structures are built to withstand earthquakes of a certain size, many older buildings throughout the state are not up to standard, resulting in more damage and replacement costs should a temblor strike. The reality is that whatever its age, a building could suffer structural damage that could cost millions to repair.

Besides the risk to people and property, many business owners are unfortunately surprised to learn after the fact that their commercial property policy won’t cover damage from an earthquake.

Insurers set rates so that the premium they collect on policies will cover any money expected to be paid out in claims. The company spreads the risk of loss over many policies in the hope that only a small number will suffer damage. However, large disasters, like floods and earthquake, will typically affect many policyholders at once, a scenario that many insurers try to avoid – and they do so often by excluding such coverage in their commercial policies.

To fill this gap, you can turn to a “Differences in Conditions” policy. A DIC policy can be useful if you face either flood or earthquake risk in your area and your property carrier doesn’t offer coverage for these risks, cannot provide full limits to cover potential losses, or can only offer this coverage at rates that are essentially cost-prohibitive.

Most property policies are written on an “open perils” basis (meaning they will cover many types of claims resulting from acts of God), but they usually exclude flood and earthquake risk.

Besides providing coverage for flood and earthquake losses, a DIC policy may also be used to provide excess limits over flood and earthquake coverages made available by endorsements to a commercial property policy or through the National Flood Insurance Program.

Furthermore, because a DIC is often written as a type of inland marine insurance, it also may be used to address other risks that may not be covered in commercial property policies, such as property in transit, property overseas, or business interruption claims arising from an earthquake or transit loss.

One thing you should know, however, is that a DIC policy is what’s known as a “non-filed” policy. That means insurers do not have to file rates for approval with state insurance departments, and they have greater flexibility in setting rates and drafting policy language. Insurers are often willing to negotiate coverages and limits with policyholders.

Often, the terms and conditions in a DIC policy can vary in important ways from one insurer to the next, so you need to choose carefully. Opting for a DIC policy with terms and definitions that conflict with your underlying commercial property policy can cause coverage problems.

 

Does your business need a DIC policy

You need to ask yourself if you need more protection than that provided by standard property insurance, especially with regard to flood and earthquake perils. If you live in an area that’s prone to earthquakes and your commercial property policy excludes such events, you may need it.

This holds true especially for contractors, manufacturers, retailers, and a variety of service and professional businesses.

Since flood or earthquake losses can be catastrophic, no one insurer may be willing to write a DIC policy with the limits requested or needed by the insured. In such cases, two or more insurers may be willing to share the risk on a layered basis or through a quota share (an agreed-on percentage) approach.

We are here to help you by comparing the coverages and exclusions of various DIC policies to find which one would best fit your needs.

 

Summary of coverage

A commercial DIC policy can provide earthquake and/or flood coverage for:

  • Buildings.
  • Tenant improvements and betterments.
  • Business personal property and/or stock.
  • Loss of business income, rental income or if you incur extra expenses.

Agency to File for 3.4% Rate Increase for 2015

THE STATE’S workers’ compensation rating agency is preparing to file for a 2015 benchmark rate increase that is about 3.4% above the rates approved for this year.

The Workers’ Compensation Insurance Rating Bureau noted after examining industry data and trends that treatment costs for injured workers continue climbing and that claims are being filed with increasing frequency.

The recommended benchmark rate is also 7.9% above the pure premium rates that insurers had on file as of June this year.

The Rating Bureau could amend the filing in late September after it receives more data on claims costs through July of this year.

The new average benchmark rate level, across all class codes in California, should be $2.77 per $100 of payroll effective January 1, 2015, according to the Rating Bureau.

That’s compared with the $2.57 average insurers had on file as of July 1 of this year, and compared with the average advisory pure premium rate of $2.68 as of Jan. 1, 2014.

The insurance commissioner has the final say on the level of benchmark rates, but in the end insurers are free to price as they please, using the benchmarks as guideposts.

Benchmark rates cover just the cost of claims and administering them and don’t include insurers’ other overhead costs.

Rates need to increase in part because the 2013 workers’ comp reforms have failed to reduce costs to the extent anticipated.

In a cover letter accompanying the rate filing, the Rating Bureau cited a number of factors contributing to the proposed increase, including:

  • Continued adverse medical loss development.
  • Greater recognition of changing long-term medical paid-loss development patterns.
  • Continued high levels of indemnity claim frequency.
  • Claims-adjusting expenses that are higher than anticipated, in part attributable to lower-than-projected frictional cost savings resulting from the latest workers’ comp reform legislation, SB 863, which was passed in 2012 and took effect in 2013.
  • Wage growth that is lower than forecast.

 

Claims frequency varies by region

A new report by the Rating Bureau, “State of the California Workers’ Compensation Insurance System,” released in August 2014, concluded that geography also plays a part in claims, which plays out in the final price you pay for your policy.

