Cyber FAQs

Does cyber insurance cover wire transfer fraud and social engineering attacks?

All FAQs

Quick answer: Social engineering fraud, where an employee is tricked into wiring money to a fraudulent account, is one of the most common cyber losses.

Sometimes, but only if your policy is written to include it, and usually under a separate sub-limit. Wire transfer fraud and social engineering attacks are not always covered by a standard cyber insurance policy, so this is one of the most important details to check before you buy.

Social engineering is when a criminal tricks one of your employees into sending money or sensitive data voluntarily. A common example is a fake email that looks like it came from your CEO or a trusted vendor, asking your bookkeeper to wire funds to a new account. Because the employee was deceived rather than hacked, many basic cyber policies treat this differently from a direct network breach.

The coverage that stops social-engineering losses is easy to miss in a cyber policy:

  • Social engineering or deception fraud coverage, which pays when an employee is tricked into transferring funds.
  • Funds transfer fraud coverage, which pays when a criminal hacks your systems and moves money without your knowledge.
  • Sub-limits, since these coverages are often capped well below your full policy limit, sometimes at $100,000 or $250,000.
  • Verification requirements, since some carriers require a callback or dual-approval step before they will pay a social engineering claim.

Imagine an Atlanta accounting firm whose office manager receives an email appearing to come from a client, requesting a $48,000 wire to a new bank account. The manager sends it, and the money is gone. With a $50,000 social engineering sub-limit, the policy could reimburse most of the loss. Without that endorsement, the claim could be denied entirely.

A coverage that adds protection for events like these is called an endorsement. Many Georgia businesses assume their cyber policy already includes this protection, only to discover the gap after a loss. We can review your cyber liability insurance and confirm whether social engineering and funds transfer fraud are actually included, and at what limit. Start with a free coverage review and we will check your sub-limits for you.