The following is a shortened version of a recent note on cyber incidents that the B.C. indemnity fund recently sent its insured lawyers. These incidents are occurring everywhere. Preventing them requires diligence on your part whenever funds are being transferred.


Ransomware attacks

  1. A small BC law firm fell victim to a ransomware fraud with cybercriminals demanding immediate payment of over US$150,000 in Bitcoin. Unfortunately, this firm does not have cyber and privacy insurance that LIF arranged…because it did not rectify network vulnerabilities that were identified by Coalition in 2022. The firm will have to deal with this ransomware attack on its own. 
  2. A sole practitioner was hit with a ransomware attack arising from unauthorized access to her network. Fortunately, the lawyer regularly backed-up her client information. However, the disruption and aggravation of dealing with this attack has been immensely taxing on this sole practitioner.

Funds Transfer Frauds

  1. A controller at law firm A received an email request from law firm B to make payment of an invoice, in the amount of $40,000, for certain consulting services that law firm B had provided. The controller did not phone law firm B to verify the legitimacy of the payment instructions. If the controller had made a call to verify the instructions, the fraud would not have succeeded, and it is too late now to claw back the funds. Moreover, because the money was paid from the firm’s general account and not client funds, coverage was not available for a “Trust Shortage Liability” claim under Part C of the LIF policy.
  2. A sole proprietor in the Interior narrowly escaped a funds transfer fraud. The lawyer represented a client in a civil litigation matter and reached a settlement. He received an email requesting that the settlement funds be paid to a specified Canadian bank account. The email appeared to come from opposing counsel but was actually from the fraudster. Unfortunately, phone verification was not done. The good news is that the lawyer quickly discovered the fraud and immediately requested the bank to claw back the funds, which the bank has done. 

The two ransomware incidents prove that cybercrimes are absolutely not only a problem for big firms; the fear, stress, and disruption caused to a small firm cannot be overstated. Even if operations are restored, it is often not known if client information has been stolen or if it will be exposed later…

The two funds transfer frauds are typical of what we have seen time and time again. And while it is undoubtedly irritating to have to verify all payment instructions by phone, it is the easy – and only – way to avoid these frauds.