Cybersecurity Awareness Month- Week #3

Not every cybercrime involves manipulation of the victim’s computer or device. One of the most common cybercrimes targeting lawyers—the fraudulent check scam– uses email to manipulate the lawyer. In cybersecurity, this use of email to manipulate a victim into sending money is called “social engineering.” This week we share one example of this scam.

The Scam

Near the end of November, a solo practitioner in rural Ohio received an email from a Gmail account of someone claiming to have been referred to him by the bar association and asking if he handled sales/purchase agreements. The lawyer responded affirmatively and asked the potential client to call him. The client identified himself as the Chief Operating Officer of a medical device company that was looking to sell an anesthesia machine to an Ohio hospital. The medical device company identified was a real company in Arizona and the name given was the name of the COO identified on the company’s website. The client identified the specific machine to be sold and correctly identified by name and address a suburban hospital 90 miles away.

According to the potential client, the terms of the sale had been worked out and the lawyer simply needed to draft the contract and handle the exchange of payment. The payment was to be made in two installments. The first installment of $140,000 needed to be received within 7 business days prior to preparing and signing the contract. The hospital was being represented in the transaction by a broker who would be sending the lawyer the payment. The buyer’s initial payment was also to be used to cover the lawyer’s fee.

The lawyer received a letter of intent that identified the company that was purportedly acting as the hospital’s agent and the name of the agent. The company was a real company with a website and the logo on the letter of intent matched the logo on the website. However, the company was actually an insurance agency and the individual named on the letter of intent had left the company several years earlier.

The lawyer received a cashier’s check for $140,000 the week before Christmas. The lawyer deposited the check into his IOLTA the next morning and immediately withdrew his retainer. The client emailed the lawyer repeatedly that day insisting that the lawyer wire $125,000 out to an inspection company before the close of business so that a final inspection could be done and the sale could proceed. The lawyer followed the client’s instructions and wired the money out that afternoon.

Three days later the bank discovered that the check was fraudulent and reversed the deposit. The reversal of that transaction caused the lawyer’s IOLTA account to be overdrawn. The wired funds could not be recovered.  None of the real companies identified in the correspondence were involved in the fraud.

Lessons Learned

The example demonstrates the lengths that cybercriminals will go to make their fraud convincing and how they exploit people’s reliance on email and superficial internet research. As sophisticated as the scam was, however, there were red flags. Here are a few:

• The initial contact was from someone the lawyer did not know.
• The request purportedly came from a large company transacting with a hospital 90 miles away from the solo practitioner’s office.
• The emails came from a Gmail account rather than a company email account.
• The emails contained some typos and grammatical errors not typical of professional communications.
• The lawyer was asked to facilitate the funds transfer without performing any legal work.
• The client pressured the lawyer to complete the wire transfer the same day the lawyer received the check.
• The scam took place prior to a holiday.

How to Apply the Lessons Learned

One of the best ways that lawyers can protect against this type of fraud is to stay informed so that they can recognize the red flags and avoid the transactions entirely. Other best practices include:

• Researching the individuals involved carefully
• Using telephone numbers from resources other than emails from the alleged client to confirm that the transaction is legitimate
• Establishing at the outset of the representation that wire transfers will not be performed until there is confirmation that the issuing bank honored the check, that the funds are in the account and available for distribution, and that the receiving bank cannot reverse the deposit
• Not succumbing to pressure from the client to expedite the wire transfer.

To learn more about this scam, we recommend the following:

• Scam Alert!!, OBLIC Alert, April 3, 2018
• Attorney Trust Account Scam Promises High-Dollar Commissions on Medical Equipment Purchases, FBI Public Service Announcement, June 30, 2022
• Business E-Mail Compromise, FBI Public Service Announcement, January 22, 2015
• Lawyer Beware: Four Tips to Avoid Email Scams Targeting Lawyers, American Bar Association

As always, if you have any questions, please contact us. We are here to help!