All posts by Guest Columnist

Cyber Risk, Insurance Industry

FBI: Elder Fraud Up; Bolsters Case for Personal Cyber Insurance

Leave a comment

By Neil Rekhi, Personal Cyber Product Lead, HSB

Targeting of the demographic with the most to lose increases.

In 2023, total losses reported to the FBI’s Internet Crime Complaint Center (IC3) by people over the age of 60 topped $3.4 billion, an almost 11 percent increase in reported losses from 2022. The number of complaints, the highest attributed to a single age group, increased by 14 percent. The average dollar loss per complaint was $33,915, with nearly 6,000 people losing over $100,000 per claim.

The IC3 report outlined several common cyber fraud activities that impact individuals over 60, including:

  • Call Center/Tech Support Scam
  • Confidence/Romance Scams
  • Cryptocurrency Scams
  • Investment Scams

The IC3 notes the actual figures around these and other cyber crimes targeting the elderly may be higher since only about half of the more than 880,000 total complaints it received (with total losses exceeding $12.5 billion) included age data.

A major reason for the proliferation of elder fraud may simply be that members of this age group are plentiful while also having comparatively the most to steal. Adults 65 and up are expected to make up 22 percent of the US population by 2024. Federal Reserve data indicates that their asset accumulation outpaces that of other age groups, with median and average net worth figures for adults 65-74 at $409,900 and $1.8 million, respectively, and for adults 75 and over, $335,600 and $1.6 million respectively. 

Increasing digital lives and advancing technology create new threats.

The transition to the smart mobile and app economy, along with the rise of big data and predictive analytics/AI, and (due to the pandemic) remote working, have transformed the way we engage with the world on a social, professional, and financial level. The Internet of Things (IoT) and each person’s expanding network of personal devices — smart TVs, video game consoles, appliances, home climate control systems, etc. — have propelled the digitization of our existence. All these advancements can make life easier but also increase points of cybersecurity vulnerability for people of all ages.

However, data indicates that different age groups can be susceptible to different methods of targeting by cyber scammers. For example, phishing, which relies on the human tendency to repay what another person has provided, can be more effective for targeting older vs younger adults. Also, today’s consumer under age 25 may never have the need to write a paper check, but many over 65 today have spent a significant portion of their lives handling their financial affairs that way. Thus, the trust placed in tech support people and other personnel whom they are supposed to rely on for assistance is understandable.

Unfortunately, according to the IC3, people over 60 lost more to call center and tech support scams than all other age groups combined, with this group reporting 40% of these incidents and 58% of the related financial losses (about $770 million). Common schemes involved using phone calls, texts, emails, or pop-up windows (or a combination of these) to connect with victims, manipulating them to download malicious software, reveal private account information, or transfer assets. The fallout included remortgaged homes, emptied retirement accounts, and, in some cases, suicide.

New tools and methods increase cyber security threats.

A financial services professional at a Hong Kong-based firm sent US$25 million to fraudsters after she believed she was instructed to do so by her chief financial officer on a video call that also included other colleagues. Deepfakes, one of 2024’s increasingly common cyber risks for businesses and organizations, is on track to become a major threat to personal cyber liability. A technology known as “deep” learning (hence the name) can generate images, videos, texts, or sound files specifically designed to be highly convincing despite being entirely made up.

This content can turn up anywhere on social media, the internet, or even in emails and phone calls, fooling unsuspecting humans, and, all too often, even detection software. Deepfakes aren’t always produced for malicious activities; some are used widely for entertainment. However, the growing sophistication of deepfakes and the availability of the technology needed to make it may have serious implications for cyber risk.

Cyber criminals can leverage this technology to trick victims into divulging sensitive information, transferring money, or performing other activities. Reputations can be damaged by fabricated images of victims engaged in illegal or controversial acts. This type of deep fake can also enable blackmail in exchange for not releasing the material. In addition to impersonating individuals, cyber criminals can use deep fakes to bypass biometric verification or create false advertising.

The options for managing personal cyber risk can differ in crucial ways.

Personally identifiable information (PII) is the primary driver of identity theft and most other cyber fraud. Major data breaches are becoming common place, such as the incident that happened in 2023 (but wasn’t reported until August 2024) that credit exposed 2.7 billion records. Bad actors exploit this kind of information to directly engage in fraudulent transactions or create trust with their targets in more complex schemes.

