Long gone are the days where a robber had to don a ski mask, grab a gun and hold a business up in person. While those things still happen, the sophisticated criminal of today is more likely to use modern technology to separate businesses from their money.
Email scams are nothing new, but phishing (where an email is designed to look like it comes from an official, trusted source) is increasingly costing companies big losses — especially when the scammer pretends to be a vendor or another business that needs to be paid.
If your company transfers money to a scammer by mistake, whose insurance covers it?
- If you have first-party coverage: This will protect your business against losses you directly experience. In other words, it will help you cover the expenses your business has as a result of the fraud, including things like notifying any affected customers, crisis management (public relations) and any business interruption expenses.
- If you have third-party coverage: This can protect your business against claims by injured parties affected by the breach. For example, if your title company accidentally transfers a real estate buyer’s money to a scammer who successfully “phished” you, your insurance can help you pay a settlement, a court judgment and your legal defense costs.
Here’s the thing: Most businesses don’t know what their insurance policies cover when it comes to phishing and other cybercrime — and you don’t want to find out after an incident has already happened.
Do yourself and your company a favor: Review your policies today to make sure you understand whether there are any gaps in your coverage — and what rights you may have.