Business email compromise (BEC) has overtaken ransomware and data breaches as the main reason companies filed a cyber-insurance claim in the EMEA (Europe, the Middle East, and Asia) region last year, said insurance giant AIG. According to statistics published in July, AIG said that BEC-related insurance filings accounted for nearly a quarter (23%) of all cyber-insurance claims the company received in 2018, ZDNet reported.
https://twitter.com/GSalwaysrules/status/1168789766780981248
The trend for increasing in BEC scams – and consequently in cyber-insurance claims – reveals just how profitable these frauds are. By gaining a foothold into an organisations network, criminals can effectively steal the equivalent of a ransom in the form of personal information and sensitive data. These have become kind of a currency for cybercriminals, who have created a market for databases of stolen personal identifiable information.
More headline-grabbing forms of cybercrime tend to make waves more often, potentially skewing businesses\’ perception of what they are more likely to fall victim of. Ransomware is certainly a growing concern for example, expected only to increase in popularity. But it is important to remember that malicious software often exploits a pre-existing email compromise as an entry point. For this reason, organisations should not disregard the importance of training and education: while it\’s reassuring to know that a breach would be covered by a cyber-insurance policy, avoiding the breach altogether is always preferable.