The MIABC has been made aware of phishing emails currently being circulated that reference the MIABC Risk Management Conference and promote access to attendee lists for this week’s event. These emails are not from the MIABC or any of our partners.
The MIABC does not sell or share member or attendee contact information with unauthorized third parties. This activity is not the result of a data breach—these types of phishing emails are often distributed broadly using publicly available or inferred contact information.
What to Do
If you receive a suspicious email referencing the conference:
- Do not respond or engage with the sender
- Do not click any links or download attachments
- If your organization subscribes to Cybersecurity Awareness Training, use the “Report a Phish” button in Outlook
- Delete the email
Cyber Risk Management Reminder
Cyber risk resilience is built collectively. While technical controls are important, building a cyber risk-aware organization—where staff feel confident recognizing and responding to potential threats—is one of the most effective ways to reduce risk.
- Be cautious of unexpected outreach, especially emails that create urgency or request information
- Check sender details closely—phishing attempts often rely on subtle differences
- Only click links or open attachments when the request aligns with what you’re expecting
- Do not approve unexpected two-factor authentication (2FA) requests
- Encourage staff to raise anything that feels off—early awareness helps prevent issues
- If something doesn’t look quite right—even from a known contact—verify through another channel (e.g., call the sender directly)
Maintaining strong cyber risk management practices such as keeping systems updated, confirming backups are available and ensuring your incident response plan is current can further reduce risk and support a timely response if needed.