You receive an email appearing to be from your bank, saying that your account has been compromised. It warns you to act quickly and includes a link that prompts you to fill out your banking information. Do you fill it out?
If you answered yes, you could be susceptible to “social engineering fraud” known as “phishing”. Social engineering fraud refers to a variety of techniques used by fraudsters to gain information. They deceive and manipulate victims into voluntarily performing actions which result in them giving out confidential information or transferring funds.
Email scams are becoming increasingly sophisticated. In many cases, they piece together information from various sources, such as social media and intercepted correspondence, in order to appear convincing and trustworthy while perpetrating the fraud.
Like other types of cyber-attacks, the risk of falling victim to an email scam cannot be completely eliminated. Even if your business has robust systems and controls in place, it is still extremely difficult to prevent attacks. However, there are steps you can take to reduce the risk of your business being caught out:
Appropriate crime insurance may protect you from the financial consequences of social engineering fraud. It is not always clear whether traditional crime insurance covers losses from a phishing scam attack. In order to make sure you are covered, you should make sure your policy includes:
Along with other types of social engineering fraud, email scams can lead to large financial losses for a company. However, having the right controls in place, combined with the appropriate insurance, can help prevent or mitigate devastating losses.