In a case filed in California last week, an insurer once again has taken the position that funds disbursed to computer hackers because of fraudulent commands received via e-mail from hackers are somehow distinguishable from the hacker misappropriating the funds directly. They are not. The typical scheme, via social engineering commonly known as “business e-mail compromise” or “CEO fraud,” involves an e-mail from a high-level executive’s e-mail account directing a subordinate employee to wire funds to a bank account actually owned by a third-party scammer, the true author of the email. Insurers have denied coverage for such liabilities, contending that their policies do not cover voluntary disbursements of company funds – as if the insureds intended to give their funds away to the bad guys!
Continue Reading Insurers Continue to Contend Cybercrime Losses Are Not Covered