BC Lawyers Taking Steps to Fight Internet Fraud
Trial Lawyers Association of BC | The Verdict | Issue 162
On August 6, 2019, the Law Society of British Columbia issued a fraud alert announcing that two BC law firms had recently fallen victim to internet fraud involving millions of dollars of trust funds being redirected by fraudulent email. The Law Society issued similar alerts on July 6, October 11, and December 15, 2017. Fortunately, for every firm that falls victim to internet fraud, many are threatened but do not take the bait. One such firm in BC was recently targeted by online fraudsters.
A lawyer at the firm sent an email to clients welcoming them back from their holiday and reminding them that he continued to hold funds in trust for their anticipated real estate transaction. The day after the lawyer sent the email, he received a response asking that the trust funds be wired to a bank account outside of BC. The email message directly responded to his email and used the correct names of the clients; however, the request seemed suspicious to the lawyer and the information in the email was unfamiliar to him. When he looked closely at the email address, he found that it was spoofed. Fraudsters had registered a domain name that was similar to the one used to host the clients’ email. For example, if the legitimate address was email@example.com, then the spoofed address would have been something like firstname.lastname@example.org, the letter “u” being replaced with an “v” so as to escape detection and look like the legitimate address.
Fortunately, the spoofed address did not escape the lawyer’s attention and he immediately notified his firm and instructed that no one was to respond to the email and that the wire instructions were not to be followed. The firm’s policies would not permit wire transfers in such circumstances in any event. He then reported the situation to the Law Society, his nearest police station, the Canadian Anti-Fraud Center, the bank referenced in the fake email and the police station nearest to it. He also notified his clients, who thanked him, immediately changed their passwords, and reported the situation to their Internet provider.
When the lawyer spoke with his clients about how the breach could have occurred, he learned that they may have used unsecured networks to log into their email accounts while traveling abroad. When the firm reviewed the situation, it traced the emails in question and determined that there had been no breach on its end and that the fake email likely originated in eastern Europe. Given this information, the most plausible explanation for how the fraudsters intercepted the lawyer’s original email was that the clients’ account was indeed compromised during their travels. Fortunately for the firm and clients, the lawyer immediately detected the fraud attempt and took steps to ensure that the fake email was flagged, correct parties were notified, email accounts were secured, and no harm was done beyond the anxiety caused and time wasted.
In light of the recent resurgence of attacks, both successful and unsuccessful, it may be time for firms to increase efforts to protect themselves and their clients against internet fraud. Stopping an attack before it causes significant damage is better than making an insurance claim and losing face. Many tangible anti-fraud measures can be implemented by the right consultants using the right tools.
Email policies can be configured to detect and warn against “phishing” attacks, the use of bogus email to mimic genuine email causing information to be divulged or acts to be taken, such as being fooled into releasing trust funds. If bogus email is detected by the policy, it is flagged for further review, instead of it simply appearing in an inbox alongside legitimate email. Once flagged, phishing attacks can be quarantined and neutralized.
Online monitoring tools can be deployed to detect attempts to spoof a firm website by scraping, the use of software to download the contents of a website for the purpose of making a fake version. If it seems that the contents of a website have been scraped, websites can be changed in response and searches can be regularly conducted to detect if a fake version of the website appears online. If a fake version appears, steps can be taken to report it and have it removed.
Enhanced email policies and online monitoring are only a few examples of the kinds of measures that can be taken to combat internet fraud.
Sean Dillman is a lawyer (partner) and legal IT consultant based in Victoria, British Columbia. His legal practice consists mostly of real estate, corporate and company law, estate administration, and estate and incapacity planning. As a legal IT consultant, Sean works with lawyers to enhance their online presence and advise on the use of technology in practice management. Visit www.lyonsdillman.com and www.firmdesignworks.com for more information.
204-1110 Government Street
Victoria, British Columbia, Canada
p. (250) 590-1030
f. (250) 590-1042