Expert says technology alone cannot deter cyber risks
People, not programs, are still the best defense against insurance fraud.
I had the opportunity to hear Frank Abagnale speak at a recent IASIU conference in Baltimore. His teen years inspired the Steven Spielberg movie, “Catch Me If You Can.” While the movie romanticized his story, he does not want to be remembered for that part of his life.
He shared his true story and highlighted how vulnerable companies are to cyber risks. “Every breach occurs because someone failed to do something they were supposed to do, or did something they weren’t supposed to do,” he said.
Abagnale detailed how hackers who steal massive amounts of data will warehouse that information for several years because the longer they hold onto it, the more valuable it becomes. “There is no technology to defeat social engineering — it can only be defeated through education,” he cautioned. And therein lies the challenge for many companies.
Cyber risks are expected to increase, particularly the use of ransomware and identity theft. Almost 99% of ransomware hacks start with an e-mail. An unsuspecting employee clicks on the wrong link and all of a sudden, the company’s records are being held for ransom. This type of fraud is successful because fraudsters can stay anonymous, companies are paying the ransoms, and even if the ransom is paid, fraudsters can still sell the information or use it in other nefarious ways.
Consider how much information is available online in company databases and through social media. All of the information an identity thief needs can be easily found online — where we go, our birth dates, where we work, who our friends are, what we look like, credit card numbers and social security numbers. Companies like Google and Amazon are already using information about us to tailor our shopping experience and the ads we see.
Related: Facebook says security breach affected about 50 million accounts
When combined, these details provide more than enough data for someone to clone your identity or create a new synthetic identity altogether. The faster technology changes, the more creative fraudsters are becoming, and they always seem to be several steps ahead of the folks trying to catch them.
We have to be aware of the inherent dangers found in new technology and be vigilant about protecting our data and that of our customers. Train your staffs, don’t click on questionable links and be suspicious of anything that doesn’t look quite right. We don’t have to make it easy for fraudsters to capture our data.
Patricia L. Harman is the Editor-in-Chief of Claims magazine. Contact her at pharman@alm.com.