Contact us

1300 GOCYBER (1300 462 923)

Call or email us today!

Contact details:

Message:

Your message has been sent successfully. Close this notice.

Cyber Insurance Quote Form

Limit of Liability

Company Details

Do you process, transmit or store more than 10,000 financial transactions per year?

Yes No, less than 10,000

Do you use and keep up to date firewalls and anti-virus protection for all systems?

Yes No

Do you use third parties to complete audits of your system and security on a regular basis?

Yes NO

Are all portable devices password protected? (mobile phones, laptops, tablets, etc)

Yes No

Do you have encryption requirements for all data including portable media?

Yes No

Do you have back-up and recovery procedures for business critical systems, data and info assets?

Yes No

Do you outsource any part of your network, including storage?

Yes, we use third party providers. No, all managed in house

Do you store sensitive information on web servers?

Yes No

Do you know of any loss payments, fines or penalties being made on your behalf?

Yes No

Are you aware of any matter which might give rise to a claim or loss under such insurance?

Yes No

Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?

Yes No

The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?

Yes No
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.

Business Insurance Quote

Contact details:

Sections

Property & Contents

Yes, please quote No, thank you

Public & Products Liability

Yes, please quote No, thank you

Cyber Liability

Yes, please quote No, thank you

Theft & Money

Yes, please quote No, thank you

Computers & electronic equipment

Yes, please quote No, thank you

Business Interruption

Yes, please quote No, thank you

Machinery Breakdown

Yes, please quote No, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
2 years ago · by · 0 comments

Email Fraud & Cyber Insurance

malicious email

What is Business Email Compromise?

Business email comprise or CEO email fraud is a form of social engineering which isn’t the newest style of attack but it is constantly evolving, very effective and extremely costly. According to the FBI, between October 2013 and February 2016, the financial losses had reached a shocking $2.3 billion for businesses. You may have herd about malicious emails which contain dodgy attachments or links to strange websites. How about fraudulent emails impersonating high authority individuals using your own staff to make large payments to criminals? Many organisations have been brought to their knees or bankrupt due to some clever email trickery and social engineering from criminals.

“It’s a prime example of organized crime groups engaging in large-scale, computer-enabled fraud, and the losses are staggering.” said FBI Special Agent Maxwell Marker, who oversees the Bureau’s Transnational Organized Crime–Eastern Hemisphere Section in the Criminal Investigative Division. “They know how to perpetuate the scam without raising suspicions,” Marker said. “They have excellent tradecraft, and they do their homework. They use language specific to the company they are targeting, along with dollar amounts that lend legitimacy to the fraud. The days of these e-mails having horrible grammar and being easily identified are largely behind us.”

Cyber crime units have been reporting with regularity that criminals are impersonating high ranking employees by gaining access to their emails and sending requests to other employees for payments and private company information such as tax records. Some scammers have been noted to create almost identical email domain addresses for targets which are difficult to recognize at first glance. For example, director@businessname.com.au being impersonated by the fraudulent director@businessname.com or director@businessname.co.

The criminals have compromised access to email addresses and used readily available information such as passwords/usernames, company letterhead, digital signatures, vendor invoices, payment requests and personal information which is enough to satisfy an alarming amount of banking security procedures.

email compromise scam

Australian CEO Fired after Email Fraud Devastation

In one of the most damaging recent email fraud attacks, China-owned Boeing and Airbus supplier FACC AG was defrauded for a massive $58 million AUD in a simple social engineering scam. A series of emails tricked the financial controllers into wiring €52.8 million to the scammers across several transactions. The company was able to halt €10.9m at recipient banks but doesn’t expect to recover the funds in the near future.

A recorded loss of €41.9 million or around$58.7 million AUD from the incident was worsened with a staggering share price fall of 38 percent following the incident. The fraud also left FACC with operating losses of €23.4 million instead of their expected profit of €18.6 million had the email fraud not occurred.

CEO Walter Stephan and the CFO were both sacked as a result of the email fraud campaign. Before departing, Mr. Stephan told investors “The fraud did not take place via our Internet or IT system but by means of a simulated email correspondence under my name, which does not require any hacking.” The email in question was simply a shortened copy of his official email address as pointed out above with the .com and .co difference.

FACC’s insurance position was not publicly discussed but certainly would not have been sufficient to withstand such staggering expenses.

Cyber Insurance Australia Logo

Protect your business with Cyber Insurance Australia.

Ameriforge Group Inc Sues Insurer After $480,000 Loss

In 2014 AFGlobal Corp. was the victim of a complex and well executed email scam in which $480,000 was transferred to an account in China with no help from the bank to return the funds and debatable insurance cover. According to court documents,  The AFGlobal director of accounting received a number of emails from scammers claiming to be Gean Stalcup, CEO of AFGlobal.

