Lockdown has seen fraud, cyber scams and clone websites rise, but cover for these types of crime with the addition of working from home is “fairly new” and not all homeworkers will have it. The spike in cases has exposed a new risk and opportunity for the cyber insurance market especially with vulnerable customers, Insurance Times looks at what the industry is doing to protect homeworkers
Cyber scams and fraud have become more prominent during the Covid-19 pandemic as most of the nation continues to work from home, but insurance that covers this while homeworking is ”fairly new” and not all staff will have it.
This means that those that work remotely are a potential target for cyber criminals and fraudsters.
For example, July saw the FCA’s website being cloned, and a previous clone of Money Supermarket’s website resurfaced this that first appeared in July 2019. This led one lady nearing retirement to be scammed out of her life savings as she unknowingly transferred £32,000 to a fraudulent ISA account as she thought she was getting a better rate of interest, making her a victim of Authorised Payment Protection (APP) fraud.
At the time, MoneySupermarket said it takes “the protection of our customers, their data, and the security of all our customer interactions seriously. We sympathise with anybody who has been affected by scammers, and we’ve updated our warnings to customers about scams”.
Despite the victim not having home insurance or cyber insurance to cover her, the bank reimbursed her for the full amount, but others might not be so lucky.
Meanwhile the FCA previously warned that the coronavirus pandemic could exacerbate or suddenly cause ‘vulnerability’, the regulator issued guidance for firms to “do more” to help protect vulnerable customers.
A vulnerable customer, the FCA describes as “someone who, due to their personal circumstances, is especially susceptible to detriment, particularly when a firm is not acting with appropriate levels of care”.
The FCA’s warning it appears was correct, as the number of vulnerable customers has doubled in a year with the pandemic raising concerns about health and personal finances, with more than a quarter (26%) of consumers agreeing that they fitted the FCA’s definition of vulnerability in 2020 – this is compared with just 13% in March 2019, according to Consumer Intelligence’s May survey.
But what is the insurance industry doing to protect vulnerable customers who fail foul to such scams in lockdown? And what kind of insurance might be needed in this instance?
Push payment fraud
While there are many types of fraud, Mickey Attia, head of new business at DAS UK Group, said that APP fraud, also known as a bank transfer scam, has been on the rise during lockdown. It occurs when the account holder knowingly or unwittingly transfers money from their own bank account to one belonging to a scammer.
According to UK Finance in 2019, £456m was lost to APP fraud, which represents a 29% increase on the 2018 figure of £354m. “This shows the size of the problem, and the reality that customers face. The growing problem of cyber fraud means the impact on banks is mounting. To help in the fight against cyber fraud, most banks have signed up to the Voluntary Code,” Attia said.
“This is a short-term scheme that began in May 2019 and has recently been extended to December 2020. This is the second time the voluntary code has been extended and it was set to expire at the end of March 2020. It comes as banks struggle to come to a long-term arrangement on how to sustainably fund the system and help protect customers from this type of fraud.”
As the voluntary code comes to an end, however, it could see more claims as someone that has fallen victim to this type of fraud might be covered by home insurance or a cyber insurance policy if they are working remotely.
Fairly new and limited
Although this type of cover is “fairly new”, Attia continued: “In many cases limited to High Net Worth (HNW) products. HNW providers such as Zurich, Oak, Covéa, Ecclesiastical, Plum, Geo Underwriting and Hiscox all offer personal cyber products that may cover online fraud.”
Meanwhile, Attia added: “Cyber insurance is another way to protect customers from potential loss. Some insurance products automatically include home cyber assistance within legal expenses and home emergency policies. Covers normally include things such as investigating and rectifying damage to the computer; locating and removing a computer virus; and hiring a professional consultant to advise customers on prevention measures against future cyber-attacks.
“Sometimes there are more comprehensive cyber-crime covers with a £100,000 limit as an optional upgrade, which will cover payments liable as a result of hacking, ransomware, or misuse of personal data. Because devices are commonly shared among family members, it is also important that policies cover immediate family as well as domestic employees.”
He added that APP fraud has been big business for cyber criminals over the last few year: “they often target larger payments to maximise their earning potential – particularly things such as pension transfers, ISA transfers, house deposit transfers, private school fees.
“A common tactic is to intercept compromised email and replace a payment request with new bank details. Firms such as conveyancing solicitors who are often targeted will often ask you to call to verify the account details are correct before making a payment. If you are ever unsure this is a good step to take.”
The Insurannce Times time line of cyber attacks and fraudulent scams during the pandemic lockdown
August 2020
- Data leaks surge during pandemic rising to 492% to a record 27 billion during the first half of the year.
- ‘Doxing’ identified as an evolving threat
July 2020
- Twitter is hacked exposing potential for reputational harm
- Mobile phone cyber risks, 58% believe that smartphones are vulnerable to cyber attacks
June 2020
- FCA survey scam revealed, brokers warned of email circulating
May 2020
- EasyJet hit by cyber attack affecting 9 million customers
April 2020
- The Marriott International hotel chain is hit for a second time suffering a data breach
March 2020
- Prior to lockdown Boots Advantage Card holders suffer security breach as criminals target passwords and rewards points
- Tesco Clubcard also hacked
- Virgin Media’s database hacked on 5 March
Visibly vulnerable
However there is the added issue – how to tell if a customer is vulnerable while working from home.
James Darbyshire, interim chief counsel at FSCS, added: “FSCS looks out for scam websites and we report them frequently to the FCA and other relevant organisations. We also take direct action where possible and make consumers aware of how to protect themselves against scams.
“Consumers who suspect a scam or fraud involving false claims of FSCS protection should contact us via our website.”
However, Paul Dyer, head of regulatory risk and assurance at Huntswood, said the issue ws the ‘fluidity’ of the idea of vulnerability.
“The difficulty with vulnerability is that it is a fluid concept, with a variety of causes that can change rapidly,” he said. ”These [FCA] guidelines will provide some key insights into how firms should be adopting more proactive measures in their identification and fair treatment of those consumers experiencing vulnerability, some for the first time.
“The Financial Lives research provides a welcome reminder that call handlers require excellent communications skills to recognise the signs of vulnerability and to be sympathetic to customers’ needs. This is particularly important at times of crisis when call centres might be under pressure from high volumes of calls.”
“Joining up data points across channels can provide firms with a more holistic view of each customer, allowing for improved identification of vulnerability and better outcomes for those experiencing it,” he added.
Read more…Back to the office transitions bring new risks and lessons to the insurance industry
Not subscribed? Become a subscriber and access our premium content
No comments yet