<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1602061480087256&amp;ev=PageView&amp;noscript=1">

R&R Insurance Blog

Beware of Fraudulent Wire Transfer Instructions

Posted by the knowledge brokers

Computer_Cyber_CrimeIt’s happening more often and to more businesses, regardless of the size or type of business.

An email is received instructing the transfer of money. It appears legitimate—from the CEO, CFO, or trusted vendor with instructions to initiate a wire transfer. No red flags are raised. The money is wired but the email was fraudulent. Unsuspecting businesses are falling victims to what is essentially a modern day con job. According to the FBI, “companies across the globe lost more than $1 billion from October 2013 through June 2015 as a result of such schemes.” The Wall Street Journal reported on one such company, Mega Metals that lost $100,000. Mega Metals, Inc is a 30 year old company with 30 employees.

What should you do from a both a preventive and reactive standpoint?

The best scenario is one in which the attempted fraud is detected and stopped. Alert and educate your employees so that they can be on the lookout for these schemes. One of our carrier partners has published a risk management brochure, the Guide to Preventing Social Engineering Fraud, by Chubb Insurance. Here are some of their recommendations:

  1. Never release confidential or sensitive information to someone you don’t know
  2. Establish procedures to verify incoming checks and ensure clearance prior to transferring money by wire
  3. Establish call-back procedures to clients and vendors for all outgoing fund transfers
  4. Verify any changes to customer or vendor details
  5. Be suspicious of unsolicited emails
  6. Avoid responding to any offers made over the phone or via email
  7. Be cautious in situations where a party refuses to provide basic contact information

If all of the loss prevention measures fail and your business becomes a fraud victim, is your business insured?

Even though most business policies contain an extension of coverage labeled “Crime Insurance” this is usually intended to provide a small limit of liability for Employee Dishonesty losses only. The good news is that insurance coverage is available from several carriers designed specifically to cover this type of loss.

These crimes are successful because they exploit human qualities of trust, helpfulness and fear to manipulate people. Even with proper precautions prevention may not be enough.

Download our free e-book, Understanding Cyber Liability Insurance, or contact a knowledge broker to ensure that coverage is in place should your business become a victim.

R&R Insurance Cyber Liability eBook

Topics: Cyber Liability, electronic crime, Business Insurance, Crime

Social Engineering Fraud: The Latest Trend of Money Theft

Posted by the knowledge brokers

MoneyIn case you haven’t heard of this, it is the latest trend in the theft of money that is NOT covered by either a Crime Policy or a Cyber Policy. Here is a description of how it works.

 

The accounts payable clerk receives an email from the company president directing him/her to transfer money to an account in China. Since the company regularly transacts business in China and the email came from the president, the clerk proceeds with the transaction. However, it turns out that the email was never sent by the president. Another example is that the company has a contract with ABC janitorial service. The accounts payable clerk receives an email from ABC indicating that they have changed their banking relationship and to direct all future payments to a different bank (including routing numbers/account number, etc.). Time goes by and ABC contacts the company and inquires why their account is 3 months past due. Turns out that ABC never sent the email changing the banking information.

These instances are not covered under a commercial crime as the policy was designed to cover theft perpetuated without the insured’s knowledge or through unauthorized access or fraudulent funds transfer by an imposter. There is no hacking, virus, unauthorized access to the network, etc. that would trigger any cyber coverage. These are examples of gullible employees who fail to follow procedures or assume that because they received an email it has to be true. A new version of “The Sting.”

For information on how to protect your business, contact a knowledge broker at R&R Insurance.

R&R Insurance Cyber Liability eBook

Topics: Cyber Liability, Business Insurance, Crime