Search for:
Category

Cybersecurity

Category

Electronic Fraud: Responding to a Business Email Compromise (BEC)

By

Business Email Compromise (BEC) also known as email account compromise (EAC) attacks exploit our collective reliance on email to conduct business and personal affairs. While there are many variations on this cyberattack, the most difficult to detect are situations where an attacker gains control over a supplier’s email address and uses it to request a seemingly legitimate business payment. The fraudster will request a payment be sent electronically to a new account that they control. This is what makes it so effective, because to the recipient, the compromised email is authentic since it originates from a known authority figure from a supplier. Many employees will fail to realize that it is a cyberattack.

Read More

2016 Baker & McKenzie Global Data Breach Notification Guide

By

Global data breach notification requirements pose critical issues for legal departments, senior managers, and boards of companies in all industry sectors worldwide. The current environment creates a perfect storm with more data security threats, more vulnerabilities, and more data breach notification requirements. Baker & McKenzie provides this Global Data Breach Notification Guide as a resource for companies to benchmark the ever expanding range of global breach notification requirements. As always, this guide is not a substitute for legal advice, and in…

Read More

Supreme Court rules on online anonymity – Potential impact on fraud investigations?

By

On June 13, 2014, the Supreme Court of Canada delivered the landmark decision of R. v. Spencer (“Spencer“).  In this decision, Mr. Justice Thomas Cromwell, writing for the Court, set out the ground rules for police to obtain subscriber information from Internet Service Providers (“ISPs”). In doing so, the Court effectively put an end to the practice of the police informally requesting, and ISPs providing, such subscriber data without a warrant.

Read More

Provincial securities regulator seeks expanded powers to combat fraud and insider trading

By

The Ontario Securities Commission (OSC) has begun discussions with legislators and law enforcement agencies in an effort to expand its powers to include wiretapping rights with respect to parties under investigation.

As the country’s largest and most influential securities regulator, the OSC’s policies and decisions impact the majority of brokerages, mutual funds, and pension funds in the country.  In recent years the OSC has placed emphasis on the need for more comprehensive anti-fraud and law enforcement strategies.

Read More

Cyber crime is a growing threat

By

As part of Fraud Prevention Month, the RCMP is rolling out tip sheets to help Canadians protect themselves against an ever-growing number of scams and frauds including a list of “Top 10 Cyber Crime Prevention Tips”.  Many of these tip sheets highlight the role of technology in fraudulent schemes and the importance of ensuring that personal information remains secure and confidential.  For example, the RCMP warns against various forms of online shopping fraud, such as where fraudsters sell products at deeply discounted prices so they can steal the personal information and payment card details of unsuspecting buyers. 

Read More

Anti-fraud monitoring: The employer’s right of surveillance

By

Employee surveillance is an excellent and available method by which companies can protect against fraud.  Monitoring of company-supplied hardware, software and access is perfectly legal and arguably compelling in Canada.  Many still act under the mistaken belief that when it comes to personal communications such as e-mail and social media forums such as Facebook and Twitter, anything intended as private and personal is protected.

In truth, such privacy is very limited. The legal rubric underlying such an assumption is “reasonable expectation of privacy”, an expression borrowed for global adaptation from the 4th Amendment to the US Constitution, and protected in the Canadian Charter.  Historically, personal communications and the privacy protections afforded them were sacrosanct. In addition to the medium of ‘snail mail’ being confidential in its own right—the sealed envelope—most jurisdictions honoured the British-based “Royal Mail Rule” premised upon the opening of personal mail as verboten.

Read More

Cybersecurity threats

By

Cybersecurity threats are evolving with ever-increasing levels of sophistication.  In the wake of a series of high profile data breaches, US President Obama recently commented that the nation’s “economic prosperity in the 21st Century will depend on cyber security”.  Without question, cybersecurity is now a global problem facing an array of companies, firms, organizations and governmental bodies. Companies can incur significant costs and reputational damage as a result of cyberattacks, including costs related to the deployment of additional personnel and security…

Read More