Crime and social engineering insurance

Social media is changing the threat of fraud. The sheer volume of information available on employees online has made targeting businesses easier for fraudsters and criminals. Armed with information from company websites and social media, criminals use social engineering techniques to play on employees’ natural tendency to trust.

Traditional crime exposures such as fraud and dishonesty of employees are still very real risks businesses face however the emerging risk of social engineering is one that more and more companies are being targeted with.

Using information gleaned from social media, criminals mimic the voices and mannerisms of senior management, resort to flattery, and play on unfamiliarity and employees’ tendency to respond to authority.

They might request systems access, or a change of supplier details. And the result is often the fraudulent transfer of a large sum of money. Many existing crime policies do not cover this growing trend in losses and companies are finding that their policies fail when they’re needed the most.


Crime and social engineering

Fraud involving social engineering can be relatively simple and opportunistic, but they can also involve a degree of sophistication and planning. Criminals have been known to create fake social media profiles, as well as work in teams, bringing in fictitious staff members or professional advisors.

As more businesses are targeted, social engineering has become a burning issue for law enforcement. Interpol identified social engineering as one of the world’s biggest emerging crime trends.

Crime and social engineering

Such fraud is difficult to stop in a business environment, where trust and hierarchy are important, and where competitive pressures and the need to build in flexibility – such as around payment processes – may be essential.

Following a rise in businesses increasingly asking about the availability of coverage for social engineering fraud, JLT in association with a panel of insurers, addresses this growing risk with a new crime and social engineering (CASE) insurance policy.


Vendor, supplier or procurement fraud, regulatory or compliance breach, theft of physical stock, internal financial fraud, information theft and financial mismanagement.

  • Social engineering/fake president frauds are a common issue, where individuals within the business are targeted using public domain information to ‘dupe’ them into transferring company funds to a third party
  • A book-keeper at a company stole £370,000 over a five year period
  • An employee at a solicitor’s firm stole £1 million over 28 years by diverting money out of estates of deceased clients
  • A finance manager at a charity stole more than £150,000 through cashing donation cheques for himself, creating a trail of false invoices to cover his tracks
  • A financial controller at a construction company transferred £750,000 out of a little-scrutinised holding account into her own account
  • A junior PA defrauded three employers stealing over £200,000 through credit card abuse, cashing cheques and even creating direct debits from business accounts.

Yes, the insurer typically pays reasonable fees, costs and expenses incurred in retaining a fraud investigator.

It is important to make reasonable efforts to recover the loss, therefore this may be necessary to commence legal action. In certain cases, the insured may not wish to prosecute either for social reasons or out of sympathy as perhaps they feel prosecution diminishes the chances of recovering the amount. One of the advantages of prosecution is that it serves as a warning to other fellow employees. Therefore it is important to discuss whether to prosecute and the merits of any recovery process with insurers prior to making any decision.

Yes, the insurer typically pays reasonable legal fees, costs and expenses incurred in the defence of any claim that results directly from a covered direct financial loss.

Courts have in the past upheld the claims-reporting requirements, finding the requirements to be a condition of coverage. Typically a policy requires notice as soon as practicable – carriers and courts differ on what length of time is practicable. In any event, failure to provide timely notice can result in loss of coverage. What would be a covered claim can become uncovered if the reporting provisions of the policy are not strictly adhered to.


350+ international clients120+ financial risk specialists10% FTSE 500 clients$500m limits global D&O programmes have been arranged for


JLT, in association with a panel of insurers, have created an insurance produced called crime and social engineering (CASE), covering the growing exposure posed by social engineering in an environment where insurance for this exposure is becoming more difficult to achieve.

The benefits of this cover include:

  • Affirmative and broad coverage for social engineering events – including any fraudulent communication from a third party source purporting to be genuine
  • All risks crime coverage for:
    • Theft of assets
    • Social engineering
    • Extortion
    • Criminal damage
  • Few exclusions, removing many avenues of common coverage dispute – JLT CASE will be adapted to future claims trends
  • Broad coverage for new ventures and acquisitions, reducing the need for administration during the year
  • Limits respond to each loss, there is no aggregate cap on insurance – current trends have seen multiple losses in quick succession to large international companies – this coverage addresses that concern
  • Caters for and protects against the new insurer remedies under the UK Insurance Act 2015.

Case Examples

Crime and social engineering 

Business Email Compromise

Crelan Bank fell victim to a USD 75 million fraud known as a business email comprise. Details as to exactly what happened are scarce, it has been suggested that an email was sent to a financial employee or accountant purporting to be from the CEO requesting the urgent transfer of funds to a trusted partner of the company. Crelan Bank have reported the incident to law enforcement who are investigating.

Crime and social engineering 

Employee Impersonation

Ubiquiti Network has been defrauded of some USD 46 million by scammers who impersonated employees. Details are scarce but the fraud seems to have involved scammers spoofing communications from the firm in an effort to initiate unauthorised international wire transfers. Ubiquiti say’s its recovering USD 8.1 million of the heist and is trying to recover an additional USD 6.8 million through a legal challenge. Ubiquiti Networks are looking to improve their internal controls over financial reporting.

Read our latest insights