In a world where unfamiliar and complex communications systems are the norm, it is not only the legislatively naive and digitally undereducated who are subject to expensive cons and scams. This difficult lesson was driven home at Dentons Canada last year during a real estate transaction, when an associate inadvertently wired $2.5 million to a fraudulent account in Hong Kong rather than to the intended recipient.
In an article in The American Lawyer, Scott Flaherty explains that the associate, who works at the Vancouver office of Dentons, received emails purportedly from affiliates of the mortgage company his firm was dealing with, asking the firm to transfer the funds to a different account than the one originally designated.
In fact, the emails came not from the mortgage company, but from a scam operator who was clearly familiar with the details of the transaction. Despite the firm’s carrying out what was seen as due diligence, the hoax went undetected and the funds were transferred to the fraudulent account. After it realized what had happened, the firm managed to recoup about a third of the money on its own, and turned to its insurance company for the balance. The insurance company refused to pay, and the matter is still before the courts.
Flaherty writes that a representative from Dentons Canada explained that the hoax began “when a third party’s computer system was breached, arming the fraudsters with knowledge of the details and timing of the underlying transaction, and allowing them to impersonate employees of the third party.” The representative also said that all Dentons lawyers and employees are extensively trained in matters relating to potential cyber fraud, and that none of the firm’s existing standards had been breached during the unfortunate transaction.
This and several other instances where law firms have been subjected to cyber theft and computer hacks serve as reminders that all of us need to raise our antennae when it comes to potential breaches – and to check on the status of our insurance policies as they relate to cyber fraud in case our antennae let us down.
I welcome your thoughts on this and any other matter related to the law, either in the comments section below or directly via email.