An email is received instructing the transfer of money. It appears legitimate—from the CEO, CFO, or trusted vendor with instructions to initiate a wire transfer. No red flags are raised. The money is wired but the email was fraudulent. Unsuspecting businesses are falling victims to what is essentially a modern day con job. According to the FBI, “companies across the globe lost more than $1 billion from October 2013 through June 2015 as a result of such schemes.” The Wall Street Journal reported on one such company, Mega Metals that lost $100,000. Mega Metals, Inc is a 30 year old company with 30 employees.
What should you do from a both a preventive and reactive standpoint?
The best scenario is one in which the attempted fraud is detected and stopped. Alert and educate your employees so that they can be on the lookout for these schemes. One of our carrier partners has published a risk management brochure, the Guide to Preventing Social Engineering Fraud, by Chubb Insurance. Here are some of their recommendations:
- Never release confidential or sensitive information to someone you don’t know
- Establish procedures to verify incoming checks and ensure clearance prior to transferring money by wire
- Establish call-back procedures to clients and vendors for all outgoing fund transfers
- Verify any changes to customer or vendor details
- Be suspicious of unsolicited emails
- Avoid responding to any offers made over the phone or via email
- Be cautious in situations where a party refuses to provide basic contact information
If all of the loss prevention measures fail and your business becomes a fraud victim, is your business insured?
Even though most business policies contain an extension of coverage labeled “Crime Insurance” this is usually intended to provide a small limit of liability for Employee Dishonesty losses only. The good news is that insurance coverage is available from several carriers designed specifically to cover this type of loss.
These crimes are successful because they exploit human qualities of trust, helpfulness and fear to manipulate people. Even with proper precautions prevention may not be enough.
Download our free e-book, Understanding Cyber Liability Insurance, or contact a knowledge broker to ensure that coverage is in place should your business become a victim.