According to new data from Corvus Insurance, fraudulent funds transfer (FFT) continues to generate substantial losses for organizations.
FFT comprised 36 percent of the company’s cyber claims — an all-time high — during the third quarter of 2022. This metric has not dipped below 25 percent of claims for the past six quarters, according to Corvus’ Risk Insights Index, which is a compilation of industry trends and data analysis drawn from sources including the company’s proprietary IT security scanning technology and detailed claims reporting.
The MGA reported that the increasing rate of FFT incidents, defined as an attack in which threat actors use social engineering tactics to trick employees or vendors into transferring funds to the wrong accounts, signals a continued susceptibility to business email compromise (BEC). Corvus also reported that while the proportion of ransomware incidents targeting the U.S. declined in early 2022, average claim costs remained high, at nearly three times the average of an FFT claim.
According to the report, FFT and ransomware are the top drivers of Corvus cyber loss in 2022 and account for more than 50 percent of all claims combined.
“Global cybercrime is growing more complex by the day, presenting security leaders with new challenges,” said Jason Rebholz, chief information security officer at Corvus Insurance. “With the power of security insights and dynamic claims data feeding Corvus’s technologies, we can help our policyholders improve their cybersecurity posture by informing them of emerging threats and best practices.”
He continued: “While ransomware continues to be a dominant risk, we are seeing tactics change, including the rise of other forms of extortion as well as funds transfer fraud. The findings from our report serve as a reminder to all security leaders that cybersecurity is fluid and attackers will shift their methods, even revisiting old tactics, so long as they continue to reap financial benefits.”
FFT has been the top source of cyber loss over the past year in terms of frequency, while ransomware remained by far the costliest cyber claim. Since 2019, FFT has accounted for 28 percent of cyber claims in Corvus’ book of business, while ransomware comprises 23 percent. The average claim for FFT — $90,000 — is a fraction of the ransomware average of $256,000. FFT incidents do not typically involve costly data restoration, system recovery, business interruption or breach response efforts that are commonly required following ransomware attacks, said Corvus.
“The rise in FFT incidents is linked to BEC, with FFT making up more than half of all BEC-related claims,” according to the report. “BEC can result in an email account takeover, whereby threat actors trick employees into giving up their account credentials and gain access to employees’ inboxes — which is particularly effective for FFT.”
It’s expected that ransomware and FFT will remain the top drivers of cyber loss, as Corvus data shows ransomware and FFT are the two most consistent tactics of choice for threat actors.