09/12/2022
IT'S NOW MORE IMPOARTANT THAN EVER TO PROTECT YOURSELF AGAINST CYBER-CRIME
Now more than ever, Cyber-crime is on the rise.
If your house were to burn down and you didn’t have building and contents insurance, you may face total ruin.
Having your data stolen is no different.
With data breaches happening at a phenomenal rate, it’s incredibly important to have the appropriate cyber insurance cover in place. Hundreds of millions of records are being stolen every single month.
We recently spoke with DynaRisk, a company which provides a data protection service (as part of a cyber protection policy) - offered by specialist insurance broker Trafalgar Risk Management. DynaRisk advised that they have so far collected more than 30 billion pieces of stolen information relating to people all over the world.
DynaRisk founder and CEO Andrew Martin said, “When people's details gets stolen, the data often ends up being used to send them persuasive phishing emails or scam text messages that may say something like, “You are due a £300 refund from HMRC pounds - click here!”
He then went on to explain that hackers also steal people's passwords, credit card details and other sensitive data, which enables them to log into personal accounts. Once a hacker has successfully logged into a personal account, there are many opportunities for them to steal assets such as money, images, or other sensitive data.
In a recent case, one DynaRisk user, a millennial, had their username and passwords stolen for an online food delivery app. “The hacker in question ended up placing orders to different addresses, including a warehouse. This left the account holder with a bill for hundreds of pounds,” says Andrew.
In another example, an individual, over the age of 50, noticed suspicious activity on their email account. Andrew explains “the user contacted us, so we logged into the person's email account. We found that hackers were poking around and managed to trace this activity back to an Eastern European country.” He explains further… “We advised the individual to immediately reset their passwords and enable two-step verification. This essentially logged the hacker out of their email account.” he says. “If the hacker had been left to do whatever they intended, it’s likely that they would have sent fraudulent requests to the user's contacts.”
Cyber criminals also often play on human emotion, to help fuel their scams. Fear tends to play a huge part in many scams, as individuals are more likely to fall for these scams if they feel that their own, or their family’s safety could be compromised
A common tactic is for hackers to identify and impersonate individuals who are traveling. Often hackers will get in touch with an individual, posing as their child or partner. The individual will then receive messages such as ‘’I’ve been detained in a dangerous country’ or ‘I’ve been involved in a car accident - please send money’. As individuals are quick to react and driven by emotion - hackers tend to be very successful with such requests.
DynaRisk shared another recent case, this time of a middle aged woman who contacted them in an immense amount of distress. She explained that she had received threats from somebody that claimed to have explicit photographs of her. She was told that ‘they’re going to send them to everyone I know!’’.
‘’The poor woman was terribly concerned about these threats, as I'm sure you can appreciate,” says Andrew. “However, using our intelligence we were able to assure the woman in question that she had simply been targeted as part of a scam and that the hacker, in fact, didn’t have any explicit images. The scam leveraged stolen data that had been stolen from this woman before,” he says.
The demographic profile of those vulnerable to scams is wide-ranging, anybody can be a victim of cyber-crime. From millennials, to the elderly and across all genders. “We have examples of older gentlemen, middle-aged women, of young millennials and cases of people's children being targeted,” Andrew says. ‘’We recently had a case where an individual contacted us regarding their daughter being targeted by bullies online.’’ He explains, “Someone logged into her Instagram account, posing as her and posted unpleasant things. The girl came home in tears, incredibly distressed at the backlash she was receiving from her peers. But this could have been totally prevented! If her parents had enabled two-step verification on their daughter's Instagram account, the hacker wouldn’t have been able to access her Instagram account.’’
Everything affects people differently, he says. “There are elderly people, 75-80 plus, who are getting sent scam messages. And they just don't know whether they are real or not,” he says.
“With our software, we assess the person's likelihood of getting hacked and we give them a score out of 999. Once we have that, we tell them what they can do to improve the score. Some people might have just one or two things they need to do in order to get safer online, while others might have 15 or 20 things that they need to do.”
‘’The crucial thing is to assess them first’,’ Andrew explains. “We do that by checking their devices for vulnerabilities, by checking the Dark Web for stolen data records, by scanning their router to see if it can be accessed remotely, and finally, we assess their knowledge,” he says. “We ask them: Do you have antivirus? Some people say I don't even know what that is, in which case then we'll tell them how to go and download it. Or we might point out that they have to set social media privacy settings on LinkedIn, Facebook and so on. Some people will say, yep, not a problem. Other people will say, I haven't a clue.’’
He explains further, ‘“Our software helps users self-serve to improve their risk over time. People log into the platform. They might have 10 things to do. They do one of those things right away. They come back two or three weeks later on the weekend, when they've got a couple hours free and they do a couple more. Ultimately, we help them to change their behavior over time to become safer online.”
Andrew goes on to advise that the people who use DynaRisk’s software, and improve their score, do not have claims. He explains ‘’that's not to say that they don't contact us to have assistance with that. But they don't make financial claims on the policies. They’re unlikely to have £10,000 stolen from through a cyber scam, unlike other people who don’t use the software. People report feeling dramatically safer online as a result of using the tool, and we see that reflected in the average cyber scores. We often see a huge improvement in scores within the first three months of a user using the software.’’
He goes on to say ‘’the fact is, being subject to Cyber-crime is hugely disruptive. First and foremost, when you are hacked, or have money stolen from you as a result of hacking or data theft, it is both extremely distressing and disruptive. You need to spend hours on the phone with the bank, with an IT person, with a credit reference agency and often the police as well. If you're a working person, or have a family, it can be very difficult to manage.’’
‘’The second issue is that the safety net varies’’ he says. “This depends on where you got hacked, what the circumstances were, how reputable the company you're dealing with is, and where your details were stolen. For the uninsured, sometimes they get paid back from their bank, sometimes they don't. They may claim you were grossly negligent in how you were behaving online. If this is the case, the bank won’t reimburse you for your loss, however unfair that may seem,” he says.
‘’DynaRisk is able to help the insurer stay clear of claims, but more importantly, we’re able to help the consumers get their money back. This is a consequence of their ability to demonstrate that they were not grossly negligent. For instance, take the scenario of the person breaking into your email or trying to steal funds out of your bank account. We can look at the person's computer and confirm they had antivirus,” he says.
“We can then produce a report for the insurance company and can advise that the client has taken precautions. Our independent assessment can confirm that this person was doing what they should have been doing, in order to adequately protect themselves online. Then they can use this report to push back against the party claiming gross negligence. The report helps demonstrate that they should be reimbursed for the issue,” he explains.
The conclusion of our conversation with Andrew was a simple one. It’s clear that whoever you are – young, old, IT-wise or a tech newbie, anybody can fall victim to Cyber-crime. Cyber-crime isn’t stopping anytime soon, therefore, it’s more important than ever to ensure you are covered against data theft - with adequate cyber insurance.
For more information or to get yourself covered against the risks of identity theft and Cyber-crime, visit the Insurance Cafe.
Examples of help and support by cyber security experts
Remove viruses from PCs
Help with removing ransomware or restoring data from backup
Help and advice on the latest scams
Remote connection to your device to perform work for you with your consent
