The Legal Practice Council (LPC) would like to warn legal practitioners about the increasing levels of e-mail frauds and the fact that cybercrime is not covered by the policy provided by the Legal Practitioners Indemnity Insurance Fund.

Practitioners operating trust accounts are potentially at greater risk than others, but no one is immune to this threat.
This follows a judgment that was recently granted against a firm whose e-mail account was been hacked, resulting in them paying R1,7 million rand to a third party, and not to the person entitled to the money. The court held that the firm had a duty to verify that the e-mail giving instructions in regard to the payment indeed came from its client.

(Please see http://www.saflii.org/za/cases/ZAGPPHC/2019/449.html)

It is therefore not enough to assume that because an e-mail appears to come from a client, and that because the client’s email address or their name appears on the mail, the e-mail does in fact come from that client.
Legal Practitioners are advised to be careful when instructions are received with new bank account details, or an instruction is received to change the bank account details of a client or third party to whom funds are due. All such details should be verified by telephone or any other means.

All legal practitioners have an ethical duty to put appropriate systems in place to safeguard all their confidential information.
Failing which they may be viewed as being unprofessional.

Please click on the links below for some more information:
https://www.tech4law.co.za/tech-advisor/security-d91/cyber-attacks-email-correspondence-risks/

https://www.lssa.org.za/upload/files/Nesletters%20Advisories/LSSA%20Advisory%20to%20Attorneys%20(Cybercrime%20BEC)180710%2018%20July%202018.pdf

Ends/
Issued by the Legal Practice Council

Download PDF