Local: (805)-371-3680 | Toll Free: (800) 240-CHIV
Insurance companies are pushing back on common types of online fraud, saying it is not covered under current cybercrime policies.
In a “Business E-mail Compromise” (BEC) scam, also called CEO fraud, criminals pose as a high-level company executive, high-ranking company advisor, or trusted supplier to spoof an email message that tricks employees into making a payment, generally unauthorized wire transfers.
Over $1.2 billion in fraud has been reported by victims of the scam to the FBI and international law enforcement agencies.
In another common attack malicious software, called ransomware, encrypts all of the data on the company’s network until a ransom is paid to the hackers.
It’s what happened to Hollywood Presbyterian Medical Center earlier this month. The hospital paid a $17,000 ransom in bitcoin to obtain the decryption key to get their computers working normally.
Insurance companies have fought to avoid paying BEC scam losses and other online fraud under existing cybersecurity policies, sometimes winning and sometimes losing.
Now, a few insurers are marketing endorsements that would provide additional coverage for these specific scam losses.
The endorsements promise coverage for executive impersonation, client impersonation and impersonation of a trusted third party such as a vendor or supplier, according to Darren Teshima, a partner in Orrick’s Insurance Recovery Group.
Any company seeking to protect itself with this type of endorsement should ensure that the coverage limit equals the risk.
