Business Email Compromise (BEC) also known as email account compromise (EAC) attacks exploit our collective reliance on email to conduct business and personal affairs. While there are many variations on this cyberattack, the most difficult to detect are situations where an attacker gains control over a supplier’s email address and uses it to request a seemingly legitimate business payment. The fraudster will request a payment be sent electronically to a new account that they control. This is what makes it so effective, because to the recipient, the compromised email is authentic since it originates from a known authority figure from a supplier. Many employees will fail to realize that it is a cyberattack.
Continue Reading Electronic Fraud: Responding to a Business Email Compromise (BEC)
Cybersecurity
2016 Baker & McKenzie Global Data Breach Notification Guide
Global data breach notification requirements pose critical issues for legal departments, senior managers, and boards of companies in all industry sectors worldwide. The current environment creates a perfect storm with more data security threats, more …
Continue Reading 2016 Baker & McKenzie Global Data Breach Notification Guide
Supreme Court rules on online anonymity – Potential impact on fraud investigations?
On June 13, 2014, the Supreme Court of Canada delivered the landmark decision of R. v. Spencer (“Spencer“). In this decision, Mr. Justice Thomas Cromwell, writing for the Court, set out the ground rules for police to obtain subscriber information from Internet Service Providers (“ISPs”). In doing so, the Court effectively put an end to the practice of the police informally requesting, and ISPs providing, such subscriber data without a warrant.
Continue Reading Supreme Court rules on online anonymity – Potential impact on fraud investigations?
Provincial securities regulator seeks expanded powers to combat fraud and insider trading
The Ontario Securities Commission (OSC) has begun discussions with legislators and law enforcement agencies in an effort to expand its powers to include wiretapping rights with respect to parties under investigation.
As the country’s largest and most influential securities regulator, the OSC’s policies and decisions impact the majority of brokerages, mutual funds, and pension funds in the country. In recent years the OSC has placed emphasis on the need for more comprehensive anti-fraud and law enforcement strategies.
Continue Reading Provincial securities regulator seeks expanded powers to combat fraud and insider trading
Cyber crime is a growing threat
As part of Fraud Prevention Month, the RCMP is rolling out tip sheets to help Canadians protect themselves against an ever-growing number of scams and frauds including a list of “Top 10 Cyber Crime Prevention Tips”. Many of these tip sheets highlight the role of technology in fraudulent schemes and the importance of ensuring that personal information remains secure and confidential. For example, the RCMP warns against various forms of online shopping fraud, such as where fraudsters sell products at deeply discounted prices so they can steal the personal information and payment card details of unsuspecting buyers.
Continue Reading Cyber crime is a growing threat
Anti-fraud monitoring: The employer’s right of surveillance
Employee surveillance is an excellent and available method by which companies can protect against fraud. Monitoring of company-supplied hardware, software and access is perfectly legal and arguably compelling in Canada. Many still act under the mistaken belief that when it comes to personal communications such as e-mail and social media forums such as Facebook and Twitter, anything intended as private and personal is protected.
In truth, such privacy is very limited. The legal rubric underlying such an assumption is “reasonable expectation of privacy”, an expression borrowed for global adaptation from the 4th Amendment to the US Constitution, and protected in the Canadian Charter. Historically, personal communications and the privacy protections afforded them were sacrosanct. In addition to the medium of ‘snail mail’ being confidential in its own right—the sealed envelope—most jurisdictions honoured the British-based “Royal Mail Rule” premised upon the opening of personal mail as verboten.
Continue Reading Anti-fraud monitoring: The employer’s right of surveillance
Cybersecurity threats
Cybersecurity threats are evolving with ever-increasing levels of sophistication. In the wake of a series of high profile data breaches, US President Obama recently commented that the nation’s “economic prosperity in the 21st Century …
Continue Reading Cybersecurity threats