Find an Expert Witness

Forensic, General & Medical
Expert Witnesses

Law Firm's Trust Account Hacked! Six Figures Taken!!!

Expert Witness: Evidence Solutions, Inc.
A Toronto area law firm is missing six figures from their trust account. After being hit over the holidays by a virus which gave hackers remote backdoor access to the firm’s bookkeeper’s computer. The virus, known as the Trojan Banker Virus, was designed to capture keystrokes, which can include bank passwords, as they are typed.

The origin of the virus is unknown. Ways of contracting the virus can be as simple as the bookkeeper downloaded the program, clicked a link on a website or in an email, installed a screen saver, or merely opened an email attachment.

The hackers then used Social Engineering to get the bookkeeper to provide passwords.

First, they sent an email which was purportedly from the firm’s bank. The email had a link the bookkeeper opened which happened to be a fake website that looked just like the bank’s. The screen presented asked for the user name and password just like the “real” website. When the bookkeeper
couldn’t get the login to work, another screen was displayed asking for her name and telephone number.

Shortly after entering her name and number, the phone rang with a person who represented that they were with the bank and offered to help her resolve her login problem. The hackers most likely said something along the lines of, “We can see that you were having problems attempting to access your account. We were having maintenance issues which we have now resolved. Please try logging in again?”

The bookkeeper then entered the primary password along with a secondary, more secure password, which was generated to last only a few minutes. The virus then delivered the passwords to the hackers. This allowed the hackers to have full access to the trust account, including the ability to monitor daily balances and to wire funds to foreign countries. In order to not draw immediate attention, the hackers systematically wired funds after deposits were made. Three days later the firm discovered a six figure sum had been removed from their account.

It is important to note that it was a combination of malware and social engineering that made the fraud successful. We urge you to train your employees regularly and well. After all, what better target than a law firms fat and juicy trust account?

By Scott Greene

ABOUT THE AUTHOR: Scott Greene of Evidence Solutions, Inc.
For over 30 years, Scott Greene has been helping companies meet the challenges of the swiftly evolving computer technology industry.

Directly from high school, Scott went to work for IBM. Scott studied Systems Engineering at the University of Arizona. He has since earned certifications in many products and programming languages.

The Evidence Solutions team analyzes data from Computers, Cell Phones, Black Boxes, Dispatch Systems, Medical Records. Scott then explains the digital evidence in plain English.

Scott’s extensive knowledge draws clients to him from all over the United States as well as Internationally for consulting, Forensics and expert witness services. His extensive and diverse experience allows him to be an expert in many facets of digital and electronic evidence. Scott, a sought after speaker and educator, travels throughout the country sharing his knowledge and presenting to local, regional, national and International organizations.

Copyright Evidence Solutions, Inc.

Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.For specific technical or legal advice on the information provided and related topics, please contact the author.

Find an Expert Witness