Much has been written over the last few years about the risks for lawyers of increasingly sophisticated financial scams targeting them. I’ve even written about the issue some in the past.
Within the last 30 days or so, a “new” financial scam has gotten some publicity that should help real estate lawyers in particular to remain vigilant. British media detailed how this sort of scam works, and a California paper reported on a panel discussion at a real estate forum about something similar, and the ABA Journal online did a nice piece this week tying the two media pieces together. The nature of this scam, which those in the know have dubbed “spear phishing,” appears capable of summarizing as a three-step process: (1) gain unauthorized access (either by hacking or malware of some sort) to the email account of an attorney (or real estate agent or potentially someone else involved in the process, such as the lawyer’s client); (2) exercise patience and monitor the traffic on the account to find an ongoing deal that’s headed to closing, and (3) use the control over, or information learned from, the compromised email account to send an email from that account to the other participants that changes existing wire transfer instructions to divert funds to the hacker.
Fortunately, one of the takeaways from the articles is that real estate lawyers can protect themselves to a significant degree from the most financially harmful step of the scam simply by getting confirmation by telephone or some other non-email means of any email instruction that changes the destination for funds. The implication of the success of the second step of the scam — that someone else may be already hacked into a lawyer’s email account and just patiently reviewing all that the lawyer has going on and biding their time to shoot their spear — just further underscores the importance of cyber-security/data security in the modern practice of law. And, not just for real estate lawyers, as there are other areas of practice where “spear phishing” lawyers could provide access to large financial hauls.
Lawyers losing their licenses as a result of abandoning their law practice and leaving clients high and dry is also a far too common occurrence. Most of the time, the same external forces (whatever they may be) that drove the lawyer to abandon their law practice also lead to the lawyer ignoring the disciplinary proceedings altogether culminating in disbarment. Such a story playing out in the context of running a law school clinic is not something I can recall running across before until now.
A New York lawyer was disbarred earlier this month in connection with allegations that he had abandoned the cases he was handling through the employment law clinic at the Cardozo School of Law (the law school affiliated with Yeshiva University in New York City). That law school shut its clinic down in 2013, but claimed it expected that the lawyer – who had been an adjunct clinical professor at the school — would either wrap up or transfer all of the cases before the clinic closed. When the law school never received information about the cases, it apparently filed a complaint against the lawyer for abandoning the cases. The lawyer never responded or participated in the disciplinary proceedings. That lack of cooperation led first to his immediate suspension in March of last year and, ultimately, to the January 2016 order of disbarment which indicates its entry came about pursuant to a rule that permits disbarment when a lawyer takes no action within six months of being immediately suspended.