Thanks to heavy marketing and wide availability from banks and card issuers, consumers tend to be familiar with Identity Theft Protection (ITP). As the name implies, such plans revolve around the risk of stolen identity and can alleviate some of the work and costs related to monitoring and mitigating the fallout from identity theft.

In contrast, Personal Cyber Insurance (PCI) offers coverage for a broader range of losses. Covered risks, in addition to ITP, can include cyber extortion, online fraud and deceptive transfers, data breaches, cyberbullying, and more. An important aspect of PCI is that it can help provide financial reimbursment from covered “cyber scams” or related social engineering risk not directly tied to identity theft, cyber crimes which are on the rise. It also offers assistance and financial reimbursment for compromised devices. For example, if a policyholder is hacked, personal cyber insurance may help cover the costs of hiring a professional to reformat the hard drive, reinstall the operating system, and restore data from the backup.

“Social engineering and other cyber-related threats against consumers continue to grow and evolve, and insurance carriers are offering affordable personal cyber coverage that can be easily added to a homeowners or renters insurance policy,” says James Hajjar, Chief Product Officer at Hartford Steam Boiler (HSB).

HSB, which has been offering personal cyber insurance since 2015, has evolved its coverage multiple times over the years to stay ahead of cyber risk trends and the dynamic threat landscape. Given the increasing complexity of cyber risks and the rise of sophisticated scams — such as phishing and ransomware — that kind of protection shouldn’t be limited to identity theft. Robust PCI coverage safeguards against a range of other cyber-related issues and provides critical support to ensure policyholders aren’t left to deal with the financial aftermath of a cyber incident alone.

“It’s crucial that cyber insurance is specifically designed to help individuals protect themselves against these evolving threats and provides financial security and additional programs and services if someone is hacked,” Hajjar says.

Historically, ITP has been widely offered through banks, credit unions, credit card issuers, and credit reporting agencies. Either product type may be purchased as either standalone or optional add-on coverage for homeowners, rental, or condo insurance policies.

The IC3 says it receives about 2,412 complaints daily, but many more cybercrimes likely go unreported for various reasons. Complaints tracked over the past five years have impacted at least 8 million people. The 2023 Data Breach Report, which details the larger dataset of cyber crime complaints to the FBI’s Identity Theft Resource Center (ITRC), reveals that last year delivered a bumper crop of cybersecurity failures – 3,205 publicly reported data compromises, impacting an estimated 353,027,892 individuals.

A new conversation about personal cyber insurance begins.

Triple-I and HSB are teaming up to uncover ways to enhance support and resources for insurance agents while improving personal cyber insurance options for policyholders. If you are an agent, please take three minutes to help by participating in our survey. Your contribution will be invaluable in shaping the future of personal cyber insurance.

Insurance Industry

Some Potential Sunshine for Florida’s Property Insurance Market 

Leave a comment

By Matthew Scarfone, Esq., Triple-I blog contributor, and shareholder at Colodny Fass 

Florida presents property insurers with a unique set of factors that affect the availability and affordability of insurance coverage. The state boasts the third-largest population in America while simultaneously enduring a higher-than-average volume of natural disasters. It’s fair to say that operating a residential insurance company in the Sunshine State isn’t for the faint of heart.

What’s behind the mounting catastrophe in the Florida legal system?

But as damaging as the hurricanes can be, there is a man-made disaster that has contributed significantly to destabilizing the market to concerning levels: legal system abuse. In practice, some people are misusing tools of the justice system to manipulate outcomes and obtain windfalls. Insurance carriers have paid a heavy price in recent years due to the increased abuse of one-way attorney fees, bad faith claims, and other unsustainable litigation trends. 

Exploitation of one-way attorney fees and bad faith law has been especially prevalent. Until recently, if a policyholder or third party sued an insurer and obtained any monetary award, they were entitled to recover all attorney fees incurred in the litigation. This practice may have incentivized people to dispute insurance claims, regardless of whether they were justified.  

The problem was further exacerbated by the abuse of assignment of benefits (AOB) agreements, which created an opportunity for contractors to inflate costs. As a result, a modest homeowners insurance claim could lead to multiple lawsuits by different assignees, each asserting a separate claim for attorney fees. Manipulating this loophole encouraged excessive claims and unreasonable demands, forcing insurers to choose between paying the inflated bill or risking a lengthy trial where the attorney fees alone could exceed the claim amount. On top of that, courts have had broad discretion to apply fee multipliers and can award 1.5-3 times the reasonable attorney fee. 

