Lawyer-Impersonation Wire Fraud

Lawyers and law firms have long been favorite targets of cyber-criminals for phishing attacks and wire fraud. Lawyers who are involved in real estate closings or title work are particularly susceptible to attempts to divert funds being wired to third parties. We have cautioned lawyers to protect themselves against these attacks by verifying any change in wiring instructions through either face-to-face or telephone communication with the intended recipient using a telephone number that has been pre-established as a trusted method of contact. See, Best Practices: Preventing Wire Fraud, OBLIC Alert, May 10, 2022.

Recently we have received report of a twist on the typical wire fraud that has the potential to impact many more Ohio lawyers. Cyber-criminals are exploiting the lawyer-client relationship by impersonating lawyers to defraud clients. This is similar to the business impersonation fraud that the Ohio Attorney General’s Office recently warned was on the rise.

In one example, a lawyer’s email account was compromised, and the email address was used to send a message to a client directing the client to wire money to an account. The client was given the impression that the money transfer was necessary to demonstrate willingness to negotiate a resolution of the client’s claim. The cybercriminal also created email rules in the lawyer’s email account that blocked delivery of any emails directed to the lawyer that contained the client’s name. The client, believing that he was communicating with his lawyer, wired the requested funds. The lawyer did not personally  receive any emails from the client (because they were redirected to the scammer) and was unaware that the client was being scammed.

We recommend a two-step approach to protect against this type of attack.

(1)       Lawyers should stay vigilant in protecting email accounts by:

• Using strong passwords,
• Using two-factor authentication, and
• Regularly scanning for malware and signs of compromise

(2)       Lawyers should warn clients to recognize the scam and report it.

• For lawyers who do not have clients wire funds, the warning should advise clients that no lawyer or staff member will ever send an e-mail request for funds to be wire-transferred and instruct clients to notify (by phone) their lawyer or a member of the law firm staff immediately if such a request is received, and take no step to wire funds until the lawyer can confirm whether the request was legitimate or a scam.
• Lawyers who do have clients wire funds should establish a procedure for the client to securely verify wire transfer instructions well in advance of the intended transfer and instruct clients to notify their lawyer (by phone) if the client receives an email instructing them to deviate from that procedure.

Policyholders who have been victimized by a cyber-attack should contact us immediately. Time is of the essence in responding to any suspected breach, with chances of recovering stolen funds greatly diminished as time passes.  Depending on the circumstances, coverage for a loss may be available under the cyber breach insurance endorsement to OBLIC’s Lawyers Professional Liability Policy. As always, we are here to help.