One morning you’re still half asleep and you receive an email that appears to be from your bank, stating that your account has been compromised. It warns you to act quickly and includes a link that prompts you to fill out your banking details. Would you fill it out?
This is an example of a Social Engineering Fraud called ‘Phishing’. Social Engineering Fraud refers to the different ways the fraudsters use to obtain personal information. They deceive people into voluntarily performing actions including transferring of money or collecting of personal data.
Email scams are becoming increasingly sophisticated with scammers piecing together information about you from various sources including social media platforms.
Like cyber attacks, the risk of falling for an email scam cannot be completely ruled out. Even if your business has robust systems in place, it is still difficult to prevent an attack. However, there are ways to reduce the risks.
- Beware of emails asking for personal information. Phishing emails can come from someone pretending to be in a position of authority or impersonate a senior member of your business to urgently action something
- Educate employees on the risks. Make sure they know what form email scams can take and who to contact if the email looks suspicious
- Review your current anti-fraud procedures within your business
- Identify likely targets. Employees that have authority to hold large amounts of sensitive information or employees that can have access to your business accounts
Will insurance cover the loss?
Standard commercial combined insurance policies will not cover loss of money from Social Engineering. This includes extensions under a standard Directors and Officers Liability policy. However, there are specialist crime insurance policies available that may protect you from the financial consequences of this form of fraud.
If you would like to discuss this further and what insurance options are available to you, please contact me.