Law Society’s email scam warning comes true

by Sophie Schroder10 Dec 2014
An Auckland barrister has had her email account hacked and clients targeted in an elaborate scam that appealed for money.

Criminal barrister Annabel Maxwell-Scott has gone public in order to warn others about the “horrible” scam.

The website Stuff reported that the lawyer’s email address was hacked and messages were sent to her contact list appealing for money for a kidney transplant.

The email said Maxwell-Scott was desperately ill in Malaysia and in need of an urgent operation.

Although many clients rang her to enquire about what was going on, devastatingly a friend in Britain transferred more than $3,500 to the named bank account, the website reported.

The women had just lost her job and was “very stressed, not herself”, said the barrister.

"The saddest thing is she did it because she is kind and lovely."

Maxwell-Scott believed she was hit by a malware email the week before that then found its way into her computer, and uncovered her Google Gmail password.

That document looked like any normal document a lawyer would get, she said.

In October, NZ Lawyer spoke to the New Zealand Law Society’s financial assurance manager Jeremy Kennerley about the dangers of email scams.

He confirmed that there seemed to be an increase in cases of online hacking within the legal profession, thanks to a couple of recent trends.

“The first is use of email and the prevalence of email instead of waiting for a standard letter, and the other thing is that businesses have gone more global. Clients are living overseas, so there’s reliance on communication of distances and time zones.”

If a lawyer receives a client email asking them to carry out a transaction, it would be a good idea to try and have a direct phone conversation to confirm the instruction, says Kennerley, adding there have also been instances where a law firm’s email system has been taken over by criminals.

And although of course lawyers aren’t the only profession targeted by such criminals, they are probably one of the more common - and increasingly so.

“Lawyers by the nature that they have trust accounts with public money make them a target. Also, lawyers are the first trusted advisor of the traditional family - they are the first person you go to – so there is a high level of trust with a client.”

Kennerley and the Law Society are advising lawyers to assume the emails they receive may not be genuine, unless they use an encrypted system. However, even an encrypted email is only as safe as the password used, he says.

Another suggestion if the client is not easily contactable by phone is to verbally agree on a ‘safe’ or ‘code’ word or phrase which can be used in the email to verify identity and authenticity.

The issue needs to be taken seriously as hackers have syphoned off six and even seven figures in the past, he says.