Email is the starting point of 91% of cyberattacks. It’s both a large vulnerability and an inevitable one, because so often email is how we communicate with people we already know and trust (like business partners), and with people we might soon get to know (like potential clients). It is easier to exploit our errors, assumptions, and lack of awareness than to exploit software flaws. That is why hackers, spoofers, and phishers sink their fangs extra deep into email, and into the businesses compromised by email.
If a business principal’s email gets hacked, or a phishing attempt exposes vital business data, relationships with vendors, customers, and partners can suffer. Multiple parties may suffer losses as hackers insert themselves into payment processes, stealing money and hurting reputations in the process. Often holding the hackers accountable is not an option, either because they are too difficult to find, or because they are outside of the US. Because neither legitimate party wants to absorb the loss, litigation usually follows a breach of a business’s email.
Chatow Law can help with the litigation. We can help if you have been blamed for an email breach, or if you have suffered damages due to an email breach and its consequences. You can contact our office in Orange County, CA now, or read on to find out more.
Though we hear a great deal about large, public data breaches that happen at various major corporations, scammers rarely go after data directly. More often, they’re after a quick payout from whomever they can fool.
Most of these scams involve diverting legitimate payments to the scammer’s account. Of course, it doesn’t take long for a business email compromise to cause chaos. Vendors and landlords (for instance) still want to be paid, but businesses’ owners or staff believe they’ve already made the payments. Disputes can and often do explode before anyone is even aware a business email compromise has taken place.
Liability most often lies with the party who failed to exercise “ordinary care” in delivering a payment to a fraudulent entity. That is, liability most often lies with the party who was in the best position to prevent the fraud. In some cases, neither the vendor nor the company is found liable, in which case the courts have determined the bank was in the best position to prevent fraud and therefore is liable.
Regardless of who caused the breach, if one party is contractually obligated to make payments to another party, they are generally still required to make those payments, even if they lost money to a hacker. Yet even here there are exceptions. In cases where the true vendor has led the company to reasonably believe the hacker worked for the vendor, the courts have ruled that the victims did not need to make those payments to the vendor. Courts also pay attention to whether there were any obvious red flags that any party may have ignored or glossed over.
The most likely resolutions are:
In some business email compromise cases, it is wise to pursue mediation to minimize losses on all sides and preserve the relationships between vendors and the companies they serve.
It is possible that we can litigate your case on a contingency basis, rather than on a pay-as-you go hourly basis. Probably because of the damages and possibly for other reasons, your money may be tied up temporarily. We understand that, which is why we may be able to work you in such a way that you only pay a percentage of the settlement or judgment if and when we win your case and you collect your award. You can find out more about the contingency business litigation option here.
If you’re dealing with a business email compromise dispute in California, Chatow Law may be able to help. We work with clients in Orange County, Los Angeles County, San Diego County, and beyond. Contact us today to schedule a free initial consultation.