June 17, 2019
I recently received the annual renewal for my homeowner’s policy and was intrigued to see a Personal Cyber Protection endorsement added. Under this new coverage the insurance company offers professional assistance from a subject matter expert in responding to cyber extortion, and reimbursement for data recovery, system restoration costs, and direct financial losses from cyber fraud.
According to Javelin Strategy & Research, a digital advisory firm, one in eighteen American adults were hit by identity fraud in 2018. The annual cost of this fraud is estimated to be $15 billion. Rising types of fraud involve opening unauthorized new accounts, including loans or credit lines; and “account takeover” where an existing financial account is “hijacked”. There is a little bit of good news. Credit and debit card fraud is on the decline, perhaps thanks to chip cards.
In our increasingly digital world, insurance companies are looking to help customers manage the evolving cyber risks, and of course capture the associated premium dollars. A recent report from Swiss Re projects that the market for personal cyber insurance could exceed $3 billion by 2025. Insurers from Chubb to AIG are getting in on the action, with AIG’s “Family CyberEdge” policy covering not just ransomware and data restoration, but psychiatric treatment and forensic prosecution expenses incurred due to cyber bullying!
According to the Federal Trade Commission, the typical reported loss from cyber fraud is relatively low. For Millennials, the median loss is about $400, while Baby Boomers’ losses are around $750. This difference is likely more attributable to the relative wealth levels of the two generational groups than their tech savvy. The FTC’s Sentinel data book provides information on fraud trends by state. Georgia and Florida were among the three states with the worst fraud records last year.
In working with clients, we have witnessed multiple cases of attempted wire fraud. Over the past several years these have evolved from early rudimentary and obvious techniques to more polished approaches which are harder to detect. Everybody is a target, including those who might consider themselves to be financially and technologically sophisticated. A common scheme is email impersonation, where an imposter can present legitimate looking wire instructions often with an urgent request to transfer funds. Thankfully, none of our clients have yet fallen victim to the attempts we have seen. Unfortunately, our handful of firsthand experiences is not representative – the FTC tallied $423 million in consumer losses from wire transfer scams in 2018.
For those who believe that an ounce of prevention is worth a pound of cure, there are defenses that can help. Experts recommend that sensitive information should never be provided to a seemingly legitimate caller without calling the institution or office back. Using multi-factor authentication for financial accounts, changing passwords routinely, and making a phone call to validate an email can dramatically lower risk. As digital crime continues to evolve, we all must pay attention to managing our cyber risk.