Insurance staff 'being targeted by data-theft criminals'

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.insurancetimes.co.uk/insurance-staff-being-targeted-by-data-theft-criminals/1404765.article

Fraudsters are trying to lure insurance staff into criminal activity by
offering vast sums of money in return for client data, a Fraud Charter
meeting heard yesterday in Westminster.

Susan Evans, the fraud operations manager at Admiral said their staff had
been targeted in what is becoming an industry wide problem.

The fraudsters could use the data for a variety of crimes such as identity
theft, pursuing fraudulent insurance claims or selling the data for a high
price to their criminal brethren.

Evans added: “The selling of data alone is something I think the industry
is failing to keep a handle on.

“In the last three months we have had about four instances where approaches
have been made directly to staff, asking for Admiral data to be released to
them and those are the ones we know about.

“How on earth do we find out about the ones we don’t know about? The
worrying thing is the unknowing unknowns.”

The delegates also called for tougher regulation of doctors and solicitors
involved in the accident and claims procedure.

The question asked was to what extent ‘professional enablers’ in these
professions were deliberately involved in fraud and what was being done to
tackle the issue.

Paul Priestley, head of counter fraud at Hastings Direct, said: “Regulation
is not joined up. Unless there is an independent panel of experts it is
going to be the same accident management companies that will go to the same
medical doctor. Someone needs to be looking at their credentials.”

A number of cases highlighted, included one in which a medical doctor was
known to have been a co-director of an accident management company, while
in another, a series of medical reports by a doctor showed him to be in two
parts of the country at the same time.

Donna Scully, a partner at Carpenters law firm, said:  “There are clearly
solicitors who are turning a blind eye and it is tarnishing the reputation
of the good ones. It is frustrating that more cannot be done.”

The future regulation of private investigators which is likely to come into
force next year Autumn, was wholly welcomed, but was criticised for its
‘vaguery’ on where the lines would be drawn.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.