Skip to content

An email scam cautionary tale

By Nancy Rubin, K.C. and Levi Parsche

What happens if a person accidentally makes payment to a hacker, instead of to the person they actually owe money? Should they have to pay again? In the recent decision, Jane Group Limited v. Heritage Gas Limited, 2022 NSSM 36, a small claims court adjudicator said yes.

EFT Payment Scam

In the case, two companies had agreed to split the costs to repair a sidewalk after a natural gas line was installed. Shortly after the repairs were completed, Jane Group emailed Heritage Gas seeking payment of its share. Heritage Gas responded, requesting an invoice for the repairs, and indicated it could pay by electronic funds transfer (“EFT”) or via cheque. So far, so good.

Then, Heritage Gas received what it assumed was a response from Jane Group, providing banking information and instructions to send payment via EFT. Unfortunately, this email was actually from an online hacker who had intercepted previous communications. The hacker, representing themselves as the Jane Group president, provided information for a fraudulent bank account, and asked for the money to be deposited that same day.

Heritage Gas emailed Jane Group again indicating it needed an invoice before it could make a payment. In response, (and from a different email address) Jane Group provided an invoice, which indicated payment should be made by cheque to a mailing address.

Unfortunately, upon receipt of the invoice, Heritage Gas followed the earlier EFT instructions that had been sent, depositing the payment into the fraudulent bank account provided by the hacker.

Decision

Having not received payment, Jane Group sued for recovery from Heritage Gas.  Counsel for Jane Group argued that there were several “red flags” in the email from the hacker (spacing and typographical errors) which should have triggered a follow-up by Heritage Gas, not to mention the discrepancy in the direction to pay via EFT or cheque.

On the other hand, counsel for Heritage Gas argued that the loss of money was due to Jane Group’s “carelessness” and lack of cybersecurity.

In the end, Adjudicator Darling found that both parties were innocent victims of the hacker and ruled that as neither party had exhibited blameworthy conduct, the case must be decided in favour of the Claimant, Jane Group.

Key Takeaway

As we move towards an increasingly digital world, this case serves as a reminder to keep an eye out for fraudulent activity. Take extra steps to make sure your electronic funds transfers are secure.  Watch out for email red flags (typos, suspicious links, misspellings, a sense of urgency) and confirm payment details via an additional method – otherwise you might end up on the hook and have to pay twice!


This update is intended for general information only. If you have questions about the above, please contact the authors.

Click here to subscribe to Stewart McKelvey Thought Leadership.

SHARE

Archive

Search Archive


Search
Generic filters

 
 

Atlantic Business Counsel – December 2009

December 18, 2009

IN THIS ISSUE Expanded Fines and Penalties for Environmental Offences: The New Federal Environmental Enforcement Act Spam about to be Canned? Preparing a Business for Sale Business Disputes Corner – Place of Arbitration and Selected…

Read More

Client Update – General Damage Cap Upheld By the Nova Scotia Court of Appeal

December 15, 2009

The Nova Scotia Court of Appeal has unanimously upheld the province’s legislative limits on general damage recovery for “minor injuries”. Today’s decision, authored by Chief Justice Michael MacDonald, completely affirms the January 2009 decision of…

Read More

Client Update – New Planning Opportunities For ULCs

December 4, 2009

The Canada Revenue Agency (“CRA”) announced helpful administrative positions concerning the new rules under the Fifth Protocol to the Canada-US Income Tax Convention, 1980 which will come into effect on January 1, 2010. The CRA…

Read More

Atlantic Construction Counsel – Fall 2009

November 26, 2009

IN THIS ISSUE Contractor Held Liable for Business Interruption: Heyes v. City of Vancouver, 2009 BCSC 651 When Can a Tendering Authority Walk Away if Bids are Too High? Crown Paving Ltd. v. Newfoundland &…

Read More

Client Update – Nova Scotia Unlimited Companies: An Update

November 6, 2009

Withholding tax and other issues under the Fifth Protocol The Fifth Protocol to the Canada-US Tax Convention, 1980 introduced significant changes which may affect the use of most unlimited companies and other so-called ULCs. These…

Read More

Atlantic Employers’ Counsel – Fall 2009

October 14, 2009

IN THIS ISSUE An Eye for an Eye: Alberta Court of Appeal Upholds Finding of Retaliation Liability as a Result of Generosity in Quebec Undue Hardship Established in Scent Case Parents of Twins Get Double…

Read More

Search Archive


Search
Generic filters

Scroll To Top