Your World of Legal Intelligence
 United States | 1-800-335-6202

Third-Party Email Fraud Covered By Insurance Policies

Document Cited authorities 3 Cited in Related
Vincent
Published date25 October 2022
Subject MatterCorporate/Commercial Law, Insurance, Criminal Law, Corporate and Company Law, Insurance Laws and Products, White Collar Crime, Anti-Corruption & Fraud
Law FirmErvin Cohen & Jessup
AuthorMr Peter Selvin

In Medidata Solutions, Inc. v. Federal Insurance Company, 268 F. Supp. 3d 471 (S. D. N. Y. 2017), aff'd, 729 Fed. Appx. 117 (2nd Circuit 2018), the Court found that there was insurance coverage where a company had been victimized by an email spoofing scheme that resulted in the company wiring funds to a fraudster's account. More recent cases have also found insurance coverage for losses arising from similar incidents of this kind. See, e.g., Ernst & Haas v. Hiscox, Inc., 23 F. 4th 1125 (9th Cir. 2022)

In Medidata, the spoofed email came in the form of an email purportedly coming from the company's president which instructed that payment be made to a certain outside account. Believing the email to be genuine, a subordinate in the company wired the funds to the fraudster's account.

Coverage for the company's loss was found in Medidata because the Court determined that the fraudster's entry into and manipulation of the company's email system satisfied the policy's requirement that there was a "fraudulent entry of data into a computer system and change to data elements or program logic of a computer system".

But what if the spoofed email purportedly comes from someone impersonating an outside vendor, as opposed to someone impersonating an executive within the victimized company? In the case of an email impersonating an outside vendor, the argument that the company's own email system had been manipulated may be less strong, depending on the specific policy language. Nevertheless, three recent cases have affirmed coverage where a vendor has been impersonated and as a result the company sustained a loss.

In Am. Tooling Ctr., Inc. v. Travelers Cas. & Sur. Co. of Am., 895 F. 3d 455 (6th Cir. 2018), a company was victimized by a fraudster impersonating one of the company's Chinese vendors. The company received a series of emails, purportedly from its Chinese vendor claiming that the vendor had changed its bank accounts and the company should wire its payments to these new accounts. After transferring $834,000, the company learned that the emails were fraudulent.

The company was insured by Travelers under a business insurance policy, which included coverage for computer fraud. The coverage grant for computer fraud provided that Travelers would indemnify the company for any losses arising from the "the use of a computer to fraudulently cause a transfer of Money...from inside [the company's] premises ...to a person ...outside [the company's] premises..."

The company...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT