Snapshot
- Principals should hold appropriate insurance, staff training, clear office procedures, and know who to contact in the event of a cyber attack.
- The Law Society regularly issues cyber fraud alerts and examples of trust-account scams.
With the rush on settlements at this time of year, law practices are often under huge pressures to get purchasers ‘in’ for Christmas. Principals of law practices should be taking steps to prevent the risk of a cyber fraud targeting the practice trust account.
Be aware of email infiltration
A cyber fraud concerning a law practice trust account often involves scammers infiltrating the IT system of a target. Scammers do this with an email that downloads malware and allows them to see the target’s email communications. Once scammers can see the target’s email communications, they wait for a legitimate party to send directions about their bank account details and then they follow it up with a scam email (assuming the identity of the legitimate party) with new fraudulent banking instructions.