The report notes that overall, the number of indemnity claims (those that include payments to workers for lost time at work) has steadily increased over the last few years, largely driven by inordinate growth in claims numbers in Southern California.

In the last three years, the number of indemnity claims has increased by 19% in Los Angeles County, 14% in the Los Angeles Basin and 9% in San Diego, according to the Rating Bureau (see chart to the left).

“The frequency of permanent partial disability claims – including those involving cumulative injuries or multiple injured body parts – has increased sharply in the Los Angeles area,” the report says.

Does Business Interruption Insurance Cover Partial Shutdown?

What happens if your business suffers property damage or a supply chain disruption and is forced to stop operations either fully or partially? Will your insurance cover the work stoppage or slowdown?

It is important to understand how your insurance can protect you from the resulting financial loss. In addition to potential recovery for property damage from your property/casualty policy, you may be able to recover lost revenue from your business interruption coverage. If your operations are disrupted – completely or partially – the language of your policy will determine if, and for how long, your insurance company will cover the loss.

In the best scenario, your insurance should cover income loss not only when operations are completely shuttered, but also when your business is partially suspended.

Historically, many business interruption provisions required a “necessary suspension” of operations. The problem is that these older policies and forms did not define “suspension” or state whether a complete shutdown was necessary. Courts have wrestled with this issue, and have often come down on the side of a “complete shutdown.”

The precedent in California is the case of <i>Buxbaum vs. AETNA Life & Cas. Co. </i>, which held that a “necessary suspension” of operations “connotes a temporary, but complete, cessation of activity.”

In this case, the court said that business interruption coverage for a law firm was not triggered because there was no complete cessation of operations when evidence showed that its attorneys continued to bill hours following a water damage incident in its offices.

The key here is that if “suspension” is not defined in a policy, the policyholder will likely not recover lost income due to a partial cessation or slowdown of business.

The catch-22 in this type of interpretation is that the business interruption policy will usually include a clause obligating the policyholder to mitigate losses.

 

Slowdown coverage in new forms

In light of other states’ court decisions that were similar to the California case, the industry has developed new forms that also cover slowdowns.

One such form is the Insurance Service Office-approved “Business Income (and Extra Expense) Coverage Form.” It was updated to define “suspension” as “[t]he slowdown or cessation of your business activities.”

Fortunately, most insurance companies use forms that affirmatively state the policy “shall cover the loss resulting from complete or partial interruption of business.”

If you are renewing your business interruption policy or purchasing a new policy, ask us if the form the insurer uses includes the above language. If not, we can find an insurer that includes such wording.

That specific language can ensure that you get paid for any lost business income due to a partial shutdown of your operations.

More Large Employers to Only Offer CDHPs: survey

With continued concerns about increasing health insurance premium rates, more large employers are cutting back on what they will pay for and directing their covered employees to consumer-driven health plans, according to a new survey.

The National Business Group on Health (NBGH) found that 32% of employers surveyed would only offer CDHPs, compared with 22% this year and about 10% as recently as 2010.

The moves are being made despite the fact that most employers expect to see overall health premiums for group plans increase 6.5% for the 2015 policy year from this year. That’s a slower rate of inflation than the 7% employers saw this year.

But, employers are hoping to limit their health premium outlays to only 5% this year by making changes to their plans, such as:

  • Increasing cost-sharing provisions,
  • Implementing and expanding CDHPs, and
  • Broadening their use of wellness programs and centers of excellence.

 

The survey, based on responses from 136 of the nation’s largest corporations, was conducted in June.

“Our survey shows that many employers are, in fact, taking necessary steps to rein in costs,” said Brian Marcotte, president and CEO of the NBGH. “This includes partnering with workers to engage in health care decisions and educating them to be better health care consumers, as well as sharing more costs with workers and narrowing their benefit options.”

The survey found that employers are making numerous changes to their benefit plans in an effort to control costs as well as comply with the Affordable Care Act and stay below the excise tax set to be implemented in 2018. The so-called Cadillac tax will levy a 40% tax on any employer policy that costs more than $10,200 per employee (or $27,500 per family).

Employers plan to deal with this by:

  • Adding or expanding tools to encourage employees to be better health care consumers (73% of respondents).
  • Implementing or expanding CDHPs (57%).
  • Adding or expanding wellness program incentives (53%).
  • Offering only a CDHP to their employees (32%).
  • Implementing or expanding CDHPs (57%).

 

Because they have high deductibles, CDHPs incentivize employees to use health care services more efficiently. At the same time, they appeal to employers because, due to their design, they are much less expensive to offer than more traditional plans.

Typically, CDHPs are attached to a health reimbursement arrangement or health savings account, because the accounts may help off­set higher out-of-pocket costs.

The main objective with CDHPs is to help employees take responsibility for their health care decisions by using a pot of money from employer and employee contributions each year to pay for their medical expenses. Once that pot of money runs out, they’ll need to pay for their medical expenses until they reach their deductible.

