Oct 17, 2019

What Today’s Businesses (and Insurers) Need to Know About Social Engineering Fraud

Category: Cyber

In today’s digitally connected world filled with social media platforms, predictive searches, and food delivery apps, our own sensitive information is more available and accessible than ever before. But it’s not just individuals who have to think about how they share their important information—it’s businesses too.

Data breaches and cyberattacks are finding their way into everything from small businesses to major corporations in practically every industry. A major driving force behind these issues is social engineering, a layered approach to obtaining sensitive information and manipulating users. Through phishing scams and impersonation, social engineering targets businesses of all sizes and sectors, honing in on finances, consumer data, and personal information that can be used for illegal reasons.

Social Engineering: A Closer Look

Social engineering is something everyone is exposed to in one way or another. It’s a form of psychological manipulation that hackers use to persuade people to do things that they otherwise wouldn’t. From wiring money to a fraudulent bank account or sharing commercially sensitive data, social engineering is sometimes hard to catch and always poses a major risk.

The main issue is that most people don’t really know they’re being manipulated, so they might not question the validity and security of what they’re doing.

Social engineering can be broken down into two main types of execution including human-based and computer-based. For human-based, this involves person-to-person contact and usually includes impersonation, someone posing as a manager or supervisor, or as a third-party in a supply chain.

Computer-based social engineering, in contrast, targets victims through a computer software system. This is usually executed via phishing campaigns, baiting, and online scams.

Phishing Attacks

Phishing occurs when a cybercriminal attempts to trick victims through email compromise into sharing personal and sensitive data for malicious intentions. Phishing attacks, which have grown by 65 percent in the last year alone, target the basic human response of opening a message, especially when it goes to their work account or is coming from a trusted person, like a friend. The average financial cost of a data breach comes in at nearly $4 million and phishing accounts for about 90 percent of data breaches.

Mitigating Risk

Many hackers pursue social engineering attacks through phishing, baiting, and other online scams. For companies, a major step toward cutting out risk is investing in education, cyber protection, and a comprehensive cyber insurance program.

Social engineering is something that businesses might not think to cover against. Many companies figure they can access their regular business insurance to stay protected or be supplied for financially following a breach of some kind. However, cyber insurance coverage, like through Tangram Insurance Services, is specifically made to protect against social engineering attacks.

Some insurance providers do not protect against this kind of attack on the grounds that no implicit fraud has taken place. To work around challenges like this, companies can invest in Tangram Insurance Services’ cyber protection coverage to make sure they are protected and have appropriate coverage.

About Tangram Insurance Services

Located across the Golden Gate Bridge, just outside of San Francisco, Tangram Insurance Services is a full-service Managing General Underwriter and Program Manager offering specialty programs. We focus on industry-relevant coverage, competitive pricing, and practical business and risk management solutions for your clients. Since we are not all things to all people, we make sure to create outstanding custom-built solutions that matter to those businesses, and the brokers who serve those industries. Contact us at (888) 744-9810.