Cyber crime – social engineering

Monday, February 11, 2019

cyber crime

Cyber-crime is nothing new these days. We’re all used to hearing news stories about hackers infiltrating protected computer systems and high profile security breaches. As a result, most of us have taken steps to protect our business and home IT systems and devices with antivirus software and firewalls.

But there’s another type of hacker that is much less talked about. Known as Social Engineers, they use their “skills” to compromise both business and personal accounts by tricking individuals into willingly providing them with access to sensitive information such as login details and bank account information. Social engineers prey on the one weakness that is present in every organisation – human psychology – and they exploit this in order to get what they want. Take a look at this case study from CFC Underwriting.

Social engineering is a huge threat to businesses, with attacks of this kind now making up over a quarter of specialist cyber insurance provider CFC’s cyber claims by volume.

social engineering

One of the most common types of social engineering is CEO fraud. This is typically a targeted attack where a fraudster impersonates the CEO or another senior executive within an organisation and instructs a member of the finance department to make an urgent payment to a particular account for a specific reason. Even traditional businesses who might not think they have a strong cyber exposure can lose thousands in attacks like this.

A recent cyber claims case study from CFC tells the story of a manufacturer who fell victim to CEO fraud and the financial fallout the company experienced as a result. You can read the full case study here 

social engineering

The key takeaway points are:

If you would like to discuss your current cyber liability insurance arrangements, please do not hesitate to get in touch.