What is... customer payment fraud?

Funds transfer fraud – whereby fraudsters dupe innocent businesses and individuals into transferring what they believe are legitimate payments to fraudulent bank accounts – is becoming an increasingly common problem.

Cyber Article 4 min Fri, Oct 23, 2020

In an insurance context, most cyber policies with crime cover in place will provide some form of protection for situations where policyholders lose their own money in this way. For example, if a fraudster manages to impersonate the policyholder’s CEO and gets a member of the finance team to send a payment over to a fraudulent bank account, the policyholder’s business will have suffered a financial loss. All being well, this loss can then be recovered under their cyber policy.

However, it’s not always the policyholder’s business that suffers a loss in this way, but the policyholder’s customers. Customer payment fraud describes a situation in which a business is impersonated by a fraudster, who then dupes some of the business’s customers into making payments to a fraudulent account.

To make this concept a little easier to digest, let’s take a look at a real-life example.

We recently dealt with a claim involving an insurance brokerage that is primarily involved in arranging property and casualty insurance cover for SME businesses. One of the brokerage’s employees had their email account compromised by a fraudster, which allowed the fraudster to monitor the broker’s inbox and identify an opportunity to misdirect funds. The broker had been working on the renewal of a package policy with one of the brokerage’s existing clients and all that remained was for the client to transfer the premium over to the brokerage, who would then pass it on to the insurer. Having chosen a suitable target, the fraudster then sent an email from the broker’s account and explained that the premium would have to be sent to an international account due to an audit on the brokerage’s usual account. Assuming that this was a legitimate request, the customer duly transferred the premium over to this fraudulent account. It was only when the broker chased the customer about the payment some weeks later that the scam was uncovered. This meant that the premium still remained unpaid, but as the fraudulent communications appeared to come from the broker, the customer put the blame on the brokerage and refused to pay the premium twice. Given this, the brokerage accepted responsibility for the incident and decided to pay their customer’s premium from their own funds.

In this case, the primary victim of the loss was not the brokerage but their customer. As it wasn’t the brokerage that was tricked into transferring funds, the crime cover on most cyber insurance policies would not be triggered, unless there is some form of specific cover for customer reimbursement in place. However, under CFC’s cyber crime insuring clause, losses of this nature are covered up to a maximum of $50,000, providing a valuable safety net and helping to maintain good customer relations for policyholders who are impersonated in this way.