Pursuing Scammer May Not Be an Option
The buyer subsequently sued the escrow agent alleging, among other things, negligence and breach of fiduciary duty. Notably, the imposter was not a party to the litigation. The negligence and breach of fiduciary duty claims were tried to a jury which rendered a verdict in the buyer’s favor, finding the escrow agent 100 percent liable for the loss. The escrow agent appealed the jury’s failure to apportion any fault to the imposter.
Arizona law requires juries to “consider the fault of all persons who contributed to [an] alleged injury . . . regardless of whether the person was, or could have been, named as a party to the suit.” On appeal, the escrow agent argued that the statute required the jury to assess some fault against the imposter. However, the Arizona Court of Appeals stated that “the statute requires only that a jury consider fault; it does not obligate a jury to assign a percentage of fault to every person it considers.”
A key aspect of Mago is the absence of the primary bad actor—the person perpetrating the phishing scam. “Almost any reasonable person would assume that a person who committed a fraud should be responsible for loss associated with the fraud. But fraudsters are not always easy to find, and not always easy to hold financially responsible,” observes Elisabeth Feeney, Los Angeles, CA, cochair of the Payment Systems Litigation Subcommittee of the Litigation Section’s Commercial & Business Litigation Committee.
Proactive Measures to Reduce Cyber Fraud Risks
“The FBI’s Annual Internet Crime Report indicates that email compromise crimes resulted in losses exceeding $2.4 billion in 2022,” notes Nelida Lara, White Plains, NY, cochair of the Data Security Subcommittee of Section's Commercial & Business Litigation Committee. “The legal profession is increasingly acknowledging that a basic understanding of cybersecurity, privacy, and data protection issues is essential in the practice of law, leading to such measures as requiring continuing legal education in technology,” Lara asserts.
Evolving technology risks warrant new and better protective measures. “As bad actors increasingly exploit potential weaknesses in the distribution and settlement of funds, intermediaries should consider security enhancements to their own policies and the inclusion of contractual terms addressing their rights and obligations in the face of these account-compromise events,” suggests Edward A. Marshall, Atlanta, GA, cochair of the Payment Systems Litigation Subcommittee.
“To stay on top of fraud prevention, parties should prioritize comprehensive training regarding fraud risks and preventive measures, verify wire instructions carefully, and stay informed about cyberattacks as scammers have expanded beyond email scams, such as exploiting virtual meeting platforms,” recommends Lara. “Encourage all transactions to be supported by proper due diligence and maintain data security standards,” cautions Feeney.