07
May

Cyber insurance provider adds cover for socially engineered thefts and cryptojacking

Cyber specialist, Emergence Insurance, has enhanced its policy wording to cover social engineering.

Emergence has developed a new, optional section, Criminal Financial Loss, which offers cover for socially engineered thefts and cryptojacking. The new covers are in addition to cyber theft and telephone phreaking, which have long been part of Emergence’s offer.

According to a message from Emergence, traditional cyber thefts target IT systems, but social engineering threats target individuals.  Social engineering exploits people who are tricked into divulging sensitive information, transferring money to hackers’ accounts, or even providing access to corporate IT systems.

Examples include business email compromise (BEC), phishing (using electronic communications to fraudulently obtain sensitive information) and baiting (using free offers to surrender login credentials). Fake invoices are another ploy, through which criminals insert themselves into the middle of transactions.

A supplier’s invoice may look genuine and even represent a legitimate bill a victim is expecting, but doctored bank details mean the funds go to crooks instead of the intended recipient.

The Australian Competition and Consumer Commission’s (ACCC) Scamwatch data shows BEC scam incidents increased 33% in 2018 and BEC accounted for 63% of business losses reported to ACCC.

The rapid rise of social engineering attacks has prompted ACCC to encourage businesses to immediately review processes for verifying and paying invoices.

Digital currencies have spawned cryptojacking, where crooks hijack computers to mine digital currency. Those affected may experience substantial loss of computer performance, reduced battery power, and increased electricity costs. Emergence insureds can now protect themselves against the financial impact.

This information is general in nature and you should not act on it without advice. Contact Experien General Insurance Services to discuss cyber insurance further.