What to do if you are the victim of cyber fraud

Scams existed long before the Internet, but today’s hyper-connectivity has made defrauding innocent victims much more prevalent. In fact, in just one year the FBI reported losses in excess of $10 billion from cybercrimes and that number only accounts for reported fraud. Unfortunately, these swindles can absolutely happen to anyone—and will, as long as the scammers continue to hone their tactics. Fortunately, many carriers have responded to this digital scourge by offering improved insurance options. While first-generation solutions provided only minimal coverage, some carriers now offer reimbursements as high as $1 million or more for losses incurred through extortion, phishing, and other types of fraud. Every policy is unique, and thus, you should speak with your broker to understand your coverage. And of course, if you suspect you are a victim, immediately reach out to your insurance professional for resources and assistance.  Identifying and reacting to the four most common cyber scams The below outlines the first steps you should take after calling your insurance advisor, should you fall prey to the four most common types of cyber fraud. 1. Phishing Scammers gain entry into your accounts after you click on “urgent” email or text requests that appear to come from legitimate organizations (i.e., your bank, FedEx, Amazon). What you should do: Depending upon what was exposed, you may freeze your credit (social security number), change your login information and/or password, and contact your bank. 2. Identity theft Criminals steal your personal information, gain access to your banking information, and open new accounts in your name, securing loans, requesting wires and more. What you should do: Freeze your credit and contact whatever entity was co-opted in the scam, as further investigation into the activity will likely be necessary. Alert applicable financial institutions to ensure no other funds are stolen. 3. Malware and extortion Harmful software is installed on your device after you are lured into visiting spurious websites or engaging with infected downloads or email attachments. With ransomware, one of the most profitable malware iterations is when the criminal encrypts your files, then demands money to free them again. This can also lead to extortion if they uncover compromising information, and demand money to keep it out of the public eye. What you should do: Download and run security software on the affected computer, removing any malware if possible. Consider hiring a crisis management firm to guide a public response should there be a concern about reputational damage related to the fraud. 4. Fake shopping sites You think you are buying a product on Amazon or Instagram but are actually dealing with a dropshipper, a third-party purveyor who sends an inferior product or nothing at all. What you should do: Contact the institution who handled your payment—credit card company, bank, gift card issuer, etc.— to reverse the charges or refund your money. Avoiding cyber fraud going forward Our goal, of course, is to help you make it as hard as possible for anyone to defraud you. To that end, whether or not you’ve already experienced cyber fraud, we recommend the following best practices: Accept two-factor authentication wherever it is offered: After logging on with your name and password, the site sends a unique code to your mobile or email for you to input. Keep your software updated: Immediately install any updates for your computer, mobile, and smart home systems as those updates are often released to fix a discovered vulnerability that could put you and your information at risk. Use a password manager: It’s best not to use a password for more than one login. A password manager will help you create a strong password that is then stored in your encrypted keychain. Establish security protocols for all financial transactions: Create processes with your advisors and institutions that require multiple approvals for any significant transfers or wires. Be wary of links: If you get a notice about any of your accounts or from any of your institutions, carefully confirm the sender before clicking any links as scammers have become quite adept at formatting communications to appear legitimate. When in doubt, don’t click, and contact the institution through their own website or listed phone number. As long as we remain dependent on technology to enrich our lives, there will always be those who seek to take advantage of that dependence. But by familiarizing yourself with their nefarious tactics and taking immediate action should something happen as well as employing all possible precautions, you can effectively navigate the challenges today.   ...

