So who are the real winners now that the Black Friday craze, born as a post-Thanksgiving tradition in the USA, has now firmly engrained itself into the culture on this side of the Atlantic? Some may say it’s the shoppers who are enjoying bargains; others might think it’s the retailers themselves who are thriving on their busiest day of the year – but insurance brokers need to be aware that the real winners are the cyber criminals.
According to comparethemarket.com research, more than £18.5 million is expected to be stolen from UK bank accounts over Black Friday and Cyber Monday amid the rush to take advantage of discount deals. The findings follow recent estimates that 4.5 million people have been forced to cancel credit and debit cards due to online fraud in the past year, further highlighting the cybersecurity issues faced by consumers, retailers and banks.
The amount spent online is expected to increase 10-fold over the two days as shoppers look to cash in – however, the threat of cyber criminals is growing just as fast. In 2014, for example, Black Friday spend stood at £810 million for the one day alone, with the amount stolen at just over £5 million. This year, however, estimates place expenditure at £1.40 billion tomorrow – with the amount stolen also leaping to £9.95 million.
“Black Friday and Cyber Monday is a major event in the retail calendar,” commented Simon McCulloch, director at Comparethemarket.com. “It is also a salmon run for cyber criminals, who will try to seize money from unsuspecting shoppers and retail outlets. Consumers should regularly check bank statements for any unusual activity, as cyber criminals often make small but regular thefts which are harder to spot than larger one-off purchases.”
The issue of cybercrime is rising rapidly in the UK and doesn’t just apply to retailers, with businesses also taking a serious hit – yet insurers appear to be struggling to react to this growing phenomenon.
In a consultation paper published this month, the Prudential
Regulation Authority (PRA) said it has “significant concerns” about the loss potential of “silent” cyber risk, which refers to exposures within traditional insurance policies that do not explicitly exclude cyber risk. The regulator, which conducted a thematic study of re/insurance firms, said that companies do not currently have clear strategies and risk appetites for managing the problem.
“The PRA’s work found an almost universal acknowledgement of the loss potential of cyber exposures endemic in ‘silent cyber’,” the watchdog said in a letter addressed to company CEOs.
“However, most firms did not demonstrate robust methods for quantifying and managing ‘silent’ cyber risk,” the PRA added.
For now, the emphasis is on insurers to ensure that clients clearly understand the risks they face, and to ensure they’re not caught out at any time of the year.
Regulator warns CEOs on shortcomings in managing ‘silent’ risk
“Cyber is a buzzword” says ED CIO