Skip to content

An email scam cautionary tale

By Nancy Rubin, K.C. and Levi Parsche

What happens if a person accidentally makes payment to a hacker, instead of to the person they actually owe money? Should they have to pay again? In the recent decision, Jane Group Limited v. Heritage Gas Limited, 2022 NSSM 36, a small claims court adjudicator said yes.

EFT Payment Scam

In the case, two companies had agreed to split the costs to repair a sidewalk after a natural gas line was installed. Shortly after the repairs were completed, Jane Group emailed Heritage Gas seeking payment of its share. Heritage Gas responded, requesting an invoice for the repairs, and indicated it could pay by electronic funds transfer (“EFT”) or via cheque. So far, so good.

Then, Heritage Gas received what it assumed was a response from Jane Group, providing banking information and instructions to send payment via EFT. Unfortunately, this email was actually from an online hacker who had intercepted previous communications. The hacker, representing themselves as the Jane Group president, provided information for a fraudulent bank account, and asked for the money to be deposited that same day.

Heritage Gas emailed Jane Group again indicating it needed an invoice before it could make a payment. In response, (and from a different email address) Jane Group provided an invoice, which indicated payment should be made by cheque to a mailing address.

Unfortunately, upon receipt of the invoice, Heritage Gas followed the earlier EFT instructions that had been sent, depositing the payment into the fraudulent bank account provided by the hacker.

Decision

Having not received payment, Jane Group sued for recovery from Heritage Gas.  Counsel for Jane Group argued that there were several “red flags” in the email from the hacker (spacing and typographical errors) which should have triggered a follow-up by Heritage Gas, not to mention the discrepancy in the direction to pay via EFT or cheque.

On the other hand, counsel for Heritage Gas argued that the loss of money was due to Jane Group’s “carelessness” and lack of cybersecurity.

In the end, Adjudicator Darling found that both parties were innocent victims of the hacker and ruled that as neither party had exhibited blameworthy conduct, the case must be decided in favour of the Claimant, Jane Group.

Key Takeaway

As we move towards an increasingly digital world, this case serves as a reminder to keep an eye out for fraudulent activity. Take extra steps to make sure your electronic funds transfers are secure.  Watch out for email red flags (typos, suspicious links, misspellings, a sense of urgency) and confirm payment details via an additional method – otherwise you might end up on the hook and have to pay twice!


This update is intended for general information only. If you have questions about the above, please contact the authors.

Click here to subscribe to Stewart McKelvey Thought Leadership.

SHARE

Archive

Search Archive


 
 

Client Update: Truth or Consequences – The New Duty of Honest Performance in Commercial Contracts

November 17, 2014

The Supreme Court of Canada’s unanimous decision in the breach of contract case Bhasin v Hrynew, 2014 SCC 71 was released on November 13, 2014. The case is important in the law of contracts because…

Read More

Client Update: Recent Changes to the Temporary Foreign Worker Program

August 28, 2014

On June 20, 2014, the Government of Canada announced a series of reforms to overhaul the Temporary Foreign Worker Program (“TFWP”). These reforms, many of which are effective immediately, function to: Re-organize the TFWP  The…

Read More

Atlantic Employers’ Counsel – Summer 2014

August 1, 2014

The Editor’s Corner Clarence Bennett Summer is halfway over, but we know you will want to take this edition along with you while you enjoy more summer weather and time out of the office. Employers…

Read More

Client Update – Tsilhqot’in Nation – An East Coast Perspective

July 9, 2014

On June 26, 2014, the Supreme Court of Canada released one of the most significant aboriginal law decisions since Marshall – Tsilhqot’in Nation v. British Columbia, 2014 SCC 44 (also known as the William decision).  This decision could have…

Read More

Client Update: Nova Scotia Supreme Court awards $500,000 in Punitive Damages in LTD case

July 9, 2014

In Industrial Alliance Insurance and Financial Services Inc. v. Brine, 2014 NSSC 219, National Life (and later its successor Industrial Alliance) alleged Brine had received undisclosed CPP and Superannuation disability benefits resulting in a substantial overpayment of…

Read More

Client Update: One final reminder – Are You Ready for Anti-Spam?

June 20, 2014

Any individual, business or organization that uses email, text messages or social networks to promote their products and services should take note of Canada’s Anti-Spam Legislation and its accompanying regulations. Effective July 1, 2014, the…

Read More

Doing Business in Atlantic Canada (Summer 2014)(Canadian Lawyer magazine supplement)

June 17, 2014

IN THIS ISSUE: Consistent Use: The Collection of Union Members’ Personal Information by their Union by Alison Strachan and Jonah Clements. Single Incident of Offensive and Threatening Facebook Post is Just Cause by Harold Smith, QC. The New Anti-Spam Law –…

Read More

Surprise Amendments to the Newfoundland and Labrador Labour Relations Act

June 3, 2014

 Yesterday, Monday June 2, 2014, the Government of Newfoundland and Labrador introduced brand new (and unexpected) amendments to the Labour Relations Act. The full text of the proposed amendment can be accessed here. Bill 22, if it…

Read More

Doing Business in Atlantic Canada

May 26, 2014

Download as a PDF

Read More

Doing Business in Atlantic Canada

May 26, 2014

Download as a PDF

Read More

Search Archive


Scroll To Top