risk-management.php

Cyber thieves are clever. They target lawyers because we direct transfers of money and they want to steal it.


DON’T FALL FOR IT!

Be suspicious of email instructions.

Cyber fraudsters will get in any way they can. Make sure it’s not through you.

Five steps to protect yourself.

Identify – Don’t accept email requests on face value. The email asking you to re-direct money might look genuine, but it could have been sent by a hacker.

Verify – Call the sender personally to check authenticity. Use a number you know, not one suggested in the email. Ask for the account number, write it down, then compare with the email.

Note – Make a file note that you made the call and confirmed the payment instructions, so you can prove it.

Warn – Tell the client they might also be targeted with fake emails from you and not to act on email payment directions without calling to check. Put this in your engagement letters.

Double-check – Involve a second person in the process and don’t action payment requests without proof that steps 2 and 3 have happened.

If you suspect funds have been stolen, stop payment at the bank immediately.


Download the poster below. Please put it up in your office kitchen to make sure everyone in the team knows what to do.

CLICK TO DOWNLOAD THE POSTER

 

Ican happen to you

No firm is immune from cyber-criminals and their fake emails. We are seeing an increase in attempts to steal money by hackers masquerading as either the client or the lawyer in fake emails. Below is a summary of two of our recent notifications.

The law firm duped

The firm acted for the vendors of a regional property sold for $295,000 with final settlement due in October.

Shortly before settlement, the firm emailed the client confirming payout details and requesting the client’s bank account details.

The client received the email and responded but the firm did not receive that response. Instead they received an email, purportedly from the client but actually from a hacker, setting out details of the account into which the net settlement proceeds should be paid.

Settlement occurred three days later and $110,000 was paid to the hacker’s bank account a further six days after that.

The following day the client phoned the firm to ask whether the property had settled and when they would receive the proceeds. On realising the earlier ‘email instructions’ were fraudulent, the principal’s secretary swiftly contacted the firm’s paying bank as well as the receiving bank into which the funds had been deposited. Fortunately, most of the money was still in the account and was able to be frozen by the bank and recovered. However, a claim was made against the firm for the small shortfall on the basis of a breach of trust in paying settlement money to an account the client had not authorised.

The client duped

The law firm acted for a purchaser of residential property. Their trust account details were provided in the initial engagement letter.

During the matter the client began receiving emails purporting to be from the firm but which were actually from a hacker. The client was asked to deposit $75,000 into the firm’s trust account and helpfully the email included the bank account details. The client responded to the email querying whether the account details were correct as they were different from the details previously provided. The hacker confirmed the new details to be correct and the funds were transferred to the new account and immediately transferred off shore.

The client had to find an additional $75,000 to settle.


For more information about cyber security click here.


1 June 2018

Take a step back

Seeing the big picture is essential for good matter management. Experienced busy practitioners practising in their area of expertise are still at risk of claims. Unless you take time to stop and think about each matter it is easy to assume it is just like the last one you worked on. Don’t get so caught […]

More
1 May 2018

Post mortem risk management

Good risk management includes analysing mistakes and learning from them. IWhat has a post mortem examination to do with risk management? A doctor conducting a post mortem thoroughly examines the deceased to try to determine the cause and manner of death. The results are also useful for research and educational purposes. Consider doing a post […]

More
1 April 2018

Conveyancing claims on the rise

What risk management practices are you doing to avoid a conveyancing claim? In 2016/17 LPLC received 127 conveyancing claims and notifications which represented approximately 30 per cent of all claims and notifications received that year. The cost is currently estimated to be in excess of $10 million. This represents an increase in both the number […]

More
27 March 2018

In Check Issue 78 | March 2018

Cyber fraud – it can happen to you No firm is immune from cyber-criminals and their fake emails. We are seeing an increase in attempts to steal money by hackers masquerading as either the client or the lawyer in fake emails. Below is a summary of two of our recent notifications. The law firm duped […]

More
1 March 2018

Will it be right?

