Internet Scams Targeting Attorneys
Attorneys are highly educated, trained to be thoughtful, analytical and most importantly skeptical. It will come as a surprise then that attorneys are also particularly vulnerable as a group to certain internet scams, in part because of the way that most attorneys obtain clients and in part because of ethical codes imposed on the profession. Scam artists have in turn become efficient and sophisticated in targeting the vulnerabilities of lawyers. Despite repeated warnings from bar associations and legal publications, many unsuspecting and otherwise mindful attorneys still fall prey. This article explores three internet scams specifically targeting attorneys:
1. “Fake Client/Check” Scam
This scam has been around for several years, targets the way many attorneys obtain clients, and only works because of procedures in place for attorneys’ escrow/IOLA accounts. One of the many consequences to the attorney-victims of this scam is that the money lost from their IOLA account often belongs to bona fide clients.
We live in an age of convenience. Most people are unwilling to call a restaurant to make a reservation. The same is often true when hiring attorneys. Many attorneys, especially small firms and solo practitioners, get their clients through the internet, through LinkedIn.com or even direct messaging to an attorney’s email address posted on a firm website. The internet has made attorneys more accessible to potential clients worldwide and has had wide benefits to practitioners.
The ease of the internet has also led way to a now-common internet scam targeting attorneys. An overseas potential client will email a U.S. attorney to recoup a debt owed by a local entity in the attorney’s jurisdiction. The potential client and local entity usually appear legitimate and may even be a real company and/or person. The foreign client, however, provides contact information that looks legitimate but instead is their own contact information. The foreign client generally signs a retainer agreement, and after some demand letters and back and forth, the attorney will succeed in obtaining a check from the local entity to pay the debt. The attorney then deposits the check in his escrow account and after it seemingly clears, he wires the funds (less his fees/retainer for future services) to the client’s foreign bank account. However the check has not cleared, instead the attorney’s bank provided provisional funds, funds the bank provides clients even if the legitimacy of the check has not been verified, and now the attorney is on the hook to replace the funds the bank provisionally provided. The “client” and the wired funds are nowhere to be found.
There are many variations of this scam. For example, in one variation a scammer posing as a property investor asks a
real estate broker for a referral to an attorney. The attorney has had a long standing relationship with the broker, i.e.
his guard is down. Then investment funds are sent by check to an IOLA account, but suddenly the investor needs the
funds back for some “emergency”. Fearing penalties for mis-handling a client’s funds, the attorney wires provisional
funds to the scammer. The check bounces and the investor is gone.
Attorneys who fall victim to this scam often have represented foreign clients in the past so the initial request and
retainer do not seem unusual. Small firms and solo practitioners are under intense pressure to sign new clients and the
offer appears to be easy money especially because the “client” agrees to any fee terms the attorney suggests. Small
firms also do not have the financial controls implemented at larger firms putting them at greater risk. A smaller firm
may not have an accounting department knowledgeable about provisional funds and banking practices. The scams work
because of a mistaken belief that a bank will inform the attorney when the check “clears.” However, as detailed below,
this is not how banks work.
After the check has bounced, the bank freezes the IOLA account (and often the attorney’s personal accounts) and/or
sues the attorney to collect the “provisional funds” which were wired to the scam artist. Since the check bounced, there
is no money to cover the funds—the scammers are nowhere to be found and often in foreign countries which are
uncooperative with U.S. criminal investigations.
Ability to Rely on The Bank’s Representation That a Check has “Cleared”?
In one recent lawsuit where a bank sued an attorney who fell victim to this type of scam, a representative of the bank
actually told the attorney that the check cleared before the attorney wired the funds. The attorney thought he could
rely on the bank’s representation that the check “cleared” and that representation was proof of the validity of the
check, right? Wrong! As ruled by the Court of Appeals in Greenberg, Trager & Herbst, LLP v HSBC Bank USA, 17 N.Y.3d
565 (2011), dealing with a bank suit against an attorney for a check scam, a banking client cannot rely on a bank’s
representation that a check cleared.
In Greenberg, Trager & Herbst, LLP, during a telephone conversation, HSBC informed the attorneys that the check had
cleared. The attorneys then wired $187,750 to Hong Kong based on a belief that the check had cleared. Thereafter,
HSBC notified attorneys that the check was dishonored as “suspect counterfeit.” HSBC then revoked its provisional settlement and charged back attorneys’ account. The attorneys commenced an action against HSBC. The Court of Appeals found that the “oral statement by the HSBC representative that the check had ‘cleared’ [was] an ambiguous remark that may have been intended to mean only that the amount of the check was available (as indeed it was) in [the attorney's] account. Reliance on this statement as assurance that final settlement had occurred was, under the circumstances here, unreasonable as a matter of law.” Id. at 580.
