The Severe Consequences of Social Engineering and Wire Fraud

Many companies across all industries are experiencing numerous social engineering attacks that are creating widespread negative impacts. Social Engineering Fraud occurs when a fraudulent party acts as a legitimate business associate, vendor, client or employee. In the process, this fraudulent party will trick an employee at the targeted organization via email, fax or telephone to transfer money or securities. These types of requests occur daily and thankfully, many are able to spot the erroneous request and ignore it but others do not see the warning signs and transfer money to the wrong person.

A recent article dives into the issues of Social Engineering and how this topic has impacted the legal industry. From a coverage perspective, which policy would cover a fraudulent wire transfer from a law firm? Is it covered under Lawyers Professional Liability, Crime, or even Cyber? Ultimately, the incident could impact any of these policies or all three! It depends on the incident, the specific facts of the wire fraud and many other factors. This is extremely important for organizations to proactively consider these threats so they can appropriately structure their insurance program to ensure that they would be covered if a social engineering/wire fraud incident were to occur.

Whenever an employee needs to conduct a legitimate wire transfer, there are some important points to remember to ensure you are not the victim of a social engineering attack.

If you determine that you are the victim of Social Engineering Fraud on a wire transfer, notify your bank and the FBI IC3 – Internet Criminal Complaint Center immediately. The FBI IC3 recently reported that they have been successful in recovering funds 75% of the time— as long as they are quickly notified of the incident. If not reported quickly, the money may be lost.

As Social Engineering Fraud continues to develop and increase in frequency and severity, organizations need to understand their potential exposure for this type of loss. Contact an RCM&D advisor to review your current insurance program and help to ensure that you have insurance coverage in place to help respond to this type of loss should your organization become a victim of Social Engineering and Funds Transfer Fraud.