Mistakes in the preparation of wills can be avoided with careful proofreading. In the 2016-17 policy year, wills and estates claims accounted for 11.7 per cent of the total cost of claims and 8.4 per cent of the total number. In the previous 10-year period, these figures were 6.8 per cent and 3.2 per cent […]

More
29 June 2017

Cyber security breach – claims caused by fake client email

It is no longer safe practice to transfer money to a client’s account based only on email instructions from your client. Always verify email instructions from a client, especially if it involves handling money, by confirming the details orally with the client. LPLC has received four notifications in the last two years, one only last […]

More
6 November 2016

CGT withholding payments – practical examples

Updated July 2017 Introduction This bulletin contains practical examples of how the withholding requirements, which commenced 1 July 2016 and were amended with effect from 1 July 2017, work. For more general information about the new regime please refer to the following two LPLC bulletins: 1 July 2017 amended CGT withholding payments for real property […]

More
19 October 2016

Cyber security cautionary tale

Introduction Cyber security needs to be at the forefront of everyone’s mind, whether you are in a small firm or a large firm. The recent experience of a Victorian law firm is a good example of how easy it is to be caught out. The realistic email A principal of one of our insured firms […]

More
6 July 2016

Amended CGT withholding payments for options, company title interests and indirect Australian real property transactions

Updated July 2017 Introduction This bulletin contains information on the withholding requirements which commenced on 1 July 2016 as amended in June 2017 by the Treasury Laws Amendment (Foreign Resident Capital Gains Withholding Payments) Act 2017 (Cwlth). This bulletin focuses on: options and rights to acquire company title interests indirect Australian real property interests. You […]

More
2 June 2016

1 July 2017 amended CGT withholding payments for real property sales

Updated July 2017 Key points Amended withholding requirements for contracts of sale of real estate worth $750,000 or more from 1 July 2017. All purchasers of such real estate must register to withhold 12.5 per cent for acquisitions from 1 July 2017 (previously 10 per cent) unless they are given a clearance certificate by the […]

More
15 June 2018

Attention to all the details

Attention to all the details in preparing a contract is crucial to ensure correct and intended execution of the contract as well as good risk management. Care must be taken when using standard form contracts and completing the variables. Near enough is not good enough! In one claim, the practitioner acted for the vendor of […]

More
8 June 2018

Seven ways to avoid a solicitor’s certificate claim

Providing a solicitor’s certificate for a borrower or guarantor is risky. It is essential to treat it as providing professional advice and not just witnessing documents. Following are key things to do to stay safe when giving this advice. Don’t see walk-in clients. The highest risk factor for solicitor’s certificate claims is new clients, particularly […]

More
25 May 2018

You need to take the good with the bad

When acting in litigation, it is essential to take detailed instructions about any circumstances that weaken your client’s case in addition to those that support the case. In one claim, the practitioner acted for a claimant in a claim under Part IV of the Administration and Probate Act 1958 (Vic) against the estate of her […]

More
18 May 2018

Avoid the section 32 traps

Every year LPLC sees conveyancing claims where the cause of the claim is defective section 32 disclosure. To properly advise clients practitioners need to understand the vendor disclosure obligations in the Sale of Land Act 1962 (Vic). Reviewing relevant cases, attending seminars about conveyancing and reading relevant texts are other things practitioners can do to […]

More
11 May 2018

Risks for the bank of mum and dad

Practitioners asked to act in transactions where parents lend money to their children to help them buy a house should stop and think about the transaction. Who are they acting for? Who else could think the practitioner is looking after their interests? If you are acting for the child in the purchase of the property […]

More
7 May 2018

Key Risk Checklist: Sale of land – questions for the vendor

Sale of land – questions for the vendor   Instructions ☐  Please circle yes or no as applicable. ☐  Please provide the additional information as indicated e.g. a copy of your title(s). ☐  If you do not know the answer or are unable to provide the additional information please insert the words ‘not known’. ☐ […]

More
24 April 2018

Key Risk Checklist: GST

GST is not simple but there are some easy steps you can take to help protect you and your clients. References to divisions and sections can be found in A New Tax System (Goods and Services Tax) Act 1999 (Cwlth). GST alert – for contracts entered into from 1 July 2018, purchaser to collect and […]

More
27 January 2018

Risk management audit checklist

Don’t wait for the worst to happen – use this audit checklist to determine and monitor whether your practice is at risk of a negligence claim. Introduction This audit checklist is a risk management tool for legal practitioners to determine and monitor whether their practice is at risk of a negligence claim arising from poor […]

