Wire Fraud Scams: What Every Insurance Agency Needs to Know

Posted on by Jenesis Software

This post was originally published on this site

scam calls

A business owner recently shared a gut-wrenching story that every insurance agency should pay attention to.

Their bookkeeper’s email was hacked. The hacker cloned her inbox and registered a fake domain that looked almost identical to the company’s real one. The hacker then emailed customers with a message that seemed legitimate—“Our wire transfer details have changed, please send funds to this account.”

One customer complied—without verifying—and wired $100,000 straight into a fraud account. The money was gone.

Now the customer believes the business should share the loss. The business believes they are not liable.

This is more than just a scary story. It’s a real-world example of why insurance agencies—and their clients—need to be prepared.

Who’s Responsible in a Case Like This?

In many cases, liability falls on the party that initiated the transfer without verifying the change. If a customer wires funds to a fraudulent account without a phone confirmation, the law often considers it their error.

But liability isn’t the only question here. As an agency owner, you know reputation and relationships matter just as much. Even if you aren’t technically at fault, clients may expect some level of help or goodwill when a loss happens.

Why This Matters for Insurance Agencies

Insurance agencies hold sensitive client and carrier information. That makes you—and your clients—prime targets for cyber criminals.

This story should serve as a reminder that:

  • Your agency could be next. Without proper safeguards, a hacker could impersonate your agency just as easily.

  • Your clients are exposed. Many businesses don’t realize that standard insurance policies may not cover funds transfer fraud or social engineering scams.

  • You are the trusted advisor. Clients will look to you for guidance before and after a loss.

Steps Agencies Can Take

To protect both your agency and your clients:

  • Enforce a “voice verify” rule. Confirm all changes to payment instructions by phone.

  • Invest in cybersecurity training. Regular phishing tests and education reduce risk.

  • Secure your domain. Register common variations of your agency’s web address.

  • Review your own cyber coverage. Make sure your E&O or cyber liability includes wire fraud and social engineering protection.

  • Advise your clients. Talk about cyber risks in your regular client reviews. Use real-world stories like this one to show the urgency.

Final Thought

The best agencies don’t just sell policies—they help clients prepare for risks they may not even know exist.

As one leader put it when reflecting on this $100,000 scam:

“Protect the company. Protect relationships. And seek to prevent this from happening again.”

That’s wise counsel for every insurance agency.

At Jenesis, we exist to help agencies grow stronger—whether through technology, tools, or simply sharing lessons like this one.

If you would like to share this information with your insureds and prospects, here’s a client-facing version you can share. I wrote it in plain, approachable language so you can easily copy, brand, and send it out as a newsletter, email, or blog. Let us know if we can help with this in any way. 

Protecting Your Business from Cyber Scams

We want to share an important real-world example that could happen to any business.

A company’s bookkeeper recently had her email hacked. The hacker created a fake email address that looked almost identical to the real one. Using it, the hacker told customers that the company’s payment instructions had changed and to wire money to a new account.

Unfortunately, one customer believed the email was real and wired $100,000 to the wrong account. The money was lost.

What Went Wrong?

The customer didn’t confirm the change before sending the payment. Hackers are counting on businesses to trust what looks like a familiar email.

This kind of fraud—sometimes called “business email compromise” or “wire fraud”—is one of the fastest-growing scams targeting small and mid-sized businesses.

How to Protect Your Business

Here are a few simple but powerful ways to reduce your risk:

  • Always verify payment changes by phone. Never rely on email alone when wiring funds or changing payment instructions.

  • Train your team. Make sure employees know how to spot suspicious emails and what to do if they see one.

  • Secure your technology. Use strong passwords and multi-factor authentication for your email accounts.

  • Talk to your insurance agent. Ask whether your policies include protection for cyber fraud, wire transfer fraud, or social engineering scams. Not all do.

Why This Matters

Fraud like this doesn’t just cost money—it can damage customer trust and business reputation. Taking steps now helps protect both your finances and your relationships.

If you’d like to review your coverage or talk about additional ways to protect your business from scams like this, we’re here to help.