From employees who cross the line to cyber criminals, read about these risks in practice.

Lawyers will also want to consider commercial liability insurance to protect themselves from these frauds as they are not covered under the Policy.
 

Employee fraud

Forgery risks in mortgage transactions
Notice to the Profession, March 23, 2011

Do your systems protect you from employee fraud?
Practice Watch (p. 17), Benchers’ Bulletin, 2010 No. 3 Fall

 

Cybercrimes and more

 

Preface:  Cybercrime risk management

Risk management tips for social engineering frauds are available here

You will find a recurring message in the materials in this next section: Lawyers and law firms are particularly vulnerable to hackers. From lost laptops and thumb drives (two of the leading causes of data breaches) to malware attacks, you are at risk. 

Protect your systems and your data. Take the ten simple steps set out here (see below) and read the resources that follow for details and more tips. Speak with your bank about steps that you can take to enhance security, including the advantages of receiving trust funds electronically.

 

Law Society resources

Dealing with Cryptowall ransomware – an in-depth review of the virus and how to avoid getting caught
Practice Tips, Benchers’ Bulletin, 2015: No. 1 Spring

Cryptolocker ransomware alert – 10 steps to avoid getting caught by ransomware
Practice Resource, December 2013

Making your e-communications secure – tips to make your email communications more secure (scroll to second page)
Practice Tips, Benchers' Bulletin, 2014 No. 3 Fall

Security practice tips – tips to improve the security of law firm IT systems
Practice Tips, Benchers’ Bulletin, 2014: No. 2 Summer

Tech security for lawyers – deals with a variety of security issues relating to technology, including malware
Practice Tips (p. 9), Benchers’ Bulletin, 2012: No. 1 Spring

Cloud computing due diligence guidelines and cloud computing checklist – due diligence and risk management information about the use of technology and third party data storage and processing

Law Office Administration – includes resources relating to technology and safety and security

Other resources

Cybercrime and Law Firms: The risks and dangers are real
LawPro Magazine, December 2013

The Government of Canada’s Canadian Anti-Fraud Centre’s (CAFC) website - includes resources such as the Get Cyber Safe Guide for Small and Medium Businesses

And remember section 3.3 of the Code of Professional Conduct regarding a lawyer’s obligations to keep a client’s information confidential and Law Society rules 10-4 to 10-5 regarding records and security of records. If you have questions about your professional obligations, please contact Practice Advice.

 

Ten simple steps you can take

Talk to your IT professional about these and other preventative measures you can take to protect your systems and your data:

  1. Use strong passwords and change them regularly.
  2. Properly configure a firewall between the firm’s system and the internet.
  3. Use up-to-date antivirus and malware endpoint protection on computers, laptops and handheld devices.
  4. Backup your data – talk to your IT professional about frequency (including staggering).
  5. Use encryption to protect laptops, removable media and back up media.
  6. Make sure all critical patches and security updates are applied as soon as possible.
  7. Monitor your systems for any suspicious activity.
  8. Use VPN or other encrypted connection to access public wireless networks.
  9. Keep servers and equipment physically secure.
  10. Cancel access to the network when employees are terminated.

Phony email payment instructions targeting clients in the US
E-Brief, February 2017

What to do if your laptop or briefcase is stolen
Practice Resource, December 2016

Fake Law Society complaints a cyber risk to lawyers
E-Brief, December 2016

Email containing Trojan virus eludes standard security software
Notice to the Profession, August 6, 2015

BC law firm's computer system hacked by extortionist
Notice to the Profession, December 31, 2014

Incorporating a company for a new client outside of BC? Beware of a new scam
Practice Watch, Benchers' Bulletin, 2014 No. 4 Winter

Request to replace a trust cheque - eDeposit scam
E-Brief, July 2014

Beware of fraudster wanting to upgrade your point of sale terminal
E-Brief, May 2014

Fraudsters may impersonate you – search your name on-line
Practice Watch (p. 17), Benchers' Bulletin, 2013 No. 4 Winter

Ontario law firm victim of large fraud due to infection by Trojan banker virus
Notice to the Profession, December 21, 2012

The Little Black Book of Scams, fake websites and lawyers (Note: link to The Little Black Book of Scams)
Practice Watch (p. 11), Benchers’ Bulletin, 2012 No. 2 Summer

Fraudster pretending he’s been hired to create a law firm’s website
Practice Watch (p. 11), Benchers’ Bulletin, 2012 No. 2 Summer

Have you received an electronic trust deposit "by mistake"?
Practice Watch (p.10), Benchers’ Bulletin, 2010 No. 3 Fall

Getting rid of your photocopier? A potential gold mine for fraudsters
Practice Watch (p. 10), Benchers’ Bulletin, 2010 No. 2 Summer

New lottery scam
Practice Watch (p. 22), Benchers’ Bulletin, 2009 No. 1 Spring

Scams to look out for
Practice Tips (p. 20), Benchers’ Bulletin, 2007 No. 2 May