We use cookies to improve this site and enable full functionality. You can change your cookie settings at any time using your browser. Our cookie policy.

Claims data reveal surge in funds transfer fraud

Claims data reveal surge in funds transfer fraud | Insurance Business

Claims data reveal surge in funds transfer fraud

It looks like funds transfer fraud (FTF) is making a dent when it comes to cyber claims.

Data from CFC Underwriting revealed that FTF claims rose both in the UK and the US in 2018. Overall, this category saw a 26% rise from 2017 and accounted for nearly a quarter (24%) of the CFC cyber claims notified last year.

Meanwhile making up a bigger piece of the pie was malicious data breach (25%) – with non-malicious data breach (18%), ransomware & extortion (17%), others (12%), and malware (4%) filling out the rest of the list.  

In the UK, FTF accounted for 33% of claims; non-malicious data breach, 21%; malicious data breach, 20%; ransomware & extortion, 13%; others, 9%; and malware, 4%.

Claims in the US, on the other hand, were mostly made up of malicious data breach (26%) and FTF (25%), followed by non-malicious data breach (17%), ransomware & extortion (15%), others (14%), and malware (3%).

Perhaps what’s interesting to note is that the specialist insurance provider reported a 92% surge in FTF claims in the US while the UK posted a 14% increase.    

“Social engineering scams such as funds transfer fraud continue to evolve in their complexity and severity, and in many cases, it is becoming increasingly difficult to detect the scam until it has already been completed,” noted James Burns, cyber product leader at the London-headquartered firm.

“As real-time payments facilities, like the UK’s Faster Payments Service, are adopted around the world, it’s likely that we will see the frequency of funds transfer fraud claims continue to rise.”

Burns also pointed to the importance of making employee awareness a top priority at businesses given that these events usually start with errors such as clicking on a phishing link or not following up a wire transfer request with a phone call.