image

Interesting! How Hackers scam staff member at one of the biggest law firms

One of the country’s top six law firms was the victim of an attempted scam attack after one of its staff members was tricked into transferring a large sum of money into the account of a fraudster impersonating a trusted business associate.

MinterEllison confirmed on Thursday that it had been the victim of an attempted scam attack, but insisted its systems had not been compromised by the hackers, who had instead hacked into the systems of a business it was working with on a deal.

The firm was able to recover the funds – suggested at below $500,000 – after detecting the fraud attempt.

According to sources familiar with the incident but not allowed to speak publicly, MinterEllison rushed to the Supreme Court of Victoria in early April after learning its staff member had been duped into transferring the funds into the bank account of a person seeking to defraud the firm.

The sources said the firm’s alleged scammers were able to infiltrate the systems of another group it was working with on the transactions and impersonate a staff member working on the transaction to a MinterEllison staff member. The MinterEllison staff member who made the transfer was unaware at the time that they had been tricked, sources said.

A spokesperson for the firm did not clarify if it was now updating its processes in the wake of the fraud attempt on its business.

“MinterEllison has clear policies and procedures in place to safeguard the firm in its business dealings. We continually review all our policies and procedures to ensure they are robust and fit for purpose,” they said.

“No MinterEllison systems were compromised, and all parties have been made whole. The incident underlines the importance of hypervigilance in all financial transactions.”

MinterEllison is one of the country’s largest law firms. It has large practices in competition law, corporate legal advisory, mergers and acquisition advisory and employment law, and a well-known defamation law practice.

The MinterEllison attempted fraud comes as hacking and system protection are of significant focus for large companies. Earlier this year, a report from KPMG, Keeping us up at night, which surveyed more than 300 Australian CEOs in October last year, nominated dealing with cyber risks as the top priority for 2024 and the next three to five years.

While MinterEllison was able to stave off the attempted fraud by quick detection, other law firms in Australia have suffered major hacking attacks that have caused significant damage.

A cyberattack on HWL Ebsworth in 2023 resulted in 65 government departments having documentation relating to their legal affairs being accessed by hackers. Another law firm, Allens, was the victim of a cyberattack in 2021 in which hackers were able to access important documents relating to work it had done for Westpac.

Australians lost a record $3.1 billion to scams in 2022, according to the Australian Competition and Consumer Commission.