With cybercriminals constantly seeking opportunities to separate people from their money, it should come as no surprise that banks and other financial institutions are prime targets of cyberfraud. A recent report by Intsights, a cyber intelligence company, found that more than 25% of all malware attacks are aimed at financial organizations, more than any other industry, and that there were huge year-on-year increases in the numbers of incidents involving credit cards (up 212%), credential leaks (129%) and malicious apps in general (102%).
Financial institutions of all types and sizes spend vast sums on cybersecurity and on training staff members to be alert to signs of fraud. But fighting cyberfraud and cybercrime is like waging any other war. Cybercriminals are persistent and cunning foes, eager to take advantage of any vulnerability they spot. That’s why the nest eggs of advisory clients are likely to be subject to risk, despite all the cybersecurity measures taken by financial advisors and their firms, as well as the custodians and other service providers.
For example, consider the case of Vanessa and Craig Murdoch, a couple in their late 40s who are saving and investing to pay for the upcoming college expenses of their two children and their own retirement. In addition, Vanessa is caring for her mother who is 78 and starting to have health issues. To make the care easier now and in the future, the couple decides to build a guest house on their property. Vanessa withdraws $200,000 from her investment accounts and transfers the sum to her checking account to pay for construction.
A few days later, Vanessa logs into her checking account via the mobile app on her smart phone and sees that her bank balance is zero. Unbeknownst to her, when Vanessa used a mobile charging station in an airport lounge a week earlier, a cybercriminal had infected her phone with malware, which recorded her keystrokes when she later logged into her bank account, and then subsequently used her password to deplete the account. Out $200,000, Vanessa and Craig now have to decide how they will juggle the competing needs of children who soon will be going off to college and an aging parent who needs help.
Vanessa and Craig are not alone. The World Economic Forum estimates that the annual economic cost of cybercrime now exceeds $1 trillion. Despite vigorous law enforcement efforts, like a recent international effort that has charged individuals from Russia, Eastern Europe and former Soviet states with infecting computers with malware in order to steal an estimated $100 million from banks and businesses around the world, cybercrime is likely to continue and grow even more sophisticated.
Advisors’ clients, whose wealth makes them vulnerable to attack, should follow all the cyber safety guidelines that financial firms offer. In addition, they should protect themselves through cyber coverage as part of their property and casualty insurance. In Vanessa’s and Craig’s case, their existing policy simply didn’t cover their loss. An optimized homeowner’s policy with cyber coverage added, which could be purchased with a very modest increase in premiums, would have provided $250,000 in cyber financial loss coverage with no deductible.
To help clients protect their investment assets from cybercriminals, advisors need not become experts in property and casualty insurance, let alone experts in cybercrime. Advisors can best help their clients by establishing a relationship with an expert property and casualty insurance agent who can review clients’ current coverage and make sure they are protected from risks they probably don’t even know they face. Many times, knowledgeable agents can improve protection and lower costs by eliminating duplication and consolidating coverage.
Like the Murdoch’s, cybercrime can affect clients and their financial well-being in far-reaching ways. Financial advisors have an important role in bringing that risk to clients’ attention and helping to mitigate it.
Fran O’Brien is division president, North America personal risk services, Chubb, She can be reached at [email protected].