Is personal cyber the new fire?

Clients are seven times more likely to fall victim to a cybercrime than a house fire.  

But while most homeowners realize the need to have a fire extinguisher on hand, or to cover their risks with home insurance, many aren’t taking the proper measures to protect themselves from cyber risk. 

In Canada, there were 10,819 residential fires in 2022, compared to 77,829 victims of ID fraud, extortion, ID theft and phishing fraud in 2022, Neal Jardine, global cyber risk intelligence and claims director at BOXX Insurance told Canadian Underwriter. 

Cybercrime is a growing threat, especially as criminals become more sophisticated — and clients don’t realize it.

Experts estimate hackers dropped over 24 billion personal records for sale on the dark web in 2022. 

“It’s often thought that phishing emails, text messages and the occasional call is the extent of personal cyberattacks,” Jardine said. 

“What people don’t often realize is that cybercriminals are also impersonating popular brands online as tech support agents to trick people into giving access to their computer, they’re making fake vacation rentals to lure you into sending them a deposit, they’re harvesting leaked personal information to trick cellphone providers or banks into giving them access to accounts.” 

A common example of a scam that would be covered by personal cyber insurance is the Microsoft tech support con. 

Phony tech support callers use tactics to trick users into services to fix device or software problems that don’t exist. The end goal for the scammer is to either steal personal or financial information, or have users pay them for their ‘services.’ 

In one claim BOXX handled, a personal cyber insurance client was browsing the internet when they got a pop-up message with a phone number attached to it, saying their computer was affected. The client called the number and authorized the criminals to use AnyDesk to remotely access his computer.  

“After running several programs to make it appear as though the computer was infected with a virus, they told the client they needed to pay $500 to fix the issue or they would lose all their data,’” Jardine said.  

The scammers kept telling the client they’d found additional viruses, until the client had paid them over $1,500. Only then did the client realize that something was wrong. 

“If a pop-up or error message appears with a phone number, don’t call the number. Error and warning messages from Microsoft never include a phone number,” Microsoft advises on its website. 

Luckily, this client had personal cyber insurance and was able to get reimbursed for his loss. “We were able get the client his money back and his computer restored to pre-loss condition in 10 days.” 

Another problem is that clients can make themselves vulnerable without realizing it. 

Heavy social media users might inadvertently post revealing information on their accounts, which can be used by scammers to hack into their personal accounts.  

“Think of the number of people who readily share details online in social media, such as their new home address, name of a new family pet or a child’s birthday,” Jardine said.  

Scammers can use that information to quickly discern a person’s password or the answers to their password hints.  

And with artificial intelligence (AI) rising in popularity, Jardine said this risk have increased.  

Cybercriminals can use AI to generate voices that replicate their victims or family members, using only five seconds worth of audio from a real voice.  

“Imagine getting a call from [someone] you think is a close family member asking for money or assistance from jail. It’s happening in real time,” he said.  

Nevertheless, with cases of phishing and ID fraud eclipsing other everyday risks, the insurance industry is attempting to find ways to bring personal cyber coverage forward to their customers.  

That’s especially important because clients tend to feel more shame when they’re duped by a personal scam.  

“Many clients express how they don’t want others to know about it and harbor a burden of guilt, especially when they or their family suffer a financial loss. Many people tell us they feel foolish, and think they did something wrong. Our first response is to always remind the client or victim that it’s not their fault. They are dealing with professional criminals,” Jardine said. 

But clients should think of covering their cyber risk the same way a business would.  

“That’s what personal lines cyber insurance is about,” said Jardine. “It’s about protecting our personal lines clients the same way we protect our corporate clients from criminal activities online, because we all risk falling victim to criminal activities.” 

Feature image by iStock.com/Liudmila Chernetska