Chubb and Microsoft chart the evolution of cyber crime

By William Girling
A new white paper co-authored by Chubb and Microsoft tracks the mounting risks and dangers associated with cyber crime’s increase...

A new white paper co-authored by Chubb and Microsoft tracks the mounting risks and dangers associated with cyber crime’s increase.

With an increased emphasis on cybersecurity becoming particularly important in the wake of remote working practices, the companies opted to focus on emails in particular as a gateway to risk. 

Among the statistics cited in the report to emphasise the extent of the problem are:

  • 467,361 complaints forwarded to the FBI’s Internet Crime Complaint Center in 2019 alone (almost 1,300 per day).
  • Over US$3.5bn in individual and business losses.
  • One instance wherein $75m was redirected to a cyber criminal’s account following a Business Email Compromise (BEC) scam.

Combating sophisticated fraud

Regarding the latter point, Patrick Thielen, Senior VP at Chubb North America Financial Lines, commented, "BEC attacks serve as a prime example of how cyber crime is quickly evolving.

"As employees become savvier about not clicking on unfamiliar links or downloading unknown attachments, cyber criminals are just as quickly pivoting to different means—hijacking email accounts and impersonating executives. 

“These sophisticated fraud schemes often result in employees erroneously transferring money to criminals under the auspices of their bosses' supposed directions."

Indeed, the white paper notes that there are three primary ways to perpetrate email impersonation:

  1. Brute force using specially-developed software to crack email passwords.
  2. Credential harvesting by exploiting people’s general inclination to use the same (or similar) password for multiple functions.
  3. Phishing the information through fraudulent emails that often request the user to change or reveal their personal information.

Therefore, Chubb and Microsoft recommend the speedy adoption of multi-factor authentication that bolster baseline password security (which alone contributes to 80% of breaches). The report notes three aspects:

  1. The most simple is a password or verification code known only to the individual user.
  2. Next, a registered and secure device should be linked to all restricted activities. 
  3. Finally, some form of biometric authentication (such as a fingerprint) should be used, as this is the most difficult layer to overcome by remote hacking.

It makes sense that technologically sophisticated problems would require an equally sophisticated solution. Acting fast and making the investment, states Joram Borenstein, General Manager of Modern Work and Security Partnerships at Microsoft, is the optimal solution: 

"The old saw of an ounce of prevention being worth more than a pound of cure remains true in the cyber world. By layering authentication across multiple factors, consumers and employers make it harder for criminals to breach defences and get at your business and personal data."


Featured Articles

Milliman Arius: Reserve Analysis with an End-to-End Solution

Insurers face risks and errors with current reserve analysis methods – and Arius provides the answer

Allstate: BCG Partner Harnesses Gen AI to Transform CX

Allstate and BCG are harnessing Gen AI via a new model to better understand customer needs and improve overall experiences within the insurance sector

Comarch Diagnostic Point: Next Gen European Health Insurance

Healthtech provider Comarch introduces Comarch Diagnostic Point, set to improve health insurance across European markets

MoneyLIVE Summit 2024: Qover Talks Embedded Insurance


Ansel raises US$20m to combat financial healthcare barriers

Partner Ecosystems

Hastings Direct: Levelling up with Snowflake