Why fighting cybercrime is a family affair

Gather the family: It’s time to chat about cybersecurity.Today’s cyber risks are all too common and unfortunately, constantly morphing. From attacks and extortion to bullying and more, your family and property are likely at risk if you are on the internet. The FBI’s Internet Crime Complaint Center receives more than 300,000 complaints per year with reported losses exceeding $1B. The biggest group of victims was people over 60 (49,523 of them lost $342 million), but more than 9,000 cybercrimes were reported with victims under the age of 20. So whether it’s your parents or your teenager, it takes the whole family to keep cybercriminals away. Those with substantial wealth and any degree of public prominence are generally the most attractive targets for the latest crop of techno-crooks. As such, personal cyber security policies are now as essential as home or automobile insurance. That’s why we urge clients to speak with us about resources for prevention, education and protection. But in case the gang is coming over for Sunday dinner, and you want to have this discussion sooner rather than later, these are the key areas to cover over the cornbread. Beware of (false) requests One of the fastest growing cybercrimes is called “social engineering” where crooks convince you to send them money by pretending to be someone you know. Often, they break into your email system to gather tidbits of personal information to make their appeals seem believable. Create a universally understood protocol before anyone in the family approves a money transfer, and make sure it involves face-to-face or voice verification. Don’t rely on email. Criminals can program automated responses from a hacked email account that seem realistic. Put an extra wall around your money Use unique passwords for each of your banks, investment companies and/or any account that could lead to a substantial loss. Similarly, consider using a separate email account just for communicating with your bank. Avoid conducting financial transactions on public Wi-Fi networks—while it’s getting harder to hack into data moving over Wi-Fi, it’s not impossible. Banking on your phone connected to cellular data is somewhat more secure. If anyone in your family is into Bitcoin or other crypto-currencies, they need to take extra security precautions. These systems turn money into unique code numbers and if they are stolen or lost, you can’t get them back. These losses are shockingly common. Use new ways to protect your passwords Lots of money is stolen by crooks who fool people into revealing their passwords. Remind family members to watch out for phishing emails from a “bank” or other site requesting information. Even better, make sure to enable the service that require you to log in both with your password and a code sent to your cell phone. Make your passwords really long. Never mind the old advice to make funny looking pA$$w0rdz with symbols and numbers. Many crooks use computers to guess all the possible passwords until one works. Foil this scheme by using a phrase of five or six words that you can remember. Normal spelling is fine. Use software that assigns a different password to each site you use, such as 1Password and Dashlane. That way if someone steals one password, they can’t get into any of your other accounts. Talk to your kids about their social interactions (and listen too) Watch for secret “ghost” apps that hide photos or videos in a calculator or enable private messaging. Listen carefully to your kids who are likely ahead of the trends! They may hear about other kinds of scams and technology problems that the whole family should be aware of. Today’s best policies assist with data restoration, credit monitoring and damages related to cyber bullying. Because cyber scams are evolving as fast as our devices (or faster!), it’s worth staying in regular touch with your Alliant Private Client account executive. Fortunately, the insurance industry is evolving right along with the criminals so those discussions will help to ensure your coverage is up to date. ...

