Cautionary tale for brokers when payment time quickens

Since insurance brokers act as intermediaries between client and insurer, the risk of them falling victim to fraud increases as payment turnaround time decreases, says a cyber insurance expert.

In fact, brokers “regularly top our list of industries that are most exposed to social engineering scams purely by way of the frequency of fund transfer losses going in and out of the business each day,” said Lindsey Nelson, cyber development leader at CFC Underwriting.

It has indeed happened that brokers have fallen victim to fraudsters. Nelson told Canadian Underwriter about an incident in which cybercriminals impersonated an insurance broker and then duped the customers out of money, diverting the customers’ premium payments elsewhere.

The broker was tricked into sharing their login details in a document-sharing platform from a seemingly trusted contact. With the credentials in the hand of the fraudster, payment was intercepted from one of the broker’s customers who had recently agreed to a renewal and paid the premium in a lump sum, Nelson reported. While impersonating the broker, the fraudster asked the customer to make the payment into a different account.

Nothing seemed out of place until the broker followed up on the payment. By this point, the funds were not recoverable and the client still owed the outstanding amount. The broker paid on behalf of their client after accepting responsibility and then made a claim under the cybercrime section of their policy to recoup the cost.

“Situations like that happen all the time,” Nelson said. “It is happening all the time to businesses around the world.”

iStock.com/tommy

Brokers fall in the same category of accountants, real estate agents and lawyers, especially those specializing in property transactions and escrow services. Broadly speaking, people working in professional services firms typically have a greater risk exposure, Nelson observed.

“There’s a lot of third-party funds in their care and control that go in and out of the business,” Nelson explained. “So in a lot of those situations, they’re the middleman between the sender of the funds and the recipient of the funds. At some point, that makes it easy to intercept the transaction from the cybercriminal’s perspective and divert the payment to another bank account.”

In Canada, there’s currently a five-day wait between when money is transferred and when it’s deposited in the recipient’s account. That means it’s now possible for the sender of the funds to realize the money was sent to a fraudulent account and then take advantage of a five-day window to contact the bank and stop the transaction. In 2022, when real-time rail comes into effect, payments will be moved in minutes instead.

With the increased frequency of payment coming and going out of a business, Nelson is concerned that companies will rely too heavily on dual-authentication procedures. In other words, they may not follow up to check the authenticity of an email or a phone call that requests change to banking details. This creates the situation for more scenarios in which premium payments go into the wrong hands.

That enhances the importance of brokers double-checking any changes that may come their way when it comes to payments. Even the slightest bit of doubt should lead to verification, Nelson recommended.

“Contact them, the organization or the vendor or supplier that you’re expecting to pay. Call them at a number that you know to be correct,” she said.

It makes a big difference, Nelson observed. “Callback procedures to verify the authenticity of the recipient before [payments are] being made tend to [prevent] 95% of cyber incidents [from] actually happening, where theft of funds is involved. So as long as they’re calling back before that fund transfer is made, it tends to work out quite well.”

Feature image by iStock.com/erhui1979