“Glen, I have assigned you to manage file T521,” the strange email to the accounting director Glen Wurm allegedly read. “This is a strictly confidential financial operation, to which takes priority over other tasks. Have you already been contacted by Steven Shapiro (attorney from KPMG)? This is very sensitive, so please only communicate with me through this email, in order for us not to infringe SEC regulations. Please do no speak with anyone by email or phone regarding this. Regards, Gean Stalcup.”

Approximately 30 mintues later, Mr. Wurm was contacted via phone and email by the attorney stating that due diligence fees regarding an urgent acquisition in China were legitimate and the request was validated. AFGlobal claimed that Mr. Shapiro followed up with an email containing wiring instructions to further establish legitimacy. The funds were successfully sent to an account at the Agricultural Bank of China. No response or red flag was raised until Mr. Wurm received an email acknowledging receipt of the payment and requesting an additional $18 million.

“the imposter seemed to know the normal procedures of the company and also that Gean Stalcup had a long-standing, very personal and familiar relationship with Mr. Wurm — sufficient enough that Mr. Wurm would not question a request from the CEO.” according to the plaintiff. This helps show the depth of the email compromise, many criminals are spending time researching to learn the normal process and relationships of staff before attempting the scam.

After attempting to recover the funds from their bank it was discovered that the account in china was drained and closed shortly after the payment was received. The insurance provider for AFGlobal declined to cover the lost funds citing this business email compromise did not constitute a financial instrument and therefore was not covered under their existing Cyber Insurance policy.
You can read more about the case, here.

Company Name Withheld for Anonymity

In a release from the FBI we can see another shocking case of business email compromise(BEC) which employed a slightly different technique. In this case, the accountant for a large U.S company received an email from the chief executive, who was holidaying out of the country, requesting a large transfer of funds which needed completion before the end of the day. The CEO ‘s email stated that a lawyer would contact the accountant to give further information.

When the email from the lawyer arrived the accountant noted the standard authorisation details attached such as the CEO’s signature and company seal. Following instructions from the seemingly legitimate email, the accountant transferred more than $737,000 to a bank in China. The following day the CEO happened to call to discuss a different matter when the accountant mentioned that she had successfully sent the transfer which was requested the day before. At this point the CEO advised no email had been sent and they knew nothing about the request.

After reviewing the email thread, the accountant remarked “I noticed the first e-mail I received from the CEO was missing one letter; instead of .com, it read .co.” After closer inspection, it was discovered that the attachment provided by “the lawyer” had forged the CEO’s signature and the company seal had been sloppily taken from the company’s public website. Other concerning information which helped the scam were the CEO’s global media attendance obligations and employee email addresses which were easily obtained from the public website.

Cyber Insurance & Email Fraud

Cyber insurance policy wordings have been under heavy scrutiny since the above attacks and many others with good reason. Arranging a policy to cover business interruption, ransomware extortion costs, legal costs, public relations expenses and other costs are becoming standard parts of these policies however social engineering resulting in employee error or CEO email Fraud is often excluded.

Most robust insurance portfolios will contain a section of cover for crime events such as robbery, burglary and other forms of theft. Traditionally this section was only relevant to physical theft of goods, cash or information. After speaking with many insurance underwriters regarding the above potential gap in cover there is a consensus that despite email fraud being in a digital form, it is still theft and therefore will need to be covered under the crime section and not a cyber insurance policy.

We recommend reviewing this section with your broker as often this cover is relatively low, around $100k – $500k unless specifically increased. In the above email fraud examples it is clear that the traditional crime limits are not sufficient for this new exposure.  Businesses are less traditional and heavily dependent on technology ,understanding this evolving risk is another great example of the benefit of using a cyber-savvy broker.

Cyber Insurance Australia Logo

 

Protect your business with Cyber Insurance Australia.

Comments

Not found any comments yet.

Leave a reply

Your email address will not be published, and your website url is not required.

Take care of your business

Insurance for
your business future

Call us today for specialist business insurance packages.

Company information

Naga Risk Solutions Pty Ltd T/as Cyber Insurance Australia ABN 59 378 032 992. CAR 1250594

Authorised Representative for National Advisor Services Pty Ltd t/as Community Broker Network (CBN) ABN 60 096 916 184 | AFSL 233750

Financial Services Guide (FSG), Privacy Policy & Complaints & Dispute Handling, Insurance Brokers Code of Practice (FSG)

Contact details

E-mail address:
contact@cyberinsuranceaustralia.com.au

1300 GOCYBER

1300 462 923

Available 8:30am - 5:00pm

PO Box 1677, Milton LPO
Milton
Brisbane, QLD 4064

Join our monthly newsletter for:

Enter your email and stay up to date,

Subscribe to our monthly newsletter!