For example, a doctor may order that an individual undergo a CAT scan. At that point it would be up to the enrollee to shop around for the best price. In one such case, an individual received three quotes of $750, $1,050 and $1,950 for the same procedure. The individual was able to further bargain down the $750 quote to $500.

Had he not shopped around and simply relied on his doctor’s advice, which was to send him to the even more costly hospital-affiliate facility downstairs from his office, he would have paid more than $2,000 for the CAT scan.

 

Private health care exchanges get little play

The same NBGH survey found that the one of the latest developments in the health care arena – private health insurance exchanges – are so far generating little interest.

It found that only 2% of the large employers surveyed had shifted their employee coverage to private exchanges this year, while just 1% said they planned to make the change in 2015.

Private exchanges operate much like the public exchanges created by the ACA, by offering employees a choice of a number of plans at different price levels from various insurance companies.

A key reason for that low level of employer interest in shifting their coverage to exchanges, at least for now, is that employers are not yet convinced that exchanges will be more effective in controlling costs than the employers themselves are.

For example, only 11% of respondents said they were very confident that exchanges will control costs better than they are now are doing.

 

Other cost-control methods

The survey delved into other ways employers are trying to control costs:

  • Narrow networks: Only 26% include a narrow network in any of their plans. Narrow networks have limited numbers of doctors and the notion is that because of the limited choice, the plans are cheaper.
  • Specialty pharmacy benefits: Some employers are adopting techniques specific to specialty medications to help control costs. One-third use a freestanding specialty pharmacy, while 29% only approve coverage for a 30-day initial supply.
  • Weight management: 73% of employer-sponsored plans will cover surgical interventions for the treatment of severe obesity, while 41% will cover Food and Drug Administration-approved medication. Both are increases from the percent of employers that cover these this year.

Hackers Can Tap USB Devices in New Attacks, Researchers Warn

New research says that USB devices like thumb drives, and even keyboards and mice, pose one of the biggest cyber threats to enterprises.

Two scientists and researchers with Berlin’s SR Labs presented on the newest cyber threat at the recent “Black Hat” hacking conference in Las Vegas in a presentation titled: “Bad USB – On Accessories that Turn Evil.”

Malicious code can creep into these devices through malware on a computer and be used to hack both personal and business computers, according to SR Labs. Karsten Nohl, chief scientist at the German company, said that hackers or malware can load malicious software onto the computer chips that control the functions of USB devices, which typically don’t have any protection against tampering with their code.

Even more disconcerting is the fact that it’s virtually impossible to tell from where the virus originated.

SR Labs is known for uncovering major flaws in mobile phone technology.

The new research indicates just how easy it is for hackers to exploit weaknesses in simple devices in order to do serious damage to a computer or network.

SR Labs has performed attacks by writing malicious code onto USB control chips used in thumb drives and smart phones. Once the USB device is attached to a computer, the malicious software can log keystrokes, spy on communications and destroy data, he said.

A USB device that appears completely empty can still contain malware, even when formatted.

Interestingly, the computer to which the infected USB device is attached does not detect the virus because anti-virus programs only scan software written into a computer or a device’s memory. However, these viruses can be implanted in the “firmware” which controls the device’s functions, and anti-virus programs do not scan firmware.

SR Labs, when running its tests, was able to gain remote access to a computer by having the USB instruct the computer to download a malicious program with instructions that the PC believed were coming from a keyboard. The virus in the USB device was also able to change DNS network settings on a computer, instructing it to route all of its Internet traffic through malicious servers.

Once a computer is infected, it could be programmed to infect all USB devices that are subsequently attached to it, which would then in turn corrupt machines that they contact. In other words, if one tainted USB device is inserted into a workplace computer attached to a network, it can infect all USB devices in your workplace.

“It becomes self-propagating and extremely persistent,” Nohl said in a prepared statement. “You can never remove it.”

In one demo, shown off at the “Black Hat” conference, a standard USB drive was inserted into a normal computer. Malicious code implanted on the stick tricked the machine into thinking a keyboard had been plugged in.

After just a few moments, the “keyboard” began typing in commands – and instructed the computer to download a malicious program from the Internet.

Another demo involved a Samsung smart phone. When plugged in to charge, the phone would trick the computer into thinking it was in fact a network card. It meant that when the user accessed the Internet, their browsing was secretly hijacked.

Nohl demonstrated how they were able to create a fake copy of PayPal’s website, and steal user log-in details as a result.

Unlike other similar attacks, where simply looking at the Web address can give away a scam website, there were no visible clues that a user was under threat.

 

The takeaway

USB is ubiquitous across all devices, and all desktop and laptops have at least two and often more than four USB outlets for plugging in keyboards, mice, peripherals like printers and scanners, mobile phones, tablets and USB devices.

If you have not already done so, you should have a policy prohibiting your staff from plugging in USB devices that were not issued to them at work. In fact, you may want to consider even prohibiting your staff from using company-issued USB devices such as memory sticks or mobile phones.