Wire Fraud Scam Getting Worse: New Twist

Here is a recent situation which unfortunately impacted one of our clients and worth sharing in the hope that increased awareness will limit the chance of this happening again. This situation is a twist on the traditional wire fraud scam and shows how far the bad guys are willing to go to steal from your clients.

The title company involved on a transaction was breached by bad guys who found out the specifics of a closing coming up at our insured’s real estate agency.  Instead of the bad guys sending a fraudulent email posing as the title agency they called the agent of the buyer to communicate the updated wiring information for the funds needed to close.  The realtor took the telephone call thinking it was the title company and relayed the information to the buyer who in turned wired the closing funds to a fraudulent bank account.  Luckily a majority of the funds were recovered but not after considerable effort and expense. What makes this more concerning than most wire fraud situations is that neither the E&O policy or the Cyber Liability policy were willing to cover the lost funds.

What makes this different?

An important distinction here is that bad guys are learning that real estate agents are not trusting email as a communication tool for wiring instructions and are adapting by making telephone calls, falsely representing the title company. This is a disturbing new development. Please communicate this to your agents.

How did their liability policies respond?

  • Cyber liability policies are triggered when the insured has a situation where a breach is suspected. In this situation, the cyber policy triggered to provide forensic services to determine the origin of the breach which ended up being the title company. At that point, the policy stops covering any liability since the insured’s systems were not compromised. It is worth noting that even if the bad guys sent an email from the title company to the agent, instead of the telephone call, the cyber policy would not have provided cover for the same reason. No Breach No Cover.
  • The E&O policy has a specific exclusion for any liability resulting from wire transfers. These exclusions are becoming more common in E&O policies since carriers are not interested in the exposure related to wire transfer fraud.

What can you do to protect yourself?

  • Do not get involved in any communication of wire instructions to your client. This includes text messages, email and telephone calls.
  • Create a Fund Transfer Pledge with your clients.
  • If you receive communication regarding a closing, be sure to call the related party by dialing a number that is NOT part of the recent communication since it is likely that telephone number goes directly to the bad guys. Call another number you have on file.

Cyber Liability Policy Section Review: Part 3

The 3rd and final subsection in the policy is focused on 1st party Crime exposures. Money or computer assets that you (the insured) have lost as a result of a breach or deception.

  • Under the Cyber Extortion sub section, the carrier pays funds (minus the deductible) to cover extortion payments or expenses from a cyber criminal’s demand. There are several examples of cyber extortion, many don’t make the news but the recent ransomware WannaCry attack is a good example. The common thread of these attacks: the bad guys take control over some important computer system and make you pay $X before they give you back control. Here are some interesting examples from some large companies.
  • Under the Electronic Transfer Fraud sub section, the carrier will pay for your loss of funds directed from a financial institution to transfer, pay, or deliver funds from Your Account. This is a situation where the bad guys figure out how to gain access to your financial accounts and steal your money by sending it to themselves.
  • Under the Deceptive Transfer Fraud sub section, the carrier will pay for your loss of Funds resulting directly from Your having transferred, paid or delivered any Funds from your account as the direct result of an intentional misleading request. This is commonly referred to as Social Engineering or Confidence Scams – the hacker has essentially exploited common confidence in a party (boss to an employee) in order to deceive you into transferring funds.  The classic example is an employee wire transfers money to a vendor per an email request from the CFO but the request was a fraudulent email from the bad guys how have hacked into the email system.
  • Under the Telephone Toll Fraud sub section, the carrier will pay for a loss of funds resulting directly from charges you incur for voice telephone -long distance toll calls which were incurred due to fraudulent use or fraudulent manipulation of an Account Code or System password. This is a very specific coverage to deal with the situation where the bad guys have routed all your call traffic through toll number they control resulting in large fees being incurred. The insured would get an unusually large bill from the telephone provider because of the inflated toll traffic.

*Based on policy information provided by: Victor O. Schinnerer & Company, Inc.

Unsupported Software: Does your Cyber Liability policy have this exclusion?

If so, you may be in a situation where your policy does not provide coverage due to an unsupported software application running on your computers. All software eventually reaches a point where it is no longer supported by their author which presents a security risk for you. It is all part of the life cycle of software and it is time for you to upgrade to the latest and greatness stable version.

Window 7 ended “Mainstream Support” on January 2015. Which means no free support, no patches unless there is a material security risk. The next level of unsupported software is called “Extended Support” which is normally 5 years after Mainstream Support starts. This means that Windows 7 will fall into this “Extended Support” category in 2020. This is not far off and by then you should be upgraded. Today many of us are still using Internet Explorer which is already in the 3rd level of unsupported software called “Cease of Support”. This level started for IE in January 2016, so every year you are still using IE it gets less safe and more vulnerable.

There is no doubt that we all have IT work to do so we can stay current but that should not impact your cyber liability coverage. If your cyber liability policy has an unsupported software exclusion or condition it is possible for the carrier to deny a claim based on the current support status of your applications.

The cyber liability policy we quote via Victor O. Schinnerer/ ACE does not have an unsupported exclusion or condition.

*Based on policy information provided by: Victor O. Schinnerer & Company, Inc.