Cybercrime Insurance Considerations

Bank Transfer

Cybercrime Insurance is something organizations should give consideration to, in the current age of heightened and ever-increasing cybercrime activity.  Having said this, one area to keep in mind when reviewing current or potential cyber crime coverage, is that it may not include damage caused by employees being fooled by sophisticated scams using social engineering tactics.  Even where an endorsement is available covering social engineering fraud, some schemes are not likely to be covered, such as for ‘Funds Transfer Fraud’.  If the insured organization’s employees voluntarily make a fraudulent money transfer, not knowing they are being duped into doing so, insurance coverage won’t apply. 

This situation was laid out in a recent Alberta court case between Brick Warehouse LP v Chubb Insurance Company of Canada.  In this case, two Brick employees were contacted by people claiming to be from Toshiba.  They advised that Toshiba was changing its bank account information, so The Brick updated their records.  Subsequently, more than $300,000 was paid to the false account before The Brick discovered the fraud. 

Chub denied coverage for the claim.  In The Brick’s policy with Chubb, funds transfer fraud is defined as “the fraudulent written, electronic, telegraphic, cable, teletype or telephone instructions issued to a financial institution directing such institution to transfer, pay or deliver money or securities from any account maintained by an insured at such institution without an insured’s knowledge or consent.” 

Since a Brick employee gave instructions to the bank to transfer the funds, it was done with the insured’s knowledge and consent.  The fact that they were fooled into doing so, is not the responsibility of the insurance company.  It simply points to the fact that the insured’s employees need to be better trained to spot fraudulent activity. 

Lessons to be learned from this story are:

  1. Cybercrime insurance will not provide complete protection against loss.
  2. Ongoing cybercrime security awareness training is a must. Experts agree that an organization’s people represent the greatest cyber security risk.

BSC Solutions Group offers an affordable, award-winning Security Awareness Training plan including engaging on-line training videos.  Call us to find out more. 

December 07, 2017 5:02:05 PM

Bill Boisvenue

Leave a Reply

Your email address will not be published. Required fields are marked *



Getting your computer network, phones and software applications to work shouldn’t be a monumental project;
yet we constantly hear from frustrated organizations like yours who call us when they’ve finally
had enough of the poor services and excuses from their current IT support firm.

Our offer of a FREE Service ticket is a no-risk way of introducing our services.
Let us diagnose and work on the computer problem of your choice and
find out what over 25 years of service excellence feels like.

Accepting this free offer in no way obligates you to do any further business with us but of course we hope you will!

1. Because our resources are not unlimited, the free service ticket will cover a maximum of 2 hours of remote support for 1 service issue.
2. Since customers who are the best fit for our services have a minimum of 10 computers, this free offer only applies to organizations of this size.
3. This offer applies only to organizations who are not already a customer of BSC Solutions Group.

Please fill out this form and a BSC Solutions Group “IT Guardian Angel”
will contact you within 24 hours.