At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Ransomware and Fraudulent Funds Transfer are the Two Main Drivers of Cyber Loss

    Representing more than half of all cyber loss, new data shows these attacks all begin with employees falling for social engineering, phishing, and business email compromise.

    Cyber Insurers have become an invaluable source of attack data, as they are able to share insights into what kinds of threat tactics are used without the victim organization needing to be identified. It gives those of us interested in understanding attack trends visibility into what threat actors are and aren’t doing.

    In cyber insurer Corvus’ latest Risk Insights Index that covers attacks through Q4 of 2022, they breakdown the primary attack types they’re seeing in claims. According to the report, 51% of all claims involved one of three attack types: fraudulent funds transfer, ransomware, and third-party ransomware.

    Fraudulent funds transfer (representing 27.5% of their claims) is the number one cyber attack experienced. According to Corvus, FFT is a situation “in which a threat actor, through social engineering efforts, has tricked an employee of an organization to wire money to a bank account they control.” The average claim for FFT, according to Corvus is $90,000.

    Both instances of ransomware in the Corvus data make up about 24% of claims, with the average ransom at around $256,000.

    Corvus researchers do warn that while the FFT claims are well under the average ransom, as well as do not incur the same response and recovery actions as ransomware (which further increase the cost a claim), FFT has been steadily increasing over the last three years, making it more and more an issue.

    And given that both of these attacks use similar tactics up front to gain access to and control of email, endpoints, applications, and data, it makes sense that organizations need to employ Security Awareness Training to help counteract social engineering tactics used during early phases of these attacks.

    Request A Demo: Security Awareness Training

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    Save My Spot!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top