Skip to Content

April

2017

Ninth Circuit Holds No Coverage Under A Crime Policy For Social Engineering Business Email Fraud

Blogs, Insurance Coverage

Taylor & Lieberman v. Federal Ins. Co., 2017 WL 929211 (9th Cir. Mar. 9, 2017) (unpublished). The Ninth Circuit held that an accounting and business management firm that fell victim to a social engineering scheme did not have coverage under the Forgery, Computer Fraud, or Funds Transfer Fraud insuring agreements of a Crime policy. The insured received two emails from a client’s hijacked email account, directing funds transfers to accounts in Malaysia and Singapore. It complied. The insured then received a third email purportedly from the client, but from another email address, directing a third transfer. The insured called the client and learned that all three emails were fraudulent.

The court found no coverage under any of the insuring agreements. The Forgery grant applied to “forgery or alteration of a financial instrument.” The insured argued quaintly that under the “Last Antecedent Rule,” the words “financial instrument” only applied to coverage for alteration, but not to a forgery. The court rejected that construction and found that in any event, fraudulent emails were not financial instruments.

The Computer Fraud grant applied to unauthorized entry into the insured’s computer system, and the introduction of instructions that propagated themselves through that system. The court applied the plain meaning rule to hold that (1) sending an email does not constitute unauthorized entry into a system, because the policy was designed to cover matters like the introduction of malicious code, and (2) the emails did not propagate themselves through the computer system.

Finally, the Funds Transfer Fraud grant encompassed “fraudulent … electronic … instructions issued to a financial institution directing such institution to transfer … money … from any account maintained by the [insured] at such institution, without the [insured’s] knowledge or consent.” The court found that the coverage was inapplicable because the insured knew about the transfers (it had requested them). The court also held that the receipt of emails purportedly from the insured’s client to the insured does not trigger coverage because the insured was not a financial institution.

There is one curiosity. The lower court had found for Federal on the grounds that the insured’s loss was not “direct.” The Ninth Circuit did not address this ground but affirmed summary judgment on other grounds. Thus it left the lower court’s holding on the additional point undisturbed.