Business email compromise (BEC) has overtaken ransomware and data breaches as the main reason companies filed a cyber-insurance claim in the EMEA (Europe, the Middle East, and Asia) region last year, said insurance giant AIG. According to statistics published in July, AIG said that BEC-related insurance filings accounted for nearly a quarter (23%) of all cyber-insurance claims the company received in 2018, ZDNet reported.
https://twitter.com/GSalwaysrules/status/1168789766780981248
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
The trend for increasing in BEC scams – and consequently in cyber-insurance claims – reveals just how profitable these frauds are. By gaining a foothold into an organisations network, criminals can effectively steal the equivalent of a ransom in the form of personal information and sensitive data. These have become kind of a currency for cybercriminals, who have created a market for databases of stolen personal identifiable information.
More headline-grabbing forms of cybercrime tend to make waves more often, potentially skewing businesses\’ perception of what they are more likely to fall victim of. Ransomware is certainly a growing concern for example, expected only to increase in popularity. But it is important to remember that malicious software often exploits a pre-existing email compromise as an entry point. For this reason, organisations should not disregard the importance of training and education: while it\’s reassuring to know that a breach would be covered by a cyber-insurance policy, avoiding the breach altogether is always preferable.