Social Engineering Fraud Insurance – What To Look For
|Click here for an insurance quote OR call us toll free at 1-866-287-0448|
Social engineering fraud is becoming increasingly common in recent years. And while many instances of this type of fraud transpire over email communications, it’s a company’s crime policy—not a cyber policy—that would often provide coverage in the event of a social engineering fraud loss. It’s important to understand your crime policy coverages as well as what endorsements you might want to obtain to make sure social engineering fraud doesn’t leave your company exposed.
4 Common Social Engineering Frauds
While a number of variations are deployed by fraudsters, most instances involve the following elements:
- A targeted approach. Criminals research their targets, purchase authentic-looking domains, manufacture email chains and even resort to making phone calls, to make their requests seem authentic.
- A request for something specific from the target, either money (often in the form of a wire transfer) or information (such as a list of vendors, routing numbers, etc.).
- The application of social pressure. To bypass in-house safeguards and redundancies, criminals apply pressure by imposing a time constraint, demanding secrecy or simply flattering the ego of the target by including him or her in on an important business transaction.
- The disappearance of the hacker. Once the criminals obtain what they want, they disappear with the information or money—things that the company won’t miss until it’s too late.
Cyber Policy vs. Crime Policy
It may seem counterintuitive, but social engineering fraud is usually not covered by a cyber policy. Even though this fraud often involves emails and wire transfers, cyber policies are not designed to cover them.
Cyber policies cover losses that result from unauthorized data breaches or system failures. Social engineering fraud generally depends on these systems working correctly in order to communicate with an organization’s employees and transfer information and/or funds.
Meanwhile, crime policies cover losses that result from theft, fraud or deception. Because the underlying cause of a social engineering related loss is fraud, a company would claim a loss under its crime policy rather than its cyber policy.
Social Engineering Fraud Endorsements
Some insurers have started offering social engineering fraud endorsements to their crime and fidelity policies. The insurance agreements might go by different names, but they’re all intended to make limits and liabilities explicit for both the insured and the policy issuer.
|We’re ALIGNED Across Canada 100% Canadian owned, ALIGNED is a premiere insurance brokerage that serves small, medium and large organizations. ALIGNED’s offices in Toronto, Calgary and Vancouver are supported by a national operations centre in Cambridge, Ontario. As one of Canada’s fastest growing insurance brokerages, we invite you to learn more about us and connect @ALIGNEDonRisk, on Facebook or LinkedIn.|
Sources: Adapted from Coverage Insights © 2016 Zywave, Inc. All rights reserved. This Coverage Insights is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice.