The following is an excerpt from a fraud alert posted last fall to the Lawyers Indemnity Fund website (a division of the Law Society of British Columbia), with a scenario that could also threaten Nova Scotia lawyers:
"A BC law firm was hit with a sophisticated Trojan horse virus as a result of a weak password and an inadequate firewall. The virus has allowed the fraudsters to gain access to the firm’s banking and client information, and it has caused emails to be sent to people on the firm’s contact list. These emails can appear as though they originate from the law firm itself, another law firm on the firm’s contact list, the court registry or even the Crown Prosecutor’s office. Nothing on the face of the email looks out of the ordinary except that the email includes an attachment or, in some cases, a zip file to be clicked on and downloaded. Whatever you do, think before you click."
For more information about the recent ransomware attack in British Columbia, please click here.
In the past, similar ransomware virus attacks have been reported in Nova Scotia. A ransomware-infected email link or attachment may appear to be from a financial institution or company (e.g. a package delivery service), or, in recent times, with regard to COVID-19 related matters. Once an infected link or attachment is opened, the virus will begin to corrupt the victim’s system files. A pop-up window will soon appear on the computer screen, restricting access to the system and its files until a ransom is paid to the creator of the virus.
These warning messages may also claim to be from the RCMP or other government agencies stating that their computer has been frozen for a criminal investigation involving 'child pornography' or 'illegal music downloading'. This is an attempt to scare victims into sending money to unlock their system, although the computer will not be unlocked if the money is paid – the scammers will disappear once the funds are transferred.
These programs install themselves and encrypt files on the computer’s hard drive, and are extremely difficult to remove, with no guarantee that your data can be recovered. Here’s how to protect yourself:
- Be vigilant about the legitimacy of all emails received – do not open email attachments or click links from unverified senders
- Never click on a pop-up that claims your computer has a virus
- Turn on your browser’s pop-up blocking feature
- Keep your anti-malware and firewall programs up-to-date and perform scans on a regular basis
- Schedule regular system updates and maintain backups of your data to ensure that your files are protected
- Never download anti-virus software from a pop-up or link sent to you in an email
- If you’ve received a ransomware message, contact the Canadian Anti-Fraud Centre (1-888-495-8501) to report it
- If your computer becomes infected, do not pay the scammer’s ransom request – have it cleaned by a computer repair service to remove any malware.
As we've warned in the past, we bring this to your attention for several reasons. Social engineering fraud is not part of the cyber coverage we offer in our policy. In the similar cases, coverage has been denied by a cyber insurer when the lawyer/firm did not have the social engineering rider on its commercial cyber policy. Second, depending on the facts, there may not be coverage for such a fraud under the professional liability part of your insurance policy either. Accordingly, a lawyer falling victim to such a fraud who lacks appropriate insurance coverage could be in the position of having to reimburse their trust account for the loss.
For tips to avoid being victimized, or to report or seek advice on dealing with fraud and scam attempts, contact Cynthia Nield at cnield@lians.ca or 902 423 1300, x346.