Law firms and their clients are ripe targets for cybercrime. This time it is the turn of Minter Ellison who I guess forgot the cardinal rule of ringing the client to confirm bank details before transferring funds.
Ringing the client or the client ringing the firm to verify bank account details for any first transaction is imperative. Why? The Minter Ellison is an example where the client’s IT systems have been compromised and the hacker can send emails impersonating the client and accessing vital information of the matter. It doesn’t matter that Minter’s IT systems have not been compromised.
I emphasise it is vital for “first-time” transactions to be confirmed and verified by a phone call. But it is still important where you have the client’s bank details already “hard coded” into your banking system or in PEXA as a regularly used client account.
Minters are a top-tier firm but mistakes are human. Quote from Minters – “No MinterEllison systems were compromised, and all parties have been made whole. The incident underlines the importance of hypervigilance in all financial transactions.”