Further, the Court noted that “[t]he term 'cleared' is not employed in the UCC and, as commonly used, is not the
equivalent of 'final settlement'" Id. at 578, n. 8; see also Call v. Ellenville Nat'l Bank, 5 A.D.3d 521, 524 (2d Dept. 2003),
(finding that the statutory allocation of risk found in the UCC should not be altered by the defendant bank's alleged
representation to the plaintiff that the check had "cleared."); Law Offices of Oliver Zhou v. Citibank N.A., 2016 U.S. Dist.
LEXIS 65110 (S.D.N.Y. May 17, 2016); JPMorgan Chase Bank, N.A. v. Freyberg, 171 F. Supp. 3d 178 (S.D.N.Y. Mar. 17,
2016) (finding no liability for the bank’s provision of provisional funds for a counterfeit check); Margot J. Garant, Inc. v.
Suffolk County Natl. Bank, 46 Misc. 3d 1218(A) (Sup. Ct. Suffolk Co. 2015) (finding any reliance on the defendant-bank’s
representation that a check cleared by the plaintiffs was unreasonable as a matter of law); JP Morgan Chase Bank, N.A.
v. Popovic, 26 Misc. 3d 1216(A) (Sup. Ct. Albany Cty. 2009) (finding no liability when a bank takes seven weeks to notify a
customer of a dishonored check); see also Bank of NY v. Asati, Inc., 184 A.D.2d 443 (1st Dept. 1992); but see JP Morgan
Chase Bank, N.A. v. Pinzler, 28 Misc. 3d 1214(A) (Sup. Ct. 2010) (a pre-Greenberg decision denying summary judgment
on a negligence claim finding that more discovery was necessary to determine whether Chase acted negligently by
asserting that a check cleared.).
As described above, the term “cleared,” despite its wide-spread colloquial use, does not really have any legal
significance. The processes of the check collection system employed by banks is described in Northpark National Bank v
Bankers Trust Co., 572 F Supp 524, 525-526 (S.D.N.Y. 1983):
Two features of the modern check collection process are central to the understanding of this fraud. The first is that,
notwithstanding the colloquial suggestion to the contrary, checks deposited for collection do not generally "clear." That is, provisional credits - on the customer's account at the depositary bank and on the accounts of intermediary banks involved in the collection process - become final by the mere passage of time, rather than by an advice of actual payment. It being statistically unlikely that a particular check will not be paid, the practicalities of the process call for giving actual notice (down the chain of collection) only in the event a check is not paid. Accordingly, the temporary hold which a depositary bank customarily places on the withdrawal of proceeds from a check deposited for collection is intended to give the collection chain an opportunity to notify the depositary bank, if it be necessary, that the check has not been paid. Thus, the hallmark of the normal completion of collection - i.e., the check having been paid - is the receipt of no notice by the depositary institution.
[…]With the foregoing in mind it is clear how a fraud of this type is accomplished. Its object is to cause a worthless check
deposited for collection to take a sufficiently long detour in its progress to the drawee bank, to insure that the notice of non-payment will not arrive at the depositary bank until after the expiration of the hold which it placed on the
availability of the proceeds from transit items. Having received no such notice before the expiration of the hold, the
depositary bank supposes the items to have been paid and allows its proceeds to be withdrawn. By the time notice
arrives the malefactor has, of course, absconded with the spoils.
Id. (citations omitted). In other words, a bank confirms that a check is valid when a certain amount of time has passed,
often up to two-weeks, without the bank receiving notice that the check was invalid.
This scheme is made easier by banks who regularly provide “provisional credit” to check depositors prior to the
discovery of the fraudulent nature of the check. The Expedited Funds Availability Act (“EFAA”) of 1987 (implemented by
Regulation CC, 12 C.F.R. 229), requires banks to make funds deposited in transaction accounts available to their
customers within a specified time frame. This availability is provisional and the collecting bank has the right to charge
back the amount if the check is dishonored or the bank fails to receive a settlement for the check (see U.C.C. § 4-212).
Through these means, a bank will provide “provisional credit” based on a check which is later revealed to be fraudulent
thus providing the scammer with an opportunity to recoup the credited funds while the bank still has to recourse to
charge back the unwitting victim of the scam.