More
18 December 2017

Key Risk Checklist: Electronic property transactions – office management

Electronic property transactions – office management checklist Office policy content Below is a list of issues to consider when writing your office policy and recommended responses. ☐  Who will hold a digital signature? The digital signature is embedded in a USB. Preferably only partners have digital signatures. ☐  How a digital signature’s USB and pin […]

More
18 December 2017

Key Risk Checklist: Electronic property transactions

Electronic property transactions – matter checklist ☐  Is there an electronic transaction clause in the contract? ☐  Discussed with the client whether the conveyance can be done electronically or on paper. – Land Use Victoria has announced that all transaction will be electronic by August 2019. ☐  Client told consequences of conducting electronically. Any paper […]

More
24 April 2018

Avoiding superannuation claims

Introduction Every year LPLC sees claims involving superannuation funds. Claims sometimes arise because the practitioner does not have sufficient knowledge or experience with superannuation matters. Practitioners who regularly act in this area will agree that extensive expertise and understanding is required to properly advise clients and to have the best chance to avoid a claim. […]

More
5 February 2018

Pitfalls in personal injury litigation

Personal injury litigation Clients seek out litigation lawyers only when something has gone wrong. In the personal injury arena, they have the added difficulty of dealing with a physical or mental impairment and its consequences. This means the relationship is going to be challenging from the start. It can be made even more difficult if […]

More
24 January 2018

A guide for executors

18 frequently asked questions about being an executor. This booklet provides a guide, in question and answer format, for executors about their role, their obligations and what is involved in managing and finalising an estate in Victoria. For more information executors should contact their legal practitioner. 1 Who is an executor? An executor is a […]

More
24 January 2018

A guide for beneficiaries

20 frequently asked questions about being a beneficiary This booklet provides a guide, in question and answer format, for beneficiaries about what is means to be a beneficiary, what is required of them and what is involved in managing and finalising an estate in Victoria. For more information beneficiaries should contact their legal practitioner. 1 […]

More
6 November 2017

Looking after leases

Introduction Looking after leases contains details of claims, relevant cases and legislation affecting retail leases. It is designed to raise your awareness of common problems in commercial and retail lease transactions, and help you protect your practice against claims. Residential leases, crown leases, caravan park site agreements and retirement village agreements are outside the scope of […]

More
1 June 2018

Risk video bite – Personal cost orders

Presenter: Matthew Rose, Risk Manager, LPLC

More
4 May 2018

Risk video bite – Family law financial agreements

Presenter: Alex Macmillan, Claims Manager, LPLC

More
6 April 2018

Risk video bite – Drafting

Presenter: Matthew Rose, Risk Manager, LPLC

More
2 March 2018

Risk video bite – Conveyancing

Presenter: Phillip Nolan, Risk Manager, LPLC

More
2 February 2018

Risk video bite – Personal injuries litigation

Presenter: Matthew Rose, Risk Manager, LPLC

More
16 April 2018

About LPLC – serving and protecting you!

It’s your insurance scheme! Your scheme provides universal, comprehensive and secure statutory professional indemnity insurance (PII). You get certainty of cover from year to year without the cyclical fluctuations of the commercial insurance market and automatic run-off cover to protect you from claims after you cease legal practice. The policy protects you from the financial […]

More
10 April 2018

Cyber fraud – five steps to protect yourself

Cyber thieves are clever. They target lawyers because we direct transfers of money and they want to steal it. DON’T FALL FOR IT! Be suspicious of email instructions. Cyber fraudsters will get in any way they can. Make sure it’s not through you. Five steps to protect yourself. Identify – Don’t accept email requests on […]

More
6 February 2018

Cost estimates | Client brochure

Many clients have never retained a lawyer before and do not know how to work effectively with them or understand what a cost estimate is. This lack of understanding sometimes contributes to claims against law firms that could have been avoided or minimised if there had been better communication between the firm and the client about […]

More
6 February 2018

Snapshot – Family law

Snapshots provide data and main causes of claims in areas of practice as well as risk management strategies at a glance. Click the image to enlarge or download above.                        

More
5 February 2018

Cyber security – how to protect yourself | Client brochure

Our firm has proactive steps in place to protect you and your information from cyber-attack. We also need you to take some precautionary steps to ensure the security of your information. What we will do Tell you at the start of a matter what our payment details are and not change those details unless we […]

More