New cover launched
13 Mar 2017
JLT Specialty (JLT) has launched a Crime and Social Engineering (CASE) insurance policy which it said followed a rise in businesses asking about the availability of such cover.
The broker detailed that just as cyber-attacks are growing so social engineering fraud impacts businesses globally affecting all sectors and sizes of companies.
JLT listed that social engineering fraud involved fraudsters persuading employees to make significant payments, working around internal controls and processes.
It explained that the fraudsters would pose as clients, services providers, vendors, suppliers, and other trusted parties - even from within the same company.
The firm added that social engineering attacks can also take advantage of IT security by encouraging employees to download malicious software (malware) that will allow them access to a firm's IT systems.
According to JLT, common tactics include persuading employees to reveal confidential information such as company bank details and passwords or other insider details that will then assist them in seeming more credible for the next planned attack.
The broker noted that publicly reported cases of large losses are infrequent but claimed that attacks were not unusual.
It cited figures showing that businesses estimate typical losses as a result of fraud at five per cent of revenues.
JLT further highlighted that insurers look to protect their own exposure to social engineering fraud by excluding, restricting or sub-limiting within standard commercial crime policies.
The new policy, backed by a panel of insurers, offers:
• Affirmative and broad coverage for social engineering events;
• All risks crime coverage, including theft of assets, social engineering, extortion; criminal damage;
• Cover for new acquisitions, reducing the need for companies to be involved in administration; and
• Limits respond to each crime, there is no annual limit on cover.
Kurt Rothmann, senior partner at JLT Specialty said: "As with cyber, social engineering attacks are a global issue and one which is a growing threat for companies of all sizes, from multinational firms to local traders.
"In the past criminals have focussed on committing fraud through IT systems, but as a result of technology becoming more sophisticated, staff have found themselves increasingly targeted. With all employees only being one email away from a fraudster, a significant breach is not a question of if, but when."
He concluded: "While cover for social engineering fraud has not been a core purchase for risk managers to date, we've seen the uptake for this insurance cover rise as successful scams become increasingly commonplace, despite robust controls and procedures."
- Insurance Age