When banks sue for the return of provisional credit, some malpractice insurers have refused to indemnify attorneys
under their policies. See e.g., Lombardi, Walsh, Wakeman, Harrison, Amodeo & Davenport, P.C. v. American Guarantee
and Liab. Ins. Co., 924 N.Y.S.2d 201 (3d Dep't 2011)(coverage litigation between insurer and attorney, arising from
settlement of bank's lawsuit against attorney as a result of an overdraft caused by a counterfeit check); O'Brien & Wolf,
L.L.P. v. Liberty Ins. Underwriters Inc., No. 11-cv-3748, 2012 WL 3156802 (D. Minn. Aug. 3, 2012) (holding that insurance
company was required to cover losses from attorney trust account due to counterfeit check scheme); Attorneys Liab.
Protection Soc., Inc. v. Whittington Law Assocs., PLLC, 961 F.Supp.2d 367 (D. N.H. 2013) (denying insurance coverage for
losses due to "Nigerian check scam"). In Lombardi, the court found that the insurer had to cover the attorney under the
malpractice policy because, even if the client turns out to be fake, handling a client’s funds is part of the attorney’s legal
services. Id.; see also Yudin & Yudin, PLLC v Liberty International Under Writers, Inc., 2012 N.Y. Misc. LEXIS 111 (Sup. Ct.
N.Y. County Jan. 11, 2012) (Rakower, J.) (same).
Another ramification of this scam is potential disciplinary liability. An attorney’s IOLA account may contain other clients’
funds which the bank may then use to “cover” the provisional funds lost. Banks may also be required to report an
attorney with an overdrawn IOLA account to the state bar. This will likely result in a disciplinary investigation and audit
of the IOLA account. In 2015, the New York City Bar Association came out with a formal ethics opinion finding that
“because Internet-based trust account scams may harm other firm clients, a lawyer who receives a request for representation via the Internet has a duty to conduct a reasonable investigation to ascertain whether the person is a legitimate prospective client before accepting the representation. A lawyer who discovers he has been defrauded in a manner that results in harm to other clients of the law firm, such as the loss of client funds due to an escrow account scam, must promptly notify the harmed clients.” Formal Opinion 2015-3: Lawyers Who Fall Victim to Internet Scams.
One of the best ways to avoid this scam is to tell all overseas clients that there is a mandatory three-week waiting period
on any check deposits. This is because some foreign institutions take up to 20-days to verify credit. This should be
enough time for the depositing bank to discovery whether the check is valid. Do not be fooled into waiving this grace
period because the foreign client requests that you wire funds to U.S. bank accounts. Scammers will often use
individuals with U.S. bank accounts as strawmen intermediaries who then wire the funds internationally (see below). As
stated in Margot J. Garant, Inc, 46 Misc. 3d 1218(A): “The Federal Reserve, like the Appellate Division and the Court of
Appeals, advises that it is important to ‘know your customer.’”
2. “Ransom” Scam
This scam not only affects attorneys, but companies around the globe and has been in the news a lot lately. The main
purpose of this scam is to infect the attorney’s computer with a virus blocking the attorney’s access to it. The scammers
then hold the computer for ransom. The scammer’s initial entry into the attorney’s computer system could be through
hacking or because the attorney clicked on a seemingly legitimate link. On Nov. 30, 2016, New York Attorney
General Eric T. Schneiderman issued a press release warning that attorneys were receiving emails which were seemingly
from A.G. Schneiderman’s office claiming that their business was the subject of a complaint for which they have 10 days
to respond. The email included a hyperlink to the “complaint” which instead installed malware. Press release available
at, https://ag.ny.gov/press-release/ag-schneiderman-issues-alert-phishing-scam-targeting-new-york-attorneys. The A.
G.’s office advised attorneys to update their anti-virus software and use caution when clinking on links. Also be
particularly mindful when an email appears to be odd. For example, in the scam cited above, the email claimed to be
from “The Office of The State Attorney Complaint,” but there is no such office. Generally, attorney complaints in New
York are handled by the grievance committee in the jurisdiction where the attorney was admitted.
3. “Impersonating a Known Client” Scam
This scam generally targets attorneys, accountants and other professionals holding a great deal of client money. The
scammer first hacks into the attorney or client’s email account and gains information about how the attorney and client
conduct business. For example, does the client direct the attorney to wire her funds from the attorney’s IOLA account
over email? What language does the client use? As news dribbles out each day of compromised user name and
password for various internet applications, this first step is becoming fairly easy for hackers. In 2016, the astounding
news came to light that between 2013-2014, over 1 billion Yahoo! user accounts were hacked.
