Social Engineering: Blurring reality and fake – A guide for the insurance professional

Deception and disguise are criminal methods that are as old as time.

Numerous examples – from Ulysses and his Trojan Horse in Greek Mythology, to Fagan, the pickpocket, in Charles Dicken’s Oliver Twist – reinforce the long history of criminals achieving their goals by hoodwinking targets into believing that an interaction is something that it is not.

Today, that deception is largely being carried out in the non-physical realm. Recent huge strides made in technology take historic social engineering techniques to new levels in terms of both scale and sophistication.

In this paper, we will outline some of the forms of social engineering and explore

some of the criminal motivations for carrying out these attacks. We will take a deeper dive into four developing areas of social engineering, which we believe should be on the radar of insurance professionals, as they become more widely used.

Cyber insurance products do – and will continue to – cover claims from social

engineering attacks. This paper is designed to educate insurers on developing strains of social engineering, so they can engage with their clients meaningfully on their cybersecurity and risk management strategies against these new attacks.

CyberCube invests heavily in cybersecurity expertise – both human capital with deep experience in the cyber security domain and also in data sources and security signals that might flag vulnerabilities and risk areas.

This paper combines those resources, to offer some pointers on what warning signs enterprises should be alert to, and how insurers could address this growing trend before it becomes a major claims event.