Home Search Services People Contact

What can we help you find? Enter your search above.

Sugarman, Rogers, Barshak & Cohen, P.C. Logo Sugarman, Rogers, Barshak & Cohen, P.C. Logo

What can we help you find? Enter your search above.

I understand
Sugarman Rogers Icon

August 7, 2017

Legal Update
John G. O'Neill, Jessica H. Park

Email spoofing scam is not covered under computer fraud provision of policy

Close Video
Related Video

Video Title

Video Content

Featured Flourish

A federal court in Michigan has ruled that an $800,000 loss suffered by an insured from an email spoofing scam is not covered under a computer fraud provision in a policy issued by Travelers. See American Tooling Center, Inc. v. Travelers Casualty and Sur. Co. of America, No. 5:16-cv-12108 (E.D. Mich. Aug. 1, 2017).

The insured, American Tooling Center, outsourced some of its tool and die work to Shanghai Yifeng Automotive Die Manufacture Co., which invoiced American as certain milestones were met. Upon receipt, American would confirm that the work had been performed, and then issue payment by wire transfer to Yifeng’s bank account. In 2015, an executive from American sent an email to Yifeng requesting copies of all outstanding invoices. In response, he received a spoofed email, which had been sent by thieves but made to appear as though it had been sent by Yifeng, requesting that American wire payment for several actual Yifeng invoices to a new bank account. American confirmed that the work had been completed and then authorized a wire transfer of $800,000 without verifying the new account information. The thieves withdrew the funds before the fraud was detected.

The policy provided that Travelers would pay “for the insured’s direct loss of, or direct loss from damage to, money, securities and other property directly caused by Computer Fraud.” The term “Computer Fraud” was defined to include “the use of any computer to fraudulently cause a transfer of money, securities or other property from inside the premises or financial institution premises” to a person or place outside such premises. Travelers denied American’s request for coverage on the grounds that the spoofing scheme did not involve a “direct loss” that had been “directly caused” by “the use of any computer.”

The court agreed, holding that the term “direct” referred to a loss that was immediate and without any intervening events. The court concluded that the $800,000 loss was not “directly” caused by the spoofed email, as there were several intervening events between American’s receipt of the email and the fraudulent transfer, including American’s verification that production milestones had been met, its authorization of the wire transfer, and its failure to confirm the new bank information. Notably, the court also distinguished a recent decision finding coverage for a similar email spoofing scam, Medidata Solutions, Inc. v. Federal Ins. Co. (which we reported on here), on the grounds that the policy language construed in that decision differed in relevant ways from the language of the Travelers policy, which the court found essentially limited coverage to hacking-related losses.

The American Tooling opinion is the latest in a growing body of decisions grappling with the issue of whether provisions intended to provide coverage for hacking of an insured’s computer also extend to losses from social engineering schemes, such as email scams.  These decisions illustrate how subtle differences in policy language can greatly impact coverage.

For further information, contact John G. O’Neill or Jessica H. Park.