A guide to protecting your family office from a cyber breach

In the messy aftermath of the massive Equifax breach, which exposed the private information of nearly half of all American adults, many concerned family offices have inquired about what to do next to protect data security. And for good reason: criminals target and obtain wealthy individuals' information in order to open high-limit credit cards, borrow directly from banks or hack into the target’s email for nefarious purposes. That’s why we see an even greater need for family offices to systemically review their management of sensitive information and ensure that standard protections are in place. Because there is no one-size-fits-all fix—even with a cyber liability insurance policy in place—we believe peace of mind is best accomplished through a multi-pronged approach that incorporates education, risk mitigation and a judicious mix of coverage. Step one is to ensure that all family office staff and family members are trained to avoid clicking on so-called phishing emails (a.k.a. scams) that infect computers with malware or link to a page designed to steal private data. While this sounds simple, even the savviest fall prey. After all, phishing emails were responsible for the hacks at the Democratic National Convention and Sony Pictures, and a Gmail scam was so sophisticated that it fooled techies. Accordingly, we suggest hiring a reputable, white glove security firm to conduct a full review of both the family office staffs’ and family members’ devices and accounts, including social media networks. The best firms also provide in-depth training to any individuals who repeatedly engage with potentially harmful emails, and run educational sessions for the entire family. They’ll even make it fun for the know-it-all 8-14-year-olds, who are almost certainly not as careful as they should be. Meanwhile, family offices should update their own security processes. Regularly scheduled software reviews by an IT expert are, of course, a minimum requirement. Equally important, and sometimes overlooked, is instituting a process for the movement of cash. Currently, the best practices include creating a pre-established list of employees authorized to transfer funds or initiate payments, and implementing client identification methods. A callback confirmation provision, which is akin to the protocol typically employed by financial institutions, is one example. We’ve seen many cyber criminals use a family member’s hacked email account to send a fraudulent money wire request, and without a verification process that transaction is likely to go through. Formalizing protocol for voice and electronic transfer requests is essential, as insurance companies will require detailed explanations of these actions before issuing fidelity bonds and newer social engineering fraud coverage—both crucial. The fidelity bonds cover losses—property or financial—incurred through fraud, forgery and employee dishonesty. Social engineering fraud coverage is now considered a standard element in any private insurance policy and is specifically oriented to mass or targeted email hacking schemes. Although you might expect otherwise, these thefts are usually not covered by cyber policies. Family offices should still consider obtaining a cyber liability policy because it provides customized assistance should a hacker steal data or hold it hostage for ransom. A breach coach, usually a law or forensic accounting firm, move quickly to a) identify what happened; b) assess the impact to the server; c) restore or repair the network; and d) do what is required to make future attacks unlikely. Without such a policy, family office officials are left to find their own experts and answers, which is not easily done nor an ideal circumstance during a crisis. Unfortunately, those policies won’t protect the office, or family members, should the breach happen to a third party like Equifax. These companies generally have their own cyber policies and are prepared to notify those impacted, but these services were significantly overtaxed and thus unresponsive after the Equifax news. Because high-wealth (and especially high-profile) individuals often need to take immediate action, family offices should also consider obtaining identify theft coverage for each family member. Personal Insurance carriers offer a range of coverage as a supplement to homeowner’s insurance policies. Coverage features range from data restoration, cyber extortion, cyber bullying to crisis management and reputation restoration with a variety of coverage limits available. This specialty coverage can also include credit monitoring and credit freezing if—or more likely when—the next major breach happens. ...

The dark side of innovation: AI and modern scams

An international financial company faced a serious security breach during an internal video call when fraudsters used deepfake technology to impersonate the CFO and other senior leaders. This deception resulted in a finance employee transferring $25 million, mistakenly believing it was a legitimate request. This is just one example of how scammers are leveraging technology, especially artificial intelligence (AI), to swindle record amounts of money. According to IC3, the FBI’s Internet Crime Complaint Center, such reported losses surged by $300 million in the first five months of 2024 alone. To counter the growing risk, the FBI has announced a nationwide campaign to raise awareness of scams fueled by AI and other technologies. This initiative highlights the importance of understanding these threats and encourages individuals to take proactive steps. In light of this campaign, we wanted to share some of the most common scams along with tips designed to help you stay protected. Common scams Voice cloning: Scammers use voice cloning technology to impersonate a loved one in distress. They may call with urgent requests for money or personal information which is then exploited to gain access to accounts. Deepfake scams: Scammers utilize generative AI to create realistic altered images or videos of public figures, friends, or family. These deepfakes can convincingly mimic appearances and voices to solicit money or sensitive information. The challenge of distinguishing real and fake content poses significant risks. “Wrong number” texts: Scammers send unsolicited texts that appear to reference prior conversations or meetings. By fabricating a context, they aim to prompt the recipient to respond, leading to potential phishing attempts for personal information or financial details. Romance scams: Con artists exploit online dating platforms to build emotional relationships with victims. They often create fake identities, complete with elaborate backstories, and may even propose marriage. As trust builds, they fabricate emergencies or financial hardships, ultimately requesting money transfers. Victims can face significant emotional trauma and financial loss, as scammers can persuade them to send large sums of money over time. Election scams: Fraudulent political action committees (PACs) can mislead individuals into donating funds for fake causes. The funds solicited may be funneled directly into the scammers’ personal accounts, leading to financial loss for unsuspecting donors. Moreover, such scams can undermine trust in genuine political fundraising efforts. Holiday scams: Tactics during the holiday season include failing to deliver items that have been paid for, misrepresenting items on auction sites, as well as gift card fraud. Victims may end up losing money on purchases that never arrive or unwittingly provide gift card information, which can be redeemed immediately by the scammer. How to protect yourself Scammers thrive on urgency to exploit their victims. Therefore, the best defense against AI-powered scams is to pause and resist the pressure to act quickly. For example, if you get a call from someone claiming to be your child or grandchild in trouble, verify the situation by putting them on hold and making another call before sending money. It’s also important to be cautious with links sent from banks, online retailers, delivery companies, or any organization. Instead of clicking on links, it’s safer to visit their official websites directly to manage your accounts, make payments, or donate. Always remember, never invest in or give money to someone unless you can verify their identity. If you're unsure, consult your financial advisor before transferring any funds. And if you do feel the need, consider giving only what you’re comfortable with potentially losing. Another key point is to review your cyber-insurance policy. Coverage for scams and fraud can vary widely, so it's wise to discuss your specific needs with your account executive. Keep in mind that policies usually don’t cover voluntary money transfers, even in fraudulent scenarios. If you do fall victim to a scam, contact the relevant institution immediately to request a reversal or a refund for credit, debit, gift cards, or wire transfers. While results may vary, it’s worth trying. Cryptocurrency payments, by the way, are generally not reversible, which is why many scammers demand them. ...

