Social Engineering Fraud Coverage
Social engineering fraud coverage is for social engineering fraud (SEF), which is a type of fraud that’s become increasingly common over the last several years. However, even though many instances of this fraud transpire over email communications, it’s a company’s crime policy—not a cyber policy—that would often provide coverage in the event of a social engineering fraud coverage loss.
That’s why it’s especially important to understand your crime policy, how it might cover SEF, why it might not, and what endorsements you might want to obtain to make sure SEF doesn’t leave your company exposed.
How Social Engineering Fraud Coverage Works
There are a number of variations on the theme, but most instances of SEF involve the following elements:
- A targeted approach. Criminals will research their targets, purchase authentic-looking domains, manufacture email chains and even resort to making phone calls, all in an effort to make their requests seem authentic.
- A request. The preparation is in service of obtaining something from the target, either money (usually in the form of a wire transfer) or information (such as a list of vendors, routing numbers, etc.).
The application of social pressure. In order to bypass in-house safeguards and redundancies, the criminals apply pressure by imposing a time constraint, demanding secrecy or simply flattering the ego of the target by including him or her “in” on an important business transaction.
- The disappearance of the hacker. Once the criminals obtain what they want, they disappear with the information or money—things that the company won’t miss until it’s too late.
Cyber Policy vs. Crime Policy
It may seem counterintuitive, but SEF is usually not covered by a cyber policy. Even though this fraud often involves emails and wire transfers, cyber policies are not designed to cover them:
- Cyber policies cover losses that result from unauthorized data breaches or system failures. SEF actually depends on these systems working correctly in order to communicate with an organization’s employees and transfer information or funds.
- Crime policies cover losses that result from theft, fraud or deception. Because the underlying cause of a loss in SEF is fraud, a company would claim a loss under its crime policy, provided it included a social engineering fraud coverage extension, rather than its cyber policy.
|ALIGNED Across Canada
100% Canadian owned, ALIGNED is a premiere insurance brokerage that serves more than 1,400 clients across the country. ALIGNED’s offices in Toronto, Calgary and Vancouver are supported by a national operations centre in Cambridge, Ontario. Uniquely within the industry, ALIGNED creates, negotiates and delivers the best business insurance and risk management strategies/solutions to organizations like yours.