Skip to content

Narrow screen resolution Wide screen resolution Auto adjust screen size Increase font size Decrease font size Default font size default color brick color green color
CAFCOR Forum
_GEN_GOTOBOTTOM Post Reply
TOPIC:
#19397
FRAUDSTERS penetrated LAWFIRM'S e-mail system: SNOOKERED instructions BANKS TO RELEASE CLIENT FUNDS 2023/03/24 13:27  
Not legal advice, as usual

A Superior Court judge in Ottawa has ordered a bank and a depositor to return SEVERAL clients' ( in trust ) REAL ESTATE SALE proceeds ruled hoodwinked last summer out of an Ottawa lawfirm which I will identify only as MM Law.

This ("cyber-") crime respectfully is not really a laughing matter amidst title or mortgage frauds. Given the millions of all types of transactions that occur without any hitch, one should not lose perspective.

But how comfortable should it be for the public. the Law Society of Ontario, its registrants & their insurers ? Such includes that invasive fraudster e-mails can patiently convert or mis-direct or hoodwink the proceeds of genuine real estate closings, particularly if inconspicuous or timed amidst peak levels of closings. And just prior to holidays with buyers potentially changing locations ?

Sounds like insurers are challenging that this may be sloppy diligence rather than an insurable business risk ?

And should the general public start seriously worrying how safe are general dispersals of all sorts of trust funds ?


So-called SPEAR PHISHING mis-direction of funds - including after fraudsters penetrate a lawfirm's e-mail system - is a risk of concern to lawfirms big & small. That's even if the outrageous title or mortgage frauds get far more publicity in the general press.

One earlier ( 2016-17 ) victim firm's application ( against its insurer ) labelled it "social engineering fraud"

Presumably the clients have already been made whole by the Ottawa lawfirm /its insurers. But do those insurers wanna suck up this loss or should they dare ? . . .

The just-released Ottawa judgment describes that the Applicant law firm MM had been retained to assist vendors in four real estate transactions closing respectively on June 16, 21, 22, and 23 of 2022.

It cites that unbeknownst to MM Law, fraudsters had breached the law firm’s email system before the closing dates !

It further cites that the fraudsters used that surreptious knowledge to impersonate MM Law’s clients and/or XXX Bank employees in emails . The fraudsters successfully requested that the proceeds of the transactions be transferred to different accounts than those originally provided by the clients.

Unsuspecting foul play, "employees of ( MM Law ) transferred (through wire transfer) the proceeds of three of the four transactions from the firm trust account to accounts that were not controlled by the clients. "

The mis-directed closing funds then went willy-nilly where mis-directed ! The judgment cites that in total, $ 959,102.05 of trust funds were fraudulently diverted .

Amazing the so-called SPEAR PHISHING damage that can be done creatively by those able to break into lawfirm's internal e-mails. And then can take their time to plan & easiest trigger such as this !

Commendable that the hoodwinked folks - uncertain their insurers if also exposed ? - had dared to be publicized, albeit to litigate the unwilling return of whatever spear-phished funds could be found.

Anyway, to the applicant lawfirm MM the judgment judicially orders a non-contesting bank to disgorge approximately a residue of $ 250 K from its self-represented respondent bank account holder. Enough chutzpah to try to brazen things out ? The depositor didn't want to willingly surrender what the judge rules are among the allegedly hoodwinked funds ( along with $7,500 in costs ) ?

Would this even have come to public attention otherwise ?

( What next ? : ? Insist on payments in chickens ? Jump into a time machine to return to LIVE FACE TO FACE interactions at Land Registry / Land Titles / Service Ontario Offices to trade purchase funds for keys from familiar paralegal like the long gone ol' days ? )

McGuinty Law Offices Professional Corporation v. 13819850 Canada Inc., 2023 ONSC 1880 issued March 21/23 https://canlii.ca/t/jw8tr

March 24/23 Ottawa Citizen : “McGuinty law firm will get back frozen funds mistakenly sent to alleged fraudsters, court rules. subtitle : Alleged fraudsters impersonated clients of the law firm and bank employees in emails and requested that funds be transferred to different accounts than those originally provided by the clients.” by Aedan Helmer

https://ottawacitizen.com/news/ottawa-law-firm-will-get-back-frozen-money-mistakenly-sent-to- alleged-fraudsters-court-rules

addendum : below : some background to a topic which lawfirms, banks, realty participants & insurers are likely not dancing with joy for the general public to know and worry about
  The administrator has disabled public write access.
#19398
FRAUDSTERS penetrated LAWFIRM'S e-mail system: SNOOKERED instructions BANKS TO RELEASE CLIENT FUNDS 2023/03/25 11:50  
Not legal advice, as usual.

About fraudsters able to penetrate a lawfirm's email system – big or small – and carefully platform mis-direction of funds held in trust including proceeds of realty sales ?

About penetrators able to chose timing for spear fishing fraud eg late Fridays or on brink of holidays ? Heaviest seasonal loads of real estate closings ? ? small value closings ? Overseas parties ?

Howsoever unusual it may NOT be well ( enough ? ) known to the general public nor willingly publicized outside the legal industry.

Should the Ottawa lawfirm have realized the risk or that its e-mailing system had been compromised ? ( See the Ontario Bar Association article below ). Is prevention impossible ?

Who knew / knows about holiday 2016-17 whopper mis-direction of $ 2.5 M in proceeds perpetrated against Vancouver branch of giant xxx LLP in late December 2016 / early Jan 2017 ? Penetrators able to chose best timing for fakery eg late Fridays ? Holidays ? Heaviest load of real estate closings ? Overseas sellers ?

- Jan 28 /19 Ontario Bar Association article “Fraudster Dupes Canadian Lawyer into Misdirecting $2.5 Million” (LeBrun & Micucci ) https://www.oba.org/Sections/Young-Lawyers-Division/Articles/Articles-2019/January-2019/Fraudster- Dupes-Canadian-Lawyer-into-Misdirecting?lang=fr-ca

( article cites : Dentons Canada LLP v. Trisura Guarantee Insurance Company, 2018 ONSC 7311 https://canlii.ca/t/hwkbb ( The $ 2.5 M 2017 New Year’s whopper : xxx LLP applied against its insurer but which respondent obtained Endorsement that the application become an “action”. Un-publicized resolution ? )

xcerpted : " [5] The dispute arises from an insurance claim submitted by the applicant, Dentons, to Trisura on April 10, 2017.

The insurance claim arises out of an alleged social engineering fraud, in which Dentons asserts that one of its lawyers was duped into transferring over $2.5 million in funds belonging to a client to a fraudster’s account in Hong Kong. . . . .

[7] The transaction was completed at the end of business day on December 30, 2016. Dentons did not initiate the wire transfer to Timbercreek until the following business day, January 3, 2017. . . . ) - unquote from the judge's Endorsement

- canlii.org article links to “CYBERSECURITY AND LAW FIRMS” 2021 CanLIIDocs 988 viewable from the preceding, where see : 1.4 "Law Firms as High Priority Targets ”
  The administrator has disabled public write access.
_GEN_GOTOTOP Post Reply
contact webmaster