ERISA – It Covers More Than You Think

Offering a vacation plan, sick time or holiday pay could mean your business has to follow these same federal ERISA requirements.

You probably heard of ERISA – the Employee Retirement Income Security Act of 1974. It’s the federal law regulating most group retirement and health plans. Did you know it extends to many other employer-sponsored benefits as well? Small and medium businesses may still have to follow ERISA requirements for their other group-sponsored benefit Plans, including:

  • Dental and Vision
  • Vacation
  • Holiday
  • Severance Pay
  • Unemployment Benefits

There continues to be certain exceptions for self-insured and voluntary plans. However, there are firm criteria for each of these exemptions that should be looked at carefully.

If your Plans fall under ERISA, there are certain reporting requirements for disclosing Plan information to employees. Of the strategies available, using a “wrap document” is one possible solution to bundle benefits into one plan. Basi Insurance Services, Inc. can help you analyze your group-sponsored employee benefits in light of ERISA. Call us at 209-847-3065 to learn more.

What We Can Learn From the Latest Ransomware Cyberattack

Tips to Recognize and Avoid Phishing

Last week, the world again experienced a wave of Ransomware cyberattacks. This latest round harmed 12,000 computers in 65 countries.

What is becoming clear in the aftermath – and what we can all keep in mind everyday – is that phishing seems to be the primary culprit for infecting individual computers. It’s important to remain vigilant and remind ourselves and our employees of certain safe practices when managing email – at home or at work.

Practicing Safe Email Behavior

Generally, it’s SAFE to:

  • Open and read an email.
  • Preview an email in the reading pane of Microsoft Outlook.
  • Delete or ignore an email.


  • Open attachments or click on a link unless you know the message is from a safe source.
  • Preview an attachment or link in Outlook – that’s just the same as opening it.
  • Reply to or provide information back to the sender.

Identify the Red Flags of Phishing

These are the most common identifiers associated with phishing attempts. You can use these red flags when reviewing emails, especially from outside your home or business:

  • Weird or unknown email address. If the email descriptor or the signature in the email says it’s from a company, but the email address looks completely different, it’s likely not a legitimate email.
  • Blank or “undisclosed” recipients. Sometimes phishing emails are sent to a lot of people. Other times you see something like “undisclosed recipient list” in the “To:” field. Both of these are potential red flags.
  • Lack of personalization. Did the email use a generic salutation such as ‘Dear Customer’ or nothing at all? Your service providers usually know who you are and typically personalize emails with your name or the last few digits of your account number to get you to read the message.
  • Bad spelling and grammar. Legitimate businesses go out of their way to proofread their email. If an email has lots of spelling mistakes or improperly worded sentences, it’s likely a phish.
  • Urgent request. Messages of an urgent nature, or requesting immediate action, are a common method used to rush people into making mistakes, and is another good indicator of phishing.
  • Strange website links. If you hover your mouse over a website link, you will see the actual destination of the website you’re about to visit. If that location differs from the way the link is written in the email, it’s a good indication of a problem.
  • Suspicious attachments. If you don’t know the sender, or receive something from a friend that looks suspicious, don’t open the attachment. If it is from someone you know, you can always pick up the phone and give them a quick call to make sure they actually sent the email.
  • Requests for sensitive information. Be suspicious of requests for sensitive information, such as user IDs and passwords, financial account numbers, health information or social security numbers.

Remember companies of ANY size — and also individuals — are now victims to cyberattacks. A Cyber Liability and/or ID Theft policy, in addition to Business and Homeowners Insurance, can provide an important layer of protection.

Source: Nationwide Insurance, “Recognize & Avoid Phishing,” accessed June 30, 2017.