Hacker Hits Three Times

Tales from the Trenches: Hacker Hits Three Times

Product yourself for all scenarios

The Scenario

In this scenario, a hacker has hacked a client’s email and has impersonated the client to the advisor/rep. The hacker instructed the advisor to liquidate stocks. The hacker then instructed the advisor to wire funds to an account that was at the same bank as the client. However, it was actually to the hacker’s account. This particular bank was unique because it was in Singapore. Since the bank of in Singapore it made the bank unique to the advisor. Thus, it did not set any alarm bells for the advisor. This hack was conducted for three transactions. The transactions totaled over $120,000 before it was shown as fraudulent.

The Facts

In this case, the verification of the transaction was done only via email. The first fraudulent funds transfer was for $30,000.  The additional requests for a liquidation and transfer were not verified by voice or email. The client was supposedly not available for verification.  The home office was concerned about the lack of verification. The rep pressured the home office to do the transaction because it was a large client to him. The rep did not want to inconvenience the client who was on vacation. The home office approved the transactions of $45,000 each. The fraud was caught once the client returned from vacation and looked at his account status. After the third, and an attempted fourth transaction.

The Outcome

Fortunately, the cyber policy would still cover the funds transfer frauds. The cyber insurer recovered the funds during the third transfer while it was in transit to the hacker. Concurrently,  the insured was reimburshed for the loss.  However, the advisor was responsible for two deductibles totaling $50,000.

How to Avoid This Claim

Hackers are capable of impersonating a victim via email and by phone. By inserting a new phone number, the hacker can change their profile records. Furthermore the hacker can make emails look to be coming from and going to the client. When in fact the communications are between the hacker and the advisor or the firm.  
It is a good idea to always implement dual verifications.  Implementing MFA (multi-factor authentication) on all devices and encrypt communications is the best option.

Browse Related Articles

Chat GPT and the Risk Landscape
Cyber Insurance

Chat GPT and the Risk Landscape

Artificial intelligence (AI) chatbot ChatGPT and the risk landscape has recently made waves. Mainly known for producing human-like text and communications from user inputs. Accessible

Read More »