Skip to main content

As the business sector continues to implement new strategies to protect against cyber risk, cyber criminals are constantly evolving different ways to steal money and confidential information.

The bank impersonator strategy of cyber criminals calling law firm staff directly is a developing trend we are seeing. In this scenario, the cyber criminal calls the firm purporting to be from the firm’s bank and tries to trick the operator into transferring money to fraudulent bank accounts, or to dupe them into handing over online bank account credentials allowing the criminal to clear out bank accounts.

In some instances, bank impersonators may have also gained fraudulent access to the firm’s email account and use information obtained there to support their deception.

Whilst banks do sometimes directly call businesses about banking matters, they will never ask for personal or business online login banking credentials. Banks have no need for these to conduct business or transactions at their end so there is never a need to ask for them. Handing over these details is like handing over the keys to your house to a criminal.

As well as financial institutions, we are also seeing similar impersonations with cyber criminals posing as telecommunications companies, for example the NBN scam.


Risk Management tips

Beware of cyber criminals calling law practices and impersonating their bank to trick staff into providing access to firm online banking login credentials.
Banks may call the firm, but they will never ask for online banking account login credentials including passwords. There is no need for them to do this.
Stay vigilant and review the firm’s staff training and policies and procedures to ensure they properly deal with impersonation scams. Regular and up-to-date training and robust policies and procedures are essential components of any firm’s cyber security strategy.
LPLC has produced a cyber security guide full of practical information to help lawyers be cybersafe. The guide outlines 5 key areas of focus (including staff training and policies and procedures) and explains why each is important to be included in cybersafe strategies for law practices.


More resources on cyber security

Cyber security guide for lawyers

Cyber awareness — An essential part of workplace training

Call first to avoid cyber fraud

Cyber fraud blink and it's gone

Enable multifactor authentication — a simple thing that could save you

Latest News & Alerts

All News & Alerts
News

PI Insurance renewals open

05 Apr 24

The LPLC Professional Indemnity (PI) Insurance portal is open for processing renewals for the 2024–25 year for private law practices.

Learn more
News

Holiday Season hours and new office location

21 Dec 23

Our office will be closed from 5pm on Thursday 21 December 2023 and will re-open at 9am on Monday 8 January 2024.

LPLC’s office will relocate to new premises at Level 19, 140 William Street, Melbourne, VIC 3000 from Monday 15 January 2024. Phone and email contact details remain unchanged.

Learn more
Alert

Snapshot of Major Victorian Property Tax Changes effective from 1 January 2024

Conveyancing, Tax, GST, Leases, Building and Construction, Building and Construction 13 Dec 23

The State Taxation Acts and Other Acts Amendment Act 2023 received Royal Assent on 12 December 2023. The new law introduces significant property tax changes in Victoria with effect from 1 January 2024.

Learn more
All News & Alerts
TOP