Then, once the hacker has the inside information from the email accounts, he then impersonates the client and requests
that the attorney wire the client’s funds to the hacker’s bank accounts. In one such case handled by our firm, the hacker
exploited the way Yahoo! groups email messages. The hacker created an email address that was identical to the real
client but for one-digit. The hacker then sent emails from the fraudulent email address impersonating the client,
including using the same subject line as legitimate emails and using similar phrasing to the client. Yahoo! will group all
emails together which have the same subject line. When the attorney viewed the fraudulent email, it appeared to be
from his client, even down to the client’s tag name- the fake email address was not visible. Accordingly, there was
nothing inherent about the email, not even the email address, which was not visible, to put the attorney on notice that
the email was fraudulent. The attorney then wires the funds as he believes his client directed.
This scam works because the attorney already has a relationship with the real client who he trusts and the request does
not seem unusual. The client may be in the business of often requesting funds to be wired in this matter, for example if
the client is a lender. The scam artists are highly sophisticated and realize that if they ask that the funds be wired out of
the country where the bona fide client is not located, it might raise red flags. So they generally solicit the cooperation of
Americans with U.S. Bank accounts to be the conduit for the wired funds. Once the attorney wires the funds to the U.S.
Bank accounts, these strawmen, after subtracting a fee for their “services,” wire the funds out of the country. The
attorney remains ignorant that the client’s funds left the country until learning of the scheme from a conversation with
the client, who has no knowledge of the wiring instructions.
Attorneys can face high liability with this scheme because, technically, they wired their clients’ funds without
authorization. In New York, this would generally be prima facie evidence of the breach of standard of care in a legal
malpractice action. The bank would not be liable in this scheme because the proper account holder, the attorney,
authorized the wire transfer. Similarly, it would be difficult to hold Yahoo! responsible for the breach described above.
Email providers are only responsible for providing the amount of internet security as is represented in their services
agreement. For free internet providers like Yahoo!, the amount of internet security provided to users is generally not as
high as paid providers. Yahoo!’s security policy states that it only provides Secure Socket Layer (SSL) inscription for
transactions involving credit cards and other financial services. Yahoo! claims to “maintain reasonable physical,
electronic, and procedural safeguards that comply with federal regulations to protect personal information.” It would be
very difficult to prove that Yahoo! breached these terms.
While authorities sometimes arrest the perpetrators of internet scams and recoup the stolen funds or obtain restitution,
with foreign scammers, this is incredibly unlikely. In one such case, the scammer involved in the case handled by our
firm, Nigerian national David Chukwuneke Adindu, was arraigned on Dec. 14, 2016 for wire fraud in the Southern District of New York. According to the indictment, Adindu worked with others to carry out internet scams on various
entities from 2014 to 2016. The scams include contacting and impersonating potential victims in order to induce them
to wire money to third parties. See U.S. v. Adindu, No. 16-cr-00575 (S.D.N.Y.).
If you or a client has fallen victim to an internet scam, you can report it to:
- Federal Bureau of Investigation (FBI) Internet Fraud Complaint Center at www.ic3.gov
- Federal Trade Commission (FTC): by telephone at 1-877-FTC-HELP or file an electronic complaint at www.ftc.gov
- Mail-based scams - U.S. Postal Inspective Service by telephone at 1-888-877-7644 or via e-mail at <a href="https://
- If you have a complaint about a national bank’s handling of a fraudulent check, and you cannot resolve the problem
with the bank, contact the Office of the Comptroller of the Currency’s Customer Assistance Group, by calling
800-613-6743 or by sending an e-mail to: firstname.lastname@example.org.
*This article was prepared by Andrew R. Jones, Esq. and Rachel Aghassi, Esq. of the New York City-based law firm of
Furman Kornfeld & Brennan LLP. Andrew and Rachel work as part of a team of 15 lawyers devoted to the defense of
attorneys and other professionals in malpractice and disciplinary matters. For more information about the above topic
or the authors, please visit: www.fkblaw.com.
We trust that the above article was useful and thought provoking; however, please note that it is intended a general
guide only, not a complete analysis of the issues addressed, and readers should always seek specific legal guidance on
For more information on LPL coverage generally and how internet scams can affect the exposure of your firm to
malpractice claims, contact USI Affinity today.