Wire transfer fraud costs companies and family offices billions of dollars in the United States. As of 2019, wire fraud through email has cost corporations $26 billion dollars, making it one of the costliest cyber crimes. With an increase of employees working from home during COVID, hack attempts and wire transfer fraud has increased substantially throughout 2020.
What is wire transfer fraud?
Wire transfer fraud typically involves a hacker or other criminal that impersonates a senior level employee or individual requesting other staff members to wire money to an account.
Here are 5 steps you and your organization can take to help prevent wire transfer fraud:
1. Fraud Training
It is vital that staff, employees, and even individuals on a personal basis know how to identify fraud. Successful families and clients with a large number of assets are much more likely to be targeted and be victims of online fraud, too. Training can help ensure that everyone knows what to look out for.
Here are some common red flags of phishing or wire transfer fraud to look out for:
- Urgent requests from CEOs or high-level employees
- Insistence from the sender on email communication only, refusing phone conversations
- Grammatical / spelling errors or strange words or phrases
- Return email addresses or domain names are different or incorrect
2. Wire Confirmations
Wire confirmations are an easy way to help stop fraud. Make sure that any requests for wire transfers are confirmed ahead of time with a phone call. Use phone numbers from prior correspondence with the vendor or organization and confirm any changes to the account information directly over the phone.
3. Segregation of Duties
Make sure that more than one person is responsible for the outgoing payments or funds transfers. This helps ensure that the entire process is not controlled by one person – helping to stop wire transfer fraud before it occurs.
4. Regular Security Audits
Security audits are important and should be completed by your IT vendor or provider. There should be a checklist in place to make sure that your organization is following the best practices to help prevent wire fraud.
5. Cyber Insurance Coverage
Cyber insurance coverage is important to businesses and individuals to help relieve the financial burden of a loss due to wire transfer fraud. However, it is important to work directly with your trusted insurance advisor to ensure that your cyber insurance provides coverage for wire transfer fraud and social engineering.
There are steps you can take to help prevent your organization or your household from being a victim of wire transfer fraud. If you are interested in learning more about the cyber coverage products that we offer at Evarts Tremaine, please contact us today.
Use the yellow hot spots and explore how cyber liability insurance can help protect against common risks.
The Internet has spun a whole new web of liability exposures. E-commerce, social networking, cloud storage, and other technologies bring great benefits to large and small businesses alike. But with these benefits also come challenges, including protection of privacy, data, and financial information of your customers. If this information is lost, stolen, or compromised, your company is at risk. In fact, you may even be required by law to alert those impacted by the breach and to pay for any financial loss incurred.
Cyber liability coverage offers protection due to unauthorized access of electronic data or software within your network. It also provides coverage for spreading a virus, computer theft, extortion, or any unintentional act, mistake, error, or omission made by an employee. This coverage is quickly becoming more and more important as you embrace technology to help run your business.
If your company is faced with a data breach or cyber-attack, you may be forced to cover breach-related expenses such as crisis management, hiring a public relations firm to manage a data breach incident, costs associated with forensic analysis, the cost of repairing and restoring computer systems if there is a virus that destroys business software and data, and the loss of business income resulting from a data breach.
First-party coverage will insure your business for losses to your own data or lost income or for other harm to your business resulting from a data breach or cyber-attack. This coverage will pay you for things like business interruption, the cost of notifying customers of a breach, and even the expense of hiring a public relations firm to repair any damage done to your image as a result of a cyber-attack. Having this funding available in the event of a crippling hack can keep the lights on till you’re able to resume your normal business operations.
What would you do if an email virus impacted the operation of your database and prevented you from serving clients for a day or more? Or what if a hacker or cyber-criminal caused a system outage or extended downtime, leaving your business inoperable? These and other events can destroy your ability to serve clients and bring in revenue, which can have a major long-term impact on the viability of your business.
Business interruption insurance compensates you for lost income if your company cannot operate as normal due to disaster-related damage that is covered under your commercial property insurance policy, such as data breach or cyber-attack. Business income insurance covers the revenue you would have earned, based on your financial records, had the disaster not occurred. The policy also covers operating expenses, like electricity, that continue even though business activities have come to a temporary halt.
If your business handles sensitive customer data (such as email lists, credit card records or other files), data breaches pose a serious threat to your financial stability. A lawsuit resulting from a data breach means your business is responsible for paying legal fees, court-ordered judgments or settlements and other court-related costs.
Third-party coverage protects you in the event of a lawsuit brought by a customer or partner for a data breach that your business' actions or negligence allowed.
If your business experiences a data breach or violation of confidential information during regular business operations, you may be found in violation of privacy laws and be required to pay fines for the violations or other regulatory issues.
You may be eligible for regulatory claim coverage which would offer protection in response to proceedings related to disclosure laws and other governmental actions that can result in defense costs, fines and/or penalties. Coverage does vary and may be restricted by local law.
If hackers gain control of critical systems, they may demand a ransom be paid to avoid additional consequences. Sometimes these can be empty threats, but it’s impossible to know for sure. Paying the ransom can be costly. Taking a chance by choosing not to pay can sometimes put a company out of business.
Coverage for ransom and cyber extortion can be included in cyber liability policies and can help cover the cost of ransom to regain control of network systems. This is often not included in a standard policy, may include a separate sublimit and deductible, and may require adherence to certain conditions set forth by the insurer.