Cyber fraud versus human fraud
Fraud with payment instructions, also known as identity fraud or social engineering fraud, means that fraudsters use official e-mail communication to encourage employees to transfer money from their employer to their account. Sometimes, they are, even asked to transfer funds from third parties.
Because computers and e-mails are involved in this form of fraud, many people assume that it is cyber fraud. However, this is not correct. In order for there to be cyber fraud and for the cyber fraud insurance to intervene, cyber security and therefore IT systems must be, compromised. Think of theft of data, hacking of a system, spreading of a virus, etc.
That is not the case with identity fraud. Here, it is people with bad intentions who, albeit through digital channels, fraud other people. The consequence of this misconception is that claims about identity fraud are rarely, covered by cyber insurance.
Challenges of fraud insurance
Digital fraud such as identity fraud is, covered by fraud insurance. Although the risk is increasing due to continuous digitisation, we see today that many fraud insurance policies are not yet fully adapted to this form of fraud.
Description of the fraud
A fraud policy often contains an exclusion for 'voluntary pay-out’ and that is exactly what happens with identity fraud. To accommodate this, some fraud insurers have recently adjusted their cover. Before providing cover, the insured usually has to prove that he has built in sufficient controls to prevent this type of fraud.
Level of cover
The level of guarantee for this type of fraud is also a challenge. Most fraud policies foresee relatively low limits, between €100,000 and €250,000. In practice, however, the damage resulting from identity fraud will be much higher than the insured amount. A higher guarantee is not only subject to extra conditions, but also to a higher price bracket.
Sufficiently broad cover
Finally, it is important that the insurance contract be designed to cover a wide range of circumstances. Fraudsters may present themselves as employees, but also as customers or an external party. The cover should therefore not depend on the false identity assumed by the fraudster. Moreover, it does not only concern funds of the employer, fraudsters can also incite the transfer of funds or goods from third parties.
Prevention and processes
A fraud insurance with adequate cover is not the only defence against digital fraud. At least as important is prevention. As a company, you can do a lot yourself to reduce the chance of fraud and to limit its consequences. Think of strict financial controls and verification processes at various levels. The use of dedicated tools to better manage your risks also works well to prevent fraud. Training your employees is such a powerful prevention tool. Bring them the necessary vigilance so that they recognise the signals of suspicious money transfers in good time.
Protect yourself against fraud with comprehensive insurance
Euler Hermes is one of the fraud insurers with the longest track record in Europe. Our solution is the most complete fraud insurance on the market. It protects your assets and covers losses caused by fraud such as financial losses, damage to systems and reputational damage.