Cyber Insurance Blog

Funds Transfer Fraud vs. Social Engineering Fraud—What’s the Difference?

Both funds transfer fraud and social engineering fraud are ways cyber criminals affect transfers of an organization’s money. Although both types of fraudulent activity can lead to financial loss, they aren’t synonymous.

Increasingly, companies falling victim to both kinds of fraud realize too late they didn’t have proper coverage. They’re also failing to realize the right coverage was available.

At ProWriters, our experts are well-versed in the difference between funds transfer fraud vs. social engineering fraud. We can help you educate your clients so they’re confident they have the coverage they need, in the amounts they need.

Defining Funds Transfer Fraud

Funds Transfer Fraud (also known as “cyber crime fraud”) involves a malicious hack or system attack in which a bad actor obtains a company’s legitimate usernames, passwords, or other banking information. The attacker then uses that information to transfer funds out of a target bank account. Usually, by the time the victim realizes what’s happened, their funds are long gone.

Hackers often use malware programs to steal the credentials they need. They can also send phishing emails designed to trick recipients into providing login credentials or financial details.

Defining Social Engineering Fraud

Social Engineering Fraud (also known as “deception,” “impersonation,” and “fraudulent instruction”) involves deceitfully manipulating individuals into disclosing sensitive and confidential information that the criminal can use to commit fraudulent activities.

Such manipulation often takes the form of the criminal impersonating an individual, vendor, or other third party who has a legitimate right for the information. This impersonation often happens in emails. The sender pretends to be a senior executive or trusted business partner requesting urgent funds transfers. Such schemes are referred to as “Business Email Compromise” (BEC) scams.

Comparing and Contrasting Funds Transfer Fraud and Social Engineering Fraud

Businessman holds tablet computer that displays skull and crossbones image captioned “PHISHING.” When distinguishing funds transfer fraud vs. social engineering fraud, the key difference is that funds transfer fraud involves a malicious hack of systems or accounts. Social engineering fraud, on the other hand, is “human hacking.” It relies on “human error or weakness rather than technical or digital system vulnerabilities,” as IBM explains.

Both types of fraud can have devastating financial consequences for victims. Detecting and recovering from both can be difficult. For this reason, having the right insurance policy in place is crucial.

Explaining Funds Transfer Fraud Coverage and Social Engineering Fraud Coverage

Image of bank building. Banks’ Crime coverage may not include recourse for recovering stolen operational funds. As cyber threats continue to proliferate, both funds transfer fraud coverage and social engineering fraud coverage are essential for businesses.

Funds transfer fraud coverage typically covers losses incurred as a result of unauthorized electronic funds transfers. Social engineering coverage protects against losses from deceptive schemes manipulating individuals into transferring funds or providing sensitive information.

Most forms of Business Crime Insurance will offer the option of funds transfer fraud coverage. When they offer social engineering fraud coverage, however, the sublimit is usually small and restricted to certain classes of business.

Why do companies need both?

Even though funds transfer fraud can start with a deceitful phishing email, carriers often consider giving away private information or authorizing funds via wire transfer as a result of such email a “voluntary parting of title.” A funds transfer fraud agreement won’t cover this “voluntary” element, as opposed to a brute force electronic hack.

Additionally, some carriers will offer coverage for client funds, but not an organization’s own operational funds. This distinction can leave some classes of business with no recourse for recovering their own funds. For example, banks may have Crime coverage in a market that can’t offer a social engineering fraud sublimit.

Cyber Liability Insurance policies can cover losses due to both funds transfer fraud and social engineering. However, insured parties must carefully review such definitions and such details as attachment points, coverage triggers, and different claims handlers managing the claim.

ProWriters Helps You Secure the Coverage Your Clients Need

Insurance broker displays funds transfer fraud coverage policy details to her client on a tablet computer. Mastering the nuances of funds transfer fraud vs. social engineering fraud can be complicated. But the specialists here at ProWriters can explain the exposures your business clients face and the coverages available to them in detail.

Our proprietary Cyber IQ Comparative Rate Platform equips you to research and prepare multiple Cyber Insurance quotes from the industry’s leading carriers in a matter of minutes. It will save you effort and time as you find policies that contain the funds transfer fraud coverage and social engineering fraud coverage your clients need.

To find out more about all the ways we can help you meet your clients’ fraud coverage needs while growing your book of Cyber business, schedule a time now to talk with us.