How data impacts your personal insurance program

In today’s interconnected world, your online presence is more than just a reflection of you. From the data you share on websites and the social media posts you make, every digital interaction leaves behind a trail that can influence how carriers assess your risk, set premiums, and even handle claims. As carriers navigate mounting losses due to the ongoing severe weather events and other modern risks, they strive to minimize future liabilities by leveraging all available data for their policy evaluations.  This overview will help you understand how your online activity and digital footprint impacts your insurance profile so that you can understand which choices will better protect your insurance program. 1. Images from drones impact home insurance premiums When it comes to home insurance premiums and policy decisions, carriers utilize various data sources including drone footage and property history to accurately assess risk. This may allow carriers to spot concerns that were previously nonissues. However, the information also makes it easier and cheaper for carriers to make an appraisal, and those benefits can be passed along to the buyer. Carriers can pinpoint specific areas of concern like wind damage, fire risk, or theft exposure, and adjust rates accordingly should those risk assessments warrant. That said, if you're shopping for home insurance in a region recently affected by a natural disaster, carriers will have data about related losses nearby and require specific documentation confirming there are no known issues with your property. 2. Data about driving habits affects automobile insurance rates Auto insurance carriers not only track accidents and tickets, but are now analyzing driving characteristics including speed, acceleration, braking patterns, and more. Some drivers voluntarily enroll into programs that allow carriers to monitor their travels, often in exchange for lower premiums if the data indicates safe behavior. (Of course, premium increases are a possibility should the opposite prove true). Drivers, however, do not always know that their data is being collected. Given these potentially ambiguous circumstances, we believe that best offense is defense — i.e., defensive driving. It will mitigate the chance that data about your driving leads to higher premiums and minimize the likelihood of an incident. 3. Medical records alter life insurance policies When applying for life insurance, it’s not just your age and health status that matter. Routine medical visits, an innocuous visit to a chiropractor, or even a routine prescription could raise red flags in your application, potentially increasing your premiums or complicating your eligibility. Medical data, including billing codes inputted by medical practitioners can raise flags, whether those flags are justified or not. And electronic record keeping ensures that a lot more information than that is available, and any of it can make carriers less willing to offer policies or at least more likely to ask for higher premiums. 4. Social media influences liability coverage Similar to medical records, your social media presence could be examined by carriers before they offer you coverage or renew policies. As a reminder, anything you post online, such as texts, emails, Tik Tok videos, even a seemingly innocent post or comment, can leave a digital trail that might affect your insurability. You don’t want to find yourself in a position in which a hack or a lawsuit can expose you to damages. Therefore, maintaining a thoughtful and privacy-conscious social media presence can help minimize potential risks in the eyes of carriers. While this increasing reliance on data might seem overwhelming, it does offer some advantages, especially for those with lower risk profiles. With more precise data, carriers can now tailor rates to individual risks rather than relying on one-size-fits-all premiums. This means that people with lower risks may enjoy more affordable rates. As the industry evolves, insurance is becoming more personalized, which can benefit those who continue to take proactive steps to manage their risks. The digital landscape is surely a complicated one, but it’s one our team at Alliant is adept at navigating. You can count on us to continue to provide you not only with the most appropriate coverage options, but with the up-to-date knowledge needed to make the best choices. ...

