Don’t Let that Wire Transfer Request Become an E&O Nightmare

Even if the data you control is safe, you could still be the victim of a data breach. Insurance agencies are increasingly targeted as middlemen in schemes to use stolen data to extract money from unsuspecting persons—especially if the agency deals with mutual funds, annuities or other financial products.

In a typical scenario, an agent will receive an email from a customer. Normally, the email address will match the email address the agent has on file for the customer. The email will request to cash out certain investments and to wire the funds to a bank, often located overseas.

An agent who wants to meet the customer’s needs in an effective and efficient manner will process the request without delay. But unbeknownst to the agent and the customer, someone has hacked into the customer’s email account, obtaining past statements that disclose the amount of money in certain accounts. By the time the involved parties discover the scheme, it is too late for the customer—and often the agent.

In order to avoid these types of mishaps, agents should verify that their customers do intend to transfer monies overseas by speaking with customers directly to verify specific instructions. If speaking in person or via telephone with a customer is not practical, scrutinize the email request carefully, paying particular attention to the author’s command of the English language. Responding to the customer’s email requesting verification of certain information may not be enough action to fend off a hacker, as the hacker may have also obtained the customer’s social security number or other personal information.

Cyber schemes and identity theft are on the rise. Agents must practice a higher degree of diligence when arranging wire transfers of any kind.

Alison VanDyke is an assistant vice president, claims and liability management with Swiss Re Corporate Solutions and handles claims against insurance professionals out of the office in Overland Park, Kansas.