By Nicholas B. Reuhs, Ice Miller LLP
Phyllis works for an accounting department in a business that occasionally conducts transactions with overseas entities. Eventually she receives an e-mail from the company’s CFO requesting that she transfer money to an overseas bank account to help close an important and urgent deal involving the company’s acquisition of new assets. The fact that the CFO has e‑mailed Phyllis is not unusual, nor is the fact that she asked Phyllis to transfer company money overseas out of the ordinary. In fact, the e-mail looks identical in format and tenor to others Phyllis received in the past. Unfortunately for Phyllis and her employer, in this case fraudsters have broken into a company e-mail account and identified company officers with financial authorization responsibilities and employees with control over financial assets and accounts. They have duped one of those employees – Phyllis, in this case – into following what seem like typical orders. However, unlike a typical transaction, Phyllis has been directed to transfer funds to an overseas account that will be emptied by the fraudsters shortly after her deposit is made.
Phyllis and her employer are the victims of a sophisticated type of phishing scam known as Business E-mail Compromise (BEC). BEC scams affect businesses of every size and industry. According to the FBI, over 17,600 victims reported crimes with losses totaling more than $2.3 billion between October 2013 and February 2016. And this type of fraud is increasingly common; since January 2015, the FBI has witnessed a 270 percent increase in identified victims and exposed loss.
Once the fraud is discovered, a company like the one Phyllis works for will naturally turn to its insurer, confident that its commercial property policy’s provisions on Funds Transfer Fraud will cover this fraudulent act. However, over the last few years a growing number of insurance companies have claimed that BEC and similar scams are beyond the scope of traditional Funds Transfer Fraud coverage. The insurers rely on the language of the policy itself, which was written at a time when Funds Transfer Fraud schemes involved an imposter attempting to dupe the bank, not the business itself, into transferring funds away from client accounts.
Read more here.
If you would like to submit content or write an article for the Insurance Coverage Section page, please email Kara Sikorski at firstname.lastname@example.org.