Cyber Insurance Blog

Cyber Crime vs. Social Engineering Fraud - What You Need to Know

Cyber Crime vs. Social Engineering Fraud - What You Need to Know

Get Protected and Learn the Difference Between Cyber and Crime Insurance

Many people don’t realize there is an overlap and gap in coverage between Cyber Policies and Crime Policies.

Coverage for both fund transfer fraud and social engineering fraud can be obtained through both Crime/Bonds and Cyber policies, depending on your carrier and class of business. There has been an increase in losses due to social engineering crime, and At ProWriters, we have seen many companies realize too late that they did not have the proper coverage. They also failed to realize the right coverage was available in the market. That’s why understanding the difference between cyber and crime insurance is more important than ever before.

What Is the Difference Between Cyber Crime and Social Engineering Fraud?

  • Cyber Crime—Fund Transfer Fraud (Traditionally found on a Crime / Bond)
    Fund transfer fraud involves a malicious system attack or hack that enables the attacker to use banking information to transfer funds. This often involves a hacker invading a network or system, stealing usernames and passwords, and using that information to transfer funds out of a target bank account. In most cases, by the time the victim realizes what has happened, the funds have already disappeared.
  • Social Engineering Fraud (Deception / Fraudulent Instruction / Impersonation)
    Social Engineering Fraud generally involves a cyber criminal using a phishing scheme to deceive a target into voluntarily giving away funds to a third party. This is often called “voluntary parting of title” and is not covered by a Fund Transfer Fraud insurance agreement. These social engineering attacks are often referred to as “Business Email Compromise” or “BEC” scams.

In short, fund transfer fraud involves a malicious hack, while social engineering crime happens when the insured is tricked into transferring funds.

social engineering fraudSocial engineering attacks and subsequent claims happen every day and affect everything from small nonprofits to large, sophisticated companies. Ubiquiti Networks, a technology and communications company, is an example of this trend. The company was a victim of a social engineering attack that cost Ubiquiti Networks more than $39 million. The right coverage can minimize the damage from an attack like this.

Coverages offered vary depending on the carrier. While most good crime forms will offer the fraudulent fund transfer coverage as an optional coverage, many will only offer the social engineering fraud coverage with a small sub-limit and for certain classes of business. Additionally, most coverage only applies to the insured’s own funds. Only a few carriers will provide coverage for client funds.

Good cyber carriers may offer social engineering fraud coverage, but not on all classes of business. Banks, for example, may have their crime coverage with a crime market that does not have the ability to offer a social engineering fraud sub-limit. Even if both cyber and crime markets can offer the coverage, there may be different attachment points and coverage triggers along with very different definitions and different claims handlers managing the claim.

It’s important to be aware of the difference between cyber and crime insurance. Social engineering fraud claims are rapidly expanding and while the coverage in the market is limited, it should still be offered.

ProWriters Can Help

Anyone can offer you a quick cyber quote or claim to be an expert. Make sure you are going to a legitimate expert like President of ProWriters Brian Thornton, who can explain these exposures and coverages in detail.

Brian has extensive experience in cyber insurance. Over the course of his career in the industry, he has:

  • Trained underwriters, brokers, and agents
  • Developed cyber underwriting manuals and rating guides
  • Written cyber insurance policy forms
  • Been a regular speaker at cyber risk conferences
  • Launched a Cyber Managing General Agent (MGA)
  • Built close relationships with all of the top cyber markets and service providers
  • Designed customized cyber programs for many agents and groups

Cyber crime and social engineering fraud coverages are complex—but they don’t have to be. See what a cyber expert can do for you and Contact ProWriters today.

Subscribe to Our Monthly Newsletter!

Retail vs. Wholesale Brokerage

Experts Weigh In

Get the eBook