03 July 2020

With our current changed work environments, we keep hearing about ways to adapt and protect ourselves from so many threats in relation to our physical and mental health and our work. We find ourselves in situations which we would usually take for granted or assume that someone else is looking out for us. That’s no longer the case when it comes to COVID-19 imposed isolation and taking your work home.

We all come across computer viruses and email scams from time to time. Most of us clean our files or change our passwords and email addresses to avoid this, but cyber crime is becoming more sophisticated every day. We are particularly vulnerable when we take our work home and access client data, company financials, payment data and other sensitive and private information on our own devices. And if you are running a business, the damage can be large-scale and extremely expensive.

If you don’t think it affects you, think again!

The Australian Government’s cybercrime reporting tool ReportCyber last year received 13,672 lodgements from companies and individuals in only 3 months of reporting (July to September 2019). This represents an average financial loss of $6,000 per report, more than $890,000 reported losses each day, with an estimated annual combined loss of $328 million. These statistics do not take in to account the rise in cybercrime during COVID-19.

However, since early March 2020, the Australian Cyber Security Centre’s Threat Update has reported that there has been a significant increase in COVID-19 themed malicious cyber activity aimed at individuals and businesses across Australia, and these continue to rise. The Australian Competition and Consumer Commission’s Scam Watch has alerted us to specific COVID-19 related scams which affect both businesses and individuals, and how scammers have changed the way they approach us, taking in to account vulnerabilities associated with working from home and increased online transacting.

Minimizing the risk of Cyber attacks on your Business’s bottom line

Risk Mitigation is the first step in protecting your business through firewalls, anti-malware software, regular back up of data, staff training to be able to identify fraudulent emails.

However, even the most diligent of business owner cannot be fully protected through these mitigation processes when an elaborate hacker or scammer is involved.

Protect yourself and your clients

Cyber Protection insurance is designed to protect your business from financial losses in the event of computer hacking or data breach.  A comprehensive Cyber policy will cover both first party and third party losses.

Some of the common events that can result in a cyber claim include:

  • a hack attack
  • breach of privacy
  • lost or stolen iPad or laptop

What’s covered?

Cyber Liability & Privacy Protection policy can provide the following key elements of cover:

Third Party Claims:
covers the Insured’s liability to third parties from a failure to keep data secure –

  • such as claims for compensation by third parties
  • investigations
  • defence costs
  • fines and penalties from breaching the Privacy Act.

First Party Costs:
reimburses the Insured for the costs they would incur to respond to a breach –

  • such as IT forensic costs
  • credit monitoring costs
  • public relations expenses
  • cyber extortion costs (including ransom payments to hackers).

Business Interruption:
this section provides reimbursement for the Insured’s loss of profits resulting from the breach, as well as any additional necessary expenses it may need to incur to continue business as usual. 

Phishing, Social Engineering and Cyber Fraud Cover:
Cyber offerings can be extended for an additional premium to include Social Engineering, Phishing and Cyber Fraud cover (subject to underwriting criteria being met).

Phishing scams are attempts by scammers to trick you into giving out personal information such as your bank account details, passwords and credit card numbers, usually by diverting you to alternative webpages, attachments and so on. For the month of April 2020, the Australian Competition and Consumer Commission’s Scam Watch reported 3,153 reports of Phishing, with a total financial loss of $63,999, and email scams represented 50% of those.

Social engineering scams are used by hackers to deceive and manipulate victims into giving out confidential information and funds. These hackers exploit individuals’ trust in order to discover their banking details, passwords or other information to cause a payment to be made to the hacker’s bank account. The scams are predominantly carried out online, for example by email or through social networking sites, however, they can occur by telephone or in person. There are numerous well-known types of social engineering scams that includes supplier invoice fraud, data theft, phishing attacks or hacking of email accounts.

CEO or Manager Impersonation is by far the most common form of social engineering due to the human element involved. The Insurance industry in general is seeing an increase in claims related to social engineering scams involving CEOs or other senior managers. Hackers are targeting senior officers who are not only in a position of authority but also have the ability to authorise large electronic transfers of funds. A single successful scam can go unnoticed for several months until it is picked up, either internally, or externally by an ‘unpaid’ supplier. For an SME a single unpaid supplier invoice can cause unwanted legal problems and seriously threaten the life of the business.

So, do you need more protection?

Planned Cover acknowledge that every business is unique and so are the business circumstances. We are in unprecedented times with substantial uncertainty.  Insurance is designed to reduce or eliminate risk and assist with the protection of your assets.

Please call or email our experienced State/Account Managers to review or discuss your insurance requirements:

State Manager VIC
(03) 8508 5400
0415 304 119

Simon Gray
State Manager NSW/ACT
(02) 9957 5700
0400 123 424

Karen Meiklejohn
State Manager QLD/NT
(07) 3017 1500
0417 006 896

Cos Cirocco
State Manager SA/TAS & National Business Manager
(08) 8363 7366
0438 442 870

Kylie McGrath
State Manager WA
(08) 9261 1200
0429 338 570