Security Breach Exposes Fraudulent Scheme Involving an Insurance Claim

The FAIS Ombud has been receiving numerous complaints related to phishing incidents, particularly involving email interceptions between the complainant and their broker, which often result in fraudulent payments made to imposters. One of the recent cases we received at the office involved a complainant whose building was affected by a recent storm. They reported that the email communication with the insurance brokers had been compromised. The intercepted emails included discussions about a payment claim amounting to R52,495.09.

The imposter who hacked the complainant’s email was able to send an Agreement of Loss form to the broker, which featured a fraudulent signature and an incorrect future date. Furthermore, the imposter instructed the broker to redirect the claim payment to an alternative account instead of the complainant’s regular bank account.

Our office would like to warn consumers and financial service providers to stay vigilant and avoid falling prey to such fraudulent activities.

We have some tips to share that can help in avoiding becoming victims of these scams:

  • Create strong, unique passwords for your email accounts and other online platforms. Avoid using easily guessable information such as your name or birthdate.
  • Always be cautious when receiving emails, especially those requesting sensitive information or financial transactions.
  • If you receive an email requesting financial transactions or sensitive information, verify the authenticity of the request by contacting the sender through a known and trusted communication channel.
  • Keep your devices and security software up to date to protect against known vulnerabilities and malware.
  • If you receive an email seeking financial transactions or suspect that your email has been hacked, notify your email provider and follow their instructions.
  • Implement strict verification procedures for any changes in customer information or payment instructions. This can include confirming such requests through phone calls or in-person meetings.
  • Look out for unusual email addresses, grammar errors, and unexpected attachments or links in your correspondence with the complainant.

By following these tips, consumers and financial service providers can better protect themselves and their clients from falling victim to phishing scams and fraudulent activities.