Go to HBG Authors Resources home

Info for Authors – CyberSecurity Tips FAQ

Cybersecurity Tips FAQ

We have seen an alarming rise in scam attempts in which hackers impersonate HBG employees, authors, and agents in an attempt to attain unpublished manuscripts or personal information. Some of these scams are quite sophisticated. The hackers are adept impersonators, comfortable with “editorial” speak, and may refer to recent events in the industry and to publishing e-newsletters such as Publishers Lunch to legitimize their requests. Hackers can easily simulate staff with impersonated domain emails. Sometimes the difference in a hacker’s email address is so subtle that it is easy to miss. Staff, agents, and authors should watch out for the difference between john.doe@hbgusa.com and john.doe@hbg-usa.com, for example.
It is easy to fall victim to hackers if you are not vigilant. The following cyber security awareness tips and reminders are intended to protect you against these attacks.

Be aware of phishing attacks by email:

  • Be aware of typos in domain names on received emails. A hacker’s hbg-usa.com email is not the same as our hbgusa.com email.
  • Do not click links if you are not sure of the source.
  • Do not reply direct back to original email requests for documents or information. Call the source directly or start a separate email with the known email address.
  • Hover over the email address to be sure it matches the displayed email address.
  • Be cautious of urgent requests for sensitive information and documents (e.g., draft manuscripts, royalty statements, tax information) and follow the guidelines for sharing those documents below.

Be aware of other social engineering attacks (i.e., by phone, on social media):

  • Do not share information over the phone if you are not confident of the source on the other end.
  • Verify the phone number you are speaking to, call back if needed.
  • Never share credentials or personal information.
  • Do not click links in social media posts or messages if you are not sure of the source.

Sharing Documents:

  • Call the person you are sending the file to and confirm they are expecting it.
  • Share the document using HBG’s File Sharing systems.
  • Consider if there is a portal you can access that has the document instead of emailing a copy.
  • If emailing the document is the only option, use the Encrypt option.
  • Encrypt the document within the application and provide the password separately over text or a phone call.

What if I become suspicious?

  • Contact your editor or business contact if you suspect you are the victim of a scam. They can consult with the CyberSecurity team for further investigation.