Janvi Mehra, a 33-year-old marketing professional from Pune, recently ordered a luxury handbag from what seemed like a legitimate online store she found on social media. The website had glowing reviews and a sleek interface. She paid ₹18,000 through UPI. But days turned into weeks, and the bag never arrived. Customer support vanished, and the website disappeared. Janvi had fallen prey to an online shopping scam.

A personal cyber insurance policy has gained significance as cybercrimes—phishing, fake websites, payment fraud, and identity theft—have become an everyday affair. These policies are designed to protect individuals from financial losses arising from cyberattacks, fraud, and identity theft. In Janvi’s case, her cyber insurance policy helped her recover the ₹18,000 she lost, minus a small deductible. Her insurer reimbursed the amount after she filed an FIR and submitted proof of the transaction and communication with the fake seller.

Amarnath Saxena, chief technical officer-commercial, Bajaj Allianz General Insurance, says, “A personal cyber insurance policy typically covers financial losses resulting from phishing and online fraud. These scams often involve fraudsters impersonating banks or trusted sources to steal confidential data that can lead to financial loss.”

Consider another common scenario. Fraudsters, posing as bank employees, may already possess some of your account details and then send a fake email or message asking you to complete your KYC. The link they share often looks authentic and displays your bank details to gain your trust. If you enter your login credentials on such a site, you’re unknowingly giving scammers access to your bank account.

“We compensate you for any direct and genuine financial loss you suffer due to an online transaction made using your valid payment card, mobile wallet, net banking, or similar method,” says Saxena. “This applies when a fraudulent seller tricks you into buying goods or services that were never delivered. However, you must show that you made reasonable efforts to recover the money or get a refund from the seller.”

However, it’s important to note that cyber insurance doesn’t cover everything. Losses arising from negligence, such as sharing passwords or OTPs, are typically excluded. The policy also does not reimburse unauthorised transactions that occurred before the coverage began or those carried out on suspicious or blacklisted platforms. If the losses stem from business-related cyber activities under a personal policy, they aren’t covered either. Compensation for mental anguish or emotional stress is limited to what's specified in the policy. Additionally, if the insured knowingly engages in risky activities, such as gambling or trading on unregulated websites, any resulting losses will not be eligible for a claim.

While cyber insurance is a valuable financial safety net, staying alert is just as important. “Avoid sharing confidential information online, via email, SMS, or over calls, as it can lead to financial losses,” Saxena warns. “Always use official websites or apps from genuine sources and verify URLs before entering any confidential information. Being cautious and informed is your first line of defence against online fraud.”

Kishan Sundar, Senior Vice President & Chief Technology Officer, Maveric Systems, said, “Cyber insurance has become a necessary tool for individuals and businesses to combat the rising digital threats, which range from consumer scams to complex corporate attacks. BFSI organizations can embed cyber awareness and protection directly into their digital systems to better serve retail and business customers.”