December 12, 2023

Hacker uses client’s email to target law firm with art auction scam

Following verification protocol exposes fraud before client's funds were transferred

When the details of an alleged art deal started to seem suspicious, one Alberta lawyer followed her instincts and avoided a potentially costly scam.


In early December 2023, the lawyer received an email from a longtime client who requested she transfer funds held in trust to a company in another province. The email claimed the client needed the funds to pay for an art purchase made at a recent auction. 


As is customary, the lawyer asked for a phone call to confirm the banking details they provided for the transfer. The client protested, claiming they were in meetings all day and could not get on the phone. The lawyer assured the client they could call her cell phone any time, and insisted the call was a necessary protocol.


The resulting phone conversation only increased the lawyer’s suspicion that something was off. The voice on the phone was female and knew some of the client’s personal information, but it didn’t sound quite like her client. 

Scam breakdown

The fraudster:

An unknown person gained access to a law firm’s client’s email inbox and used the client’s identity to attempt to gain access to funds held in trust.


The angle:

The email claims they need the lawyer to transfer a sum of money from the trust account to pay for an art piece purchased at an auction.


The target:

The fraudster wants the lawyer to send them money from the law firm’s trust account before it's discovered that they are impersonating the client.

Lawyer’s clever tactic stumps scammer

Thinking quick on her feet, the lawyer attempted a test to find the truth: She began asking questions in another language that she knew the real client also speaks. Likely panicked, the person on the phone abruptly ended the call. 


With her suspicions now confirmed, the lawyer called the phone number she had on file for the client to inform her that her email had been compromised. The law firm’s IT advisor instructed everyone involved to change their passwords and to implement multi-factor authentication ("MFA") for their email sign-in as an added layer of protection.


By following protocol and insisting on speaking with the client on the phone for confirmation, the lawyer prevented a massive theft of funds and protected her longtime client’s interests. 

What is multi-factor authentication?

MFA is a security tactic that requires two or more verification steps — such as a password and a secondary code received via email or text messaging — to access your devices or accounts.


For example, to login to your email you could use a password and a secondary number code from an app on your phone. This extra layer of security makes it more difficult for hackers to gain access to your inbox.


Similar to MFA, lawyers should use multiple methods of authentication for their clients, as well.


If a client sends a lawyer an email with banking information for a funds transfer, the lawyer should use a separate method of authentication to confirm these details. For example, the lawyer could meet the client in person or phone them using the number on file.

Tips for authentication by phone call

Lawyer should initiate the call: Criminals can use spoofing technology to make it seem like they are calling from a different number. To be more confident you are speaking to the right person, the lawyer should make the phone call.


Use the phone number on file: Scammers may give you a new phone number in their email communication. Use the phone number the law firm has on file for the client.

Red flags

This scammer read the client’s previous emails and learned personal details to appear more credible. However, there were still signs this was an attempted fraud.

Dodging phone contact Pushback and excuses when the lawyer asked for confirmation over the phone.

Unfamiliar voice – When they eventually connected on the phone, the voice on the call didn’t sound like the client.

Personal information that would be easy to obtain – The personal details the alleged client mentioned were specific pieces of information the lawyer remembered discussing over email, and therefore could have easily been learned.

More information on potential red flags and actions that can help Subscribers protect themselves and their clients can be found on ALIA's website. ALIA remains grateful to Alberta lawyers and firms for their continued reports of potentially fraudulent activities.
Read more on spotting red flags

ALIA does not provide legal advice. ALIAdvisory newsletters, ALIAlert fraud warnings, ALIAction notices and the content on ALIA’s website, notices, blogs, correspondence and any other communications are provided for general information purposes only and do not constitute legal or other professional advice or an opinion of any kind. This information is not a replacement for specific legal advice and does not create a solicitor-client relationship.


ALIA may provide links to third-party websites. Links are provided for convenience only; ALIA does not vet or endorse the information contained in linked websites or guarantee its accuracy, timeliness or fitness for a particular purpose.


If you believe you have been targeted by potentially fraudulent activity, please contact ALIAlert.
Visit our Website
STAY CONNECTED 
Linkedin  
Alberta Lawyers Indemnity Association | 700, 333 - 11th Ave SW, Calgary, T2R 1L9 Canada 1.403.229.4716
Unsubscribe karen.knoll-williams@lawsociety.ab.ca
Update Profile | Constant Contact Data Notice
Sent by aliafeedback@lawsociety.ab.ca powered by
Trusted Email from Constant Contact - Try it FREE today.
Try email marketing for free today!