Obtaining life insurance in the age of big data

In the digital age, the drive to protect our loved ones remains as strong as ever, but the process is once again in transition. Insurance companies aren’t far off from making underwriting decisions from the computer algorithms and vast databases that have transformed our modern lives. For anyone who wants new coverage—or to ensure that their existing policies are in order—the potential impact of the new technologies is worth understanding. Here is what you can expect when obtaining life insurance in the 21st century. The process is starting to get faster Long before Silicon Valley’s algorithms and big data, insurance companies were concocting formulas to estimate life expectancy. They would deliver a price for a policy after inputting factors like age, weight, family history, medical condition and propensity to engage in risky behaviors. About five years ago, a select few insurance companies realized that their models were good enough to make some underwriting decisions without a medical exam. The firms offered speedy underwriting programs that required only an application (often online), a telephone interview, and permission for the company to gather electronic information about your health and lifestyle. These programs have become so popular today that many carriers are making them available to more customers with higher policy limits up to a $1M. In the future, parts of the process may be even quicker with talks of insurance carriers analyzing your selfie to determine whether you qualify for the best rates! You might want to hold off on that ancestry test While thus far scientists have only identified a few genes that indicate a heightened risk of certain medical conditions, it’s ultimately the information stored in our DNA that can best predict longevity. While none of the insurance companies in the United States force people to take genetic tests, the carrier can consider those results for underwriting IF they are part of your medical record. (Canada and several European countries have banned this practice, and a few states are considering similar rules.) For now, you should be careful about voluntarily submitting to DNA testing through services like 23 and Me. At the very least make sure they will destroy the sample. Or even better, wait until after you’ve bought your insurance policy before checking out whether grandpa’s tales of Viking ancestry are true. Carriers know more about your life Buying life insurance has always involved a privacy tradeoff: you allow an insurance company to ask your doctor questions and in exchange, you get to protect your family if there is an unexpected loss. Now the fine print on the insurance application also authorizes the underwriter to examine our digital personas. They are not only looking for signs of health and lifestyle risks, but they also want to double check that the information you put on your applications is accurate and complete. These are the main types of data life insurance companies peruse, and how they might impact your application: Past insurance applications. Every time you apply for life insurance, some of that information is sent to an MIB (Medical Information Bureau) data clearinghouse. So if you get turned down for insurance from one company, don’t think you can “forget” to mention your heart transplant when you apply to a different carrier—they will have access to other companies’ notes. Prescription drug records. Underwriters can typically see all the drugs you’ve taken and the doctors that prescribed them. The files don’t show what conditions the drugs were prescribed for, so this data often raises more questions than answers. Some of those questions can be quite pointed, however, especially, if the company sees you’ve been treated by doctors for conditions you left off of your application. Social networks and the rest of the internet. Your insurance company knows how to use Google too. And there are a bunch of startups that scan publicly available information on social networks for evidence of risky behavior - so if you’ve posted pictures of yourself skydiving, your life insurance rates could be sky high as well. Don’t forget that behavior and lifestyle are strong indicators of life expectancy! State motor vehicle records. For people under 45, car accidents are the leading cause of death, so insurers look for any record of driving while intoxicated, reckless driving, or, increasingly, distracted driving. They even look for speeding tickets! Help is near While the application process is utilizing big data and adapting to new technologies, the value of life insurance remains constant and irreplaceable. The good news is that data will not stop most applicants from obtaining a good policy. However, it can add complexity. We are available to help navigate this quickly-evolving digital landscape as it pertains to your life insurance coverage today and in the future. ...