Cases involving allegations of bad faith further compound an insurer’s exposure because these cases can be costly to defend and involve intrusive discovery, amorphous damages, and unpredictable juries. Bad faith cases are not ripe (i.e., ready to potentially warrant judicial intervention) until there has been a final determination regarding coverage and the damage amount. Therefore, insurers regularly face the prospect of defending a bad faith case even after resolving the underlying dispute.  

Florida’s courts did not help matters by ruling that appraisal awards—tools designed to help resolve disputes—could lay the procedural groundwork for bad faith actions. In other words, after resolving a claim through appraisal, insurers could still be left to defend a lawsuit for bad faith. Some attorneys used this caselaw as a playbook to fast-track claims into bad faith litigation by misusing the appraisal process. 

The problem looks even worse when you quantify it. According to the Florida Office of Insurance Regulation (OIR), as of 2020, despite Florida only accounting for 9% of all homeowners insurance claims in the country, it accounted for 79% of all homeowner insurance litigation nationwide. Additionally, over the last decade, only 8% of the $51 billion paid out by insurers went to claimants, yet plaintiffs’ attorneys took home 71%. Meanwhile, eleven Florida property insurers fell into liquidation since 2017—five of those occurring last year alone. 

Legislators recognized need for urgent action to help curb costs of insurance claims.

The Florida Legislature has responded to the growing crisis by passing multiple pieces of significant insurance reform, primarily tackling the problems with AOBs, bad faith claims, and excessive fees.  For example, the new laws eliminate one-way attorney fees in property insurance litigation, forbids using appraisal awards to file a bad faith lawsuit, and prohibits vendors from taking AOBs under new policies. Despite criticism from the plaintiffs’ bar, these reforms are not all “one-sided.” Recently passed legislation also ensures transparency and efficiency in the claims process and encourages a more efficient and less costly alternative to litigation.  

While it’s too soon to know exactly how recent reforms will improve the state’s insurance market, there is a sense of hope that these measures will decrease the volume of property insurance litigation and foster a more viable and stable residential insurance market that enables greater consumer access to affordable coverage. 

It may take time for these reforms to have a measurable impact on Florida’s property insurance market. Still, insurers and policyholders alike should be optimistic that the market is headed in a more sustainable direction. 

Insurance Industry

Thousands of Claims Experts Headed to Florida

Leave a comment
Rohit Verma, Chief Executive Officer, Crawford & Company

By Rohit Verma, Chief Executive Officer, Crawford & Company

Hurricane Ian inflicted more damage in Florida and the Carolinas than last year’s Hurricane Ida did in Louisiana, in terms of the number of buildings, vehicles, and infrastructure affected. It is the main reason Ian’s insured losses are likely to exceed Ida’s $36 billion.

Ian’s flood-damage claims are expected to exceed claims for Ian-caused wind damage as a percentage of this $40 billion to $60 billion event, even though only about 18 percent of Florida homes carried flood insurance. Crawford & Company anticipates we will be handling a significant percentage of these flood claims. Dealing with both insured and uninsured losses is going to be especially challenging.

As routes are cleared to the communities of Fort Myers and Florida’s southwest coast, Crawford continues to evaluate the impact of the hurricane and to assist with the recovery. In our fastest ever ramp-up, thousands of Crawford’s adjusters are already deployed – our largest deployment in history at such an early stage – and we expect this number to increase in coming weeks.

This adjuster engagement is spread across our U.S. CAT team: managed repair network Contractor Connection, our loss-adjusting business; Crawford’s on-demand inspection service WeGoLook; and edjuster, the technology-driven field and desktop contents claims handling solutions provider Crawford acquired in August 2021.

Crawford Global Technical Services also is engaged with several clients who are still assessing the damage from Hurricane Ian, and we expect the volume of commercial claims to rise as they get reported.  Moreover, Crawford has fully operational support rooms in Gainesville, Tampa, Sunrise and Orlando, Florida.

Access remains challenging during the early stages of the response due to damaged infrastructure, but we have prioritized emergency mitigation services, board-up activities, and tree removal to help mitigate further damage and return homes and commercial buildings to a usable condition as quickly as possible.

As we get further into the restoration process, claims inflation and supply chain issues are likely to impact the industry’s response to Hurricane Ian. There will be intense demand for building materials.

Our immediate focus now is to help those who experienced devastating losses and restore lives, businesses, and communities affected by the hurricane.