As Cybercrime Increases, Companies Look to Insurance

As cybercrime grows, companies are looking to insurance policies to minimize losses. The U.S. Court of Appeals for the Eleventh Circuit held, in a divided opinion, that a cybercrime policy covered a $1.7 million loss from a spear-phishing attack. Yet experts suggest that coverage may be nuanced and they advise that clients should examine policies closely and train employees on how to avoid cybercrime schemes.

Spear-phishing does not involve a harpoon. Rather, it is becoming one of the more prolific and effective types of internet crime. Spear-phishing is a fraudulent attempt, usually by email, to obtain sensitive information from or induce activity by a specific recipient. This is done by masking the identity of the sender as someone trustworthy, and typically involves creating a sense of secrecy and urgency. Large businesses are prime targets. According to the Federal Bureau of Investigation’s Internet Crime Complaint Center, such attacks accounted for $1.7 billion in losses in 2019 alone. The result is a growing awareness of the risk, and a shift in the insurance coverage landscape.