Ransomware and Fraudulent Funds Transfer are the Two Main Drivers of Cyber Loss



Ransomware and Fraudulent Funds Transfer are the Two Main Drivers of Cyber LossRepresenting more than half of all cyber loss, new data shows these attacks all begin with employees falling for social engineering, phishing, and business email compromise.

Cyber Insurers have become an invaluable source of attack data, as they are able to share insights into what kinds of threat tactics are used without the victim organization needing to be identified. It gives those of us interested in understanding attack trends visibility into what threat actors are and aren’t doing.

In cyber insurer Corvus’ latest Risk Insights Index that covers attacks through Q4 of 2022, they breakdown the primary attack types they’re seeing in claims. According to the report, 51% of all claims involved one of three attack types: fraudulent funds transfer, ransomware, and third-party ransomware.

Fraudulent funds transfer (representing 27.5% of their claims) is the number one cyber attack experienced. According to Corvus, FFT is a situation “in which a threat actor, through social engineering efforts, has tricked an employee of an organization to wire money to a bank account they control.” The average claim for FFT, according to Corvus is $90,000.

Both instances of ransomware in the Corvus data make up about 24% of claims, with the average ransom at around $256,000.

Corvus researchers do warn that while the FFT claims are well under the average ransom, as well as do not incur the same response and recovery actions as ransomware (which further increase the cost a claim), FFT has been steadily increasing over the last three years, making it more and more an issue.

And given that both of these attacks use similar tactics up front to gain access to and control of email, endpoints, applications, and data, it makes sense that organizations need to employ Security Awareness Training to help counteract social engineering tactics used during early phases of these attacks.


Get Your Ransomware Hostage Rescue Manual

Ransomware Hostage Rescue Manual Cover 2022This 26-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with ransomware. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:

  1. What is Ransomware?
  2. Am I Infected?
  3. I’m Infected, Now What?
  4. Protecting Yourself in the Future
  5. Resources

Don’t be taken hostage by ransomware. Download your rescue manual now! 

Get Your Manual

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/ransomware-hostage-rescue-manual-0



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews