January 8, 2019
Recent Loss due to Hacking and False Bills
The Alberta Lawyers Insurance Association (ALIA) is warning Alberta lawyers about an email hacking that resulted in the loss of trust funds, as well as a number of cases in which false legal bills have been sent to clients by potential fraudsters. ALIA continues to recommend that Alberta lawyers purchase cybercrime coverage to protect themselves and their clients from cybercrime and social engineering fraud.

Cybercrime loss

In a recent case, a client’s bank sent money to complete a real estate transaction to a potential fraudster’s account instead of the trust account of the client’s law firm. This happened after the bank was advised by a fraudulent email to deposit the funds into a different third party account. It appears the firm’s email had been hacked. The funds were withdrawn from the third party account and were lost.

ALIA has continued to see a number of hacking incidents in which fraudsters have attempted to redirect trust funds to third party bank accounts. The above example is a case where it appears the funds were actually lost. ALIA’s indemnity program covers participating lawyers against negligence and misappropriation in accordance with the terms of the group policy, but it does not currently provide coverage against cybercrime or social engineering fraud.

Starting in November 2018, ALIA made purchasing cyber insurance easier for Alberta lawyers through an arrangement with its broker, Aon Reed Stenhouse. Alberta Lawyers can purchase a robust cyber policy called the Beazley Breach Response Policy (the BBR Policy). Despite this coverage becoming available, to date it appears there has not been significant uptake by Alberta lawyers on the coverage provided by the BBR Policy.

ALIA recommends that all lawyers in Alberta obtain cybercrime coverage. If you wish to purchase additional coverage, please refer to our November 2018 ALIAdvisory for more details on the BBR Policy and other coverage options.

False bills sent to former clients

A firm recently reported that a package was sent to one of its former clients containing installment arrangements for payment of a legal bill. The legal bill and payment arrangements, including an installment payment/credit agreement purported to be signed by the firm, were false; the scam was uncovered when the former client sent the materials to the firm.

ALIA has also become aware of several emails circulating asking the recipient to click on a link through which payment may be made. These emails purport to come from lawyers, and in one case, from the Law Society of Alberta. Lawyers need to remain vigilant to protect themselves from phishing or hacking attempts.

Protect yourself from fraud

To help prevent loss from phishing/hacking attempts, be sure to follow these best practices:
  • Any change in banking instructions should be an immediate and major red flag. It is rare to recover funds once disbursed, even in cases of fraud.
  • Discourage/eliminate the acceptance of banking details or wire transfer instructions via email, and ensure your clients understand that you will not be using email to communicate changes in banking instructions by email unless they are confirmed by telephone.
  • If banking instructions must be received by email, you MUST confirm such details, especially any change in banking instructions, with the other party by telephone using confirmed contact information before disbursing monies (i.e. do not use contact information received via email).
  • Consider that emails received from a potential fraudster may appear to be identical to the legitimate email address. While you should keep an eye out for inconsistencies that may indicate a fraudulent email (for example, an email address slightly different from the known email address, details within email that are inconsistent with the file, poor grammar, spelling and formatting errors, unexpected foreign address, contact information that does not match client file records), do not assume that a fraudulent email can always be identified in this manner.
  • If a party’s email becomes hacked, cease to correspond with this party via email until their email is confirmed to be secure.
  • If your law firm is the party that was hacked, immediately contact your IT professional and stop using email until your IT professional advises otherwise.
  • If you or your law firm receive any request to handle a legal matter from a client who is from out of the country, consider the possibility that a fraudster is at work. To help protect yourself, follow these Client Identification and Verification Rules before taking on anyone as client.

Other ways to protect yourself from fraudulent emails include:
  • Check embedded hyperlinks by hovering your mouse over the link to verify the address.
  • Be wary of clicking on any attachments or links, they may contain viruses, malware and spyware.
  • Protect your computer with active and updated anti-virus software, spyware filters, email filters and firewall programs.
  • Keep your operating system and software up to date.
  • Make regular back-ups of important files.

ALIA remains grateful to Alberta lawyers and firms for their continued reports of potentially fraudulent activities.
The Alberta Lawyers Insurance Association (“ALIA”) does not provide legal advice. ALIAdvisory bulletins, ALIAlerts and the content on ALIA’s website, notices, blogs, correspondence, and any other communications are provided only for the general information of members who participate in the indemnity program and do not constitute legal or other professional advice or an opinion of any kind. This information is not a replacement for specific legal advice and does not create a solicitor-client relationship. If you think you would benefit from legal advice, please contact an Alberta lawyer directly.

Summaries of the group policy are provided for information only and are qualified in their entirety to the actual policy terms and conditions. Members should always review the group policy to determine their coverage or obligations in any circumstance.

ALIA does not independently confirm the facts or allegations of potential frauds received from its members. Links to third-party websites are provided for convenience only; ALIA does not vet or endorse the information contained in linked websites or guarantee its accuracy, timeliness or fitness for a particular purpose.

If you believe that you have been targeted by potentially fraudulent activity, please contact ALIAlert .