Cyber product enhancements: Cybercrime

We’ve upgraded the system damage and business interruption cover in our Cyber Proactive Response (CPR) product, including more expansive hardware replacement cover, new triggers for cover and much more.

Cyber Article 2 min Mon, Mar 31, 2025

The cybercrime industry is escalating, with threat actors constantly refining their tactics to exploit businesses in new and unexpected ways. As technology advances, attacks are becoming more targeted, deceptive and financially damaging, making it easier than ever to infiltrate systems, manipulate transactions and steal funds. In this landscape, complacency isn’t an option—not for businesses, and certainly not for cyber insurance providers.

To help businesses stay one step ahead, we’ve enhanced the cybercrime cover in our new CPR product, introducing a series of upgrades that broaden protection to address evolving cyber threats.

What’s new: Smarter, stronger cybercrime cover

With the cost of cybercrime rising year on year, businesses can’t afford to have gaps in their cybercrime coverage. From invoice manipulation to physical goods fraud, our new CPR upgrades address real-world loss trends and enhance policyholder protection. Here’s what’s new:

  1. Invoice manipulation

    Imagine providing goods or services, only to have a fraudster impersonate your business and reroute customer payments to their own account. This update ensures policyholders are covered when cybercriminals intercept legitimate transactions and divert funds before they ever reach their rightful owner.

  2. New vendor fraud

    Cybercriminals see new business relationships as a top target. This update covers businesses that unknowingly send payments to a fraudulent vendor posing as a legitimate supplier that the policyholder hasn’t transacted with before—only to receive nothing in return. Already covered under our policy, this update speaks to an increasingly common loss trend and provides additional clarity to policyholders.

  3. Physical goods fraud

    Cyber scams don’t just target electronic funds—sometimes, physical goods end up in the wrong hands too. This update covers situations where businesses are tricked into sending physical goods to a fraudster instead of a real customer and end up out of pocket as a result.

  4. Theft of funds held in escrow

    Social engineering scams are the main source of funds transfer fraud losses, including situations where businesses are holding funds on behalf of third parties and are tricked into sending those funds to fraudsters. While such losses would already be covered, our new CPR wording now makes affirmative reference to phishing, vishing and social engineering attacks, removing any ambiguity for policyholders.

  5. Theft of client funds

    Many businesses are entrusted by their clients to access their bank accounts and execute transactions on their behalf. But things can go wrong if the business is tricked into sending the client’s funds to a fraudster and needs to reimburse the client as a result. This new section provides cover for exactly this kind of scenario, ensuring that the policyholder has protection not just for their own funds, but for that of their client’s too.

Business benefits: Protection and peace of mind

These upgrades aren’t just technical tweaks—they’re real-world protections designed to keep businesses secure in an era of increasingly sophisticated cybercrime.

By closing coverage gaps and providing clear, comprehensive protection, businesses that experience cybercrime have a platform to bounce back quickly, reducing devastating financial loss. Whether it’s rerouted payments, stolen goods or fraudulent vendor schemes, our enhanced cybercrime cover ensures businesses can operate with confidence, knowing they’re protected against the latest threats.

Navigating your cyber policy

Find the updated system damage and business interruption cover in Insuring Clause 4 of the CPR wording.

If you’d like to learn more about our cybercrime cover or our new CPR product or have questions on anything cyber, contact us at cyber@cfc.com.