Fraud Alert
Be aware! Another BC law firm recently had its entire computer system infected with ransomware. The firm was blocked from accessing their computers, client lists, emails, accounting and financial information and other digital files until it paid a ransom in Bitcoin. The cause of the breach was likely a lawyer or employee clicking on a link in an attachment or email.
Scams like this can happen anytime, but scammers are always looking for ways to take advantage of times when fewer staff are working or there are added distractions around times like the holiday season. As always, be vigilant by remembering to:
- Think before you click!
- Never open a link or attachment in an email or text message from anyone you do not know.
- If you unexpectedly receive a link or attachment – even if it is from someone you know – call the sender using the telephone number you have on file (not the number listed in the message) to confirm the message is legitimate.
- If you open a link or attachment that you should have avoided, and a box opens that asks for your password or other information, stop. Close out. Immediately call your IT department to run a scan on your device(s) and inform your other law firm staff immediately.
- Avoid public Wi-Fi, and do not use unsecured Wi-Fi to connect to your work server to do any banking, or to send any confidential or personal information.
- Avoid working in public spaces where third parties may view screens or printed documents.
Learn about the 10 simple steps you can take to protect your system against a data breach here, talk to your IT professional and read the article, Ransomware: How to Prevent and Recover, from the Canadian Centre for Cyber Security.
If you plan to be away from the office this season or generally, arrange for a competent lawyer to supervise your practice and provide the lawyer and your staff with your contact information. Staff may not deal with trust funds, except in accordance with the Law Society Rules Part 3, Division 7 – Trust Accounts and Other Client Property. Ensure you and your staff maintain an awareness of the different scams, including the bad cheque scam, fraudulent changes in payment instructions, and ransomware.
Whatever you do, think before you click and remind all lawyers and staff to take these precautions.
Even if you have taken all the steps you can to protect your system, your clients and third parties can still make your system more vulnerable. Technology cannot keep up with evolving threats. Talk to your insurance broker about buying comprehensive cyber insurance. For information about managing this risk and more, click here.
If you have encountered or suspect that you have encountered a scam, contact Barbara Buchanan, QC, Practice Advisor, Conduct and Ethics, at 604.697.5816 or bbuchanan@lsbc.org.