Online hazards are part of the online experience:
how can we best deal with them?

Each year, millions of people are victims of either identity theft, cyberbullying, or some internet scam. In some countries such as the United States, identity fraud has been experienced by nearly 10% of citizens. Just in 2020, the FBI received as near as 800,000 cybercrime complaints. In France, more than 90,000 people reached out in 2020 to the state’s support platform in regard to breached cybersecurity concerns, and numbers keep growing. According to the ANSSI, the number of cyberattacks has quadrupled in 2020.

Cyberattacks are present all over the world, and Europe is no exception: from the least-exposed countries (Finland, Denmark, Luxembourg, Estonia and Norway), through those that are a little more exposed (Ireland, the Netherlands, Slovakia, Italy, Slovenia), to the most exposed ones (Belarus, Bosnia-Herzegovina, Ukraine and Albania), no country has found a way to completely prevent them. Phishing scams, non-delivery scams and extortion make up for the main threats. Cyberbullying and blackmail are also part of the picture.

Considering the universality of the phenomenon, and the fact that each attack or breach has the potential to be used to improve our cybersecurity models, governments, with the help of private parties specialized in cybersecurity and in the handling of crises, have a key role to play in the elimination of cybercrime. Since 2011, the UN has launched a Global Programme on Cybercrime, intended to help Member States navigate these relatively new threats.

But when it comes to companies and individuals, how can the tremendous psychological and financial costs caused by online hazards be prevented? How can individuals be better-informed, and good practices widespread? Most importantly: how can cybercrimes’ consequences be best dealt with when the damage is done?

When it comes to online hazards such as scams, and identity or sensitive data theft, making sure that individuals are properly informed and prepared is key to limiting the risks. Providing clear, effective information is the first step in decreasing the number of cybercrimes victims each year. Just as children are to be made aware of the potential risks of meeting strangers online, adults should also benefit from some kind of prevention.

Governments have taken hold of these particular threats for years now,  implementing effective communication and relevant programmes. In France, the Groupement d’Intérêt Public Action contre la Cybermalveillance (GIP ACYMA) is the result of the Government’s Digital Strategy presented on 18 June 2015. It has since then provided precious information to internet users through various campaigns, as well as an effective platform to report cybercrimes. It has published 10 easy principles for safer web use. Good practices such as using strong, different passwords for each of one’s online accounts, regularly backing up data, applying security updates or only downloading apps from official websites are part of the arsenal.

When using online services, what really makes a difference between two users is not their age as much as their knowledge of the internet tool. However, it seems that older, as well as young users, are more prone to cyberbullying and scams. According to the 2021 LexisNexis Risk Solutions’ biannual cybercrime report, young adults and people over 75 years old are the most targeted users for cyber attacks. This can be explained by the proportion of young users on the internet, and related to specific uses, especially regarding social media and cyberbullying, but also — in the case of older users — by a certain lack of knowledge.

In this context, prevention is key, informing individuals is a high stake. Especially considering the risks and consequences implied by cyberattacks. When confronted with the theft of personal and sensitive data, people can see their lives go down the rabbit hole. Blocked accounts, financial loss, undue credits can all come from one cyber attack. In the case of online harassment or cyberbullying, the risks can include tremendous psychological distress and, in the worst-case scenario, the suicide of the victim.

Providing populations with the right technological tools (anti-virus, firewalls, secured networks, online data monitoring…) is part of the solution, but should not go without the proper education needed to significantly decrease cyber risk. Especially since those risks are for a good part human-initiated and rely on techniques like phishing, spamming, or fake official platform designs to extort money.

This is even more true since the recent COVID-19 crisis has forced many people to embrace online shopping or remote work. Adaptation had to be quick, and this may have led potential novices down a rocky road. As a recent United Nations’ report points out, social distancing has led to a significant increase in the use of online communication by public authorities, businesses and individuals alike. Many of whom were unfamiliar with online technology at the time. As the report demonstrates, “this has presented a large, attractive and vulnerable target-set for cybercriminals to exploit.”

Even more frightening are the opportunities for online scamming that some malevolent individuals saw in the Covid-19 crisis. As is pointed out by the same report, some cyber criminals started preying on people’s fears related to the pandemic. Fake cures were offered on the internet for money, as well as non-professional medical advice. The report also shows that senior citizens were more likely to be targeted, especially through links sent by cybercriminals to download and forward ransomware through Covid-19 spam or misinformation emails.

Most of the time, cyberattacks victims do not know who to turn to or how to react properly. Not mastering online digital tools can add to their distress and anxiety. How can insurance providers help their customers deal with those concerns? They can help them find the right point of contact and help them through emergency measures. Hand in hand, they can collaborate and discuss to take the right steps towards reparation. But not only! They should not only advise their clients in case of dispute, but also, through dedicated solutions, protect them from main digital risks concerns.

The Flash Eurobarometer 2020 — a survey on “Europeans’ attitudes towards cyber security" explains that the most common concern of European citizens is the misuse of personal data.  67% are concerned about becoming a victim of the bank card or online banking fraud, 66% by the infection of devices with malicious software or identity theft and 61% are concerned by the hacking of their online social networks or email accounts. 38% have experienced cyberbullying on social media platforms and it’s probably more nowadays as e-bullying has rocketed since the Covid-19 crisis.

Protecting customers means taking into account all aspects of their needs. This may apply, for example, in the case of cyberbullying, online blackmail or harm to reputation. The psychological nature of these kinds of attacks requires proper legal advice, as well as a deep understanding of the situation. Therefore, insurance providers should grant victims considerate legal, administrative and psychological assistance. Especially since these damages are not easily measured from a simple financial point of view. Indeed, cyberattacks can have disastrous real-life consequences, some of which can impact one’s life in the long term. Identity theft and credit card scams, for example, can result in blocked accounts, debt, and undue legal pursuits. In the case of a child’s online harassment, psychological harm can spread to the whole family.In these cases, it is part of the insurer’s role to pay attention and come up with effective solutions — not just to financially repair or compensate potential damages, but to provide some psychological relief as well. 

Online hazards require double protection. Insurance providers should not only cover potential financial or material damage, but also consider the psychological costs endured by the victims. Providing individuals with the necessary information around digital good practices is key and should be the first step for better online protection. However, offering insurance products that encompass technological safety as well as financial compensation and tangible support is the only way to cover cyber-attacks in all their complexity.