Fraudulent instruction emerges as significant new cyber threat
Fraudulent instruction incidents reported to Beazley Breach Response Services (BBR Services) quadrupled in 2017, with policyholders incurring losses ranging from a few thousand dollars up to $3 million. With claims amounts in 2017 averaging $352,000, fraudulent instruction has rapidly become a significant financial threat to many organizations.
Cyber-criminals are using ever-more sophisticated methods to exploit human weaknesses in an organization's cyber-defenses. Under fraudulent instruction scams, criminals use hacking and phishing techniques to accumulate information that allows them to send plausible-looking requests to transfer funds to bogus accounts. In addition to losing money, organizations may also have to conduct exhaustive systems analysis to ensure that individuals' personal and private data has not been compromised. Claims data recorded by Beazley, the specialist insurer and leading provider of cyber insurance, indicates that organizations are facing an increased threat to their operations from fraudulent instruction scams.
The top three industry sectors affected in 2017 were professional services (22% of the total reported to Beazley), financial services (21%) and retail (12%), but incidents are growing across all sectors, and in particular where single large transactions, such as real-estate purchases, are involved.
Katherine Keefe, global head of BBR Services commented: "Cyber-criminals are finding new ways of getting organizations to part with their hard-earned cash. In 2017 we saw fraudulent instruction emerge as a new trend which offers significant reward for the perpetrators in return for little effort, but brings potentially devastating financial consequences for the victim."
Read the full Beazley Breach Insights January 2018 report.