Reprinted with permission from CentricPro.

Though lenders are for the most part NOT advertising these services – most banks now offer at least one of the following fraud prevention devices: Positive Pay, Reverse Positive Pay, ACH wire blocks and/or International wire blocks. With the spate of cyber-attacks inflicting substantial losses on attorney IOLTA accounts around the region, it may behoove you to investigate whether your lender offers at least one of these services. So what are they?

Positive Pay:
The positive pay system typically works like this: you provide your lender with a list of checks written from your IOLTA account – for instance, every time you cut checks for a closing, you send that list/disbursement sheet/spreadsheet to your lender. As checks are presented for payment on your account, an employee of the bank will verify the details of each check against the list you provided them to make sure the information is identical. For any anomalies or for any checks presented for payment that do not appear on your list of checks, the lender will contact you.

International Wire Blocks:
Simply put, if you don’t do business internationally, then you have no reason to anticipate an international wire. Ask your bank to place an international wire block on your IOLTA account. Thus, no one will be able to wire money fraudulently into or more importantly, out, of your account.

ACH Fraud and ACH Wire Blocks:
ACH stands for Automated Clearing House and is an electronic funds transfer process between bank accounts. There are only two pieces of information required to commit ACH fraud: a checking account number and a bank routing number. And this information is available on every check you issue. If someone in the firm has been the target of a phishing email and tricked into running malicious keylogging software that records keystrokes, or if a check simply falls into the wrong hands, criminals can get the information they need, including bank account user names and passwords in order to perpetrate an ACH fraud¹.

Back in 2009, the FBI reported that there had been approximately $100 million in losses due to ACH fraud with new victim complaints opened on a weekly basis². Unfortunately with the frauds that continue to be reported today, this is not something that is going away.

Some of you may remember the movie “Catch Me If You Can” with Leonardo DiCaprio playing the role of Frank Abagnale, a counterfeiter who thwarted the FBI’s efforts at capture for years only to become an employee of that organization. The tips noted below are excerpted from an article written by Mr. Abagnale to help those who wish to avoid falling victim to ACH fraud.

1. Ask your bank to place ACH debt blocks on accounts that should not have ACH withdrawals. For example, a trust account or refund account should not have withdrawals via ACH. Such accounts should have ACH blocks. An ACH block rejects all ACH debits³.

2. Bank accounts should be structured so that authorized ACH debits occur in only a few designated accounts. Ask your bank to place an ACH filter on those accounts. An ACH filter allows debits only from companies that have been preauthorized, or in preauthorized dollar amounts. If your bank does not offer an ACH filter, open up a new account exclusively for authorized ACH debits, and restrict who has knowledge of that account number⁴.

3. Monitor all unblocked accounts daily to catch unauthorized activity. Companies have two business days to reject an unauthorized debit and recover their money. If an unauthorized debit is not questioned for more than two days, it will be much more difficult to recover lost funds. Because all fraudulent ACH transactions originate in real bank accounts, unwinding them is quite straightforward if caught in a timely fashion⁵.

We offer this information in order to help you stay on top of current trends in the marketplace and to help you evaluate the various tools available in order to better protect your accounts and your clients’ funds.

¹Goodchild, Joan, “ACH Fraud: Why Criminals Love This Con.” CSO Online (2010), available at: http://www.csoonline.com/article/2125833/malware-cybercrime/ach-fraud–why-criminals-love-this-con.html

²Id.

³Abagnale, Frank, “How to Help your Clients Combat ACH Fraud.” Intuit Accountants News Central (July 14, 2014), available at: https://blog.accountants.intuit.com/from-the-experts/how-to-help-your-clients-combat-ach-fraud/

⁴ Id.

⁵ Id.

Republished with permission from CentricPro.

Ransomware is malicious software or malware that encrypts information or parts of your network, preventing access.  A ransom is demanded in exchange for an encryption key to unlock the network.  You are notified and given a short amount of time to pay the ransom or your data is lost forever.  In addition or in the alternative, the criminals may add the element of extortion, and demand payment or else they will release information or use it against you.

In a recent article in LegalTech News titled New Ransomware Strains Can Cause Headaches for Unaware Attorneys, it was reported that 28 new strains of ransomware were discovered over the past few months.  Some of the new strains are reported to be the result of copycat cyber criminals, but others are from more experienced professional criminals and harder to crack.  They are using new techniques and approaches, as well as new ways to extort money from victims.  One new attack is referred to as a “hybrid ransomware” where they not only lock the user’s files, but they lock the whole computer and use it to perpetrate further attacks within or outside the network.  The article warned attorneys to expect more of it, with attacks estimated to double or triple compared to last year.

In addition to working with your IT specialists to assist in cyberattack prevention, you need to be sure you have excellent back up in place and be sure to educate and train your staff.  Ransomware is most successful when you allow access by downloading what may appear to be an innocent program or file.  Increase your cybersecurity training and enforcement of your cybersecurity policies internally to help mitigate the issue.  In addition, be sure your law firm has proper cyber insurance coverage.

To learn more, contact ">Colleen M. Capossela, Esq., President of CentricPro Management Services, Inc.

Reprinted with permission from CentricPro.

Email has become one of the most convenient and efficient ways of communicating.  Unfortunately, it has now also become one of the most convenient and efficient ways for scammers to fool us, especially with regard to wire transfer schemes.  Even the best-managed law firms could fall victim to scams that intentionally mislead unsuspecting employees into sending money or diverting payments to fraudsters who are impersonating clients, attorneys, lenders and Realtors.

These schemes are commonly referred to as social engineering scams where your employees are tricked with fake information received generally by email. The email appears to be legitimate, but it is not.  It is a fraudster looking to get you to send money without realizing you are sending it to an imposter.

In the past week we were informed by a couple of CATIC Agents of fraudulent wire requests.  One agent noted that as buyer’s counsel he received an email from seller’s attorney on a matter that would be closing soon requesting wiring of additional funds.  References to the parties and the transaction appeared accurate, but there were some grammatical errors in the body of the email.  In addition, in reviewing the email more closely the agent noticed that the email addresses of some of the parties were changed by one letter.  This situation thankfully has a happy ending, with the attempted scam being prevented due to the vigilance of the attorney.

But unfortunately we are contacted by others and the results are devastating.  Because the emails look so legitimate, at times the clues are not detected.  At the CATIC Agent Forum, a representative of the FBI showed that it can come down to merely a change in an email address with the rest of the email appearing to be legitimate.  It could simply be the changing of an “l” to a “1” in an email address which is very difficult to detect.  Further, when responding you would not get an invalid email response back because the scammers are smart enough to pay the nominal cost for buying the scam domain name.

Lessons to be learned:  Carefully examine all aspects of your emails.  Do not automatically trust what you are receiving.  Also set up email policies in your law firm and educate everyone on the dangers.  In addition, make sure your law firm is properly covered by insurance in the event someone in your firm falls victim to a social engineering scam.

To learn more, contact ">Colleen M. Capossela, Esq., President of CentricPro Management Services, Inc.