Wernick & Associates, Ltd.
MONTH-IN-BRIEF (May 2025)
Risk Allocation in Fraudulent Funds Transfers to Cybercriminals: Make the Call
By Alan S. Wernick, Esq., Wernick & Associates, LTD.
Who is at risk of loss when a payor and a payee are victims of a cybercriminal’s scam and monies are sent (e.g., via a wire transfer) by the payee to the cybercriminal? With the acceleration in the number of cyberattacks and malware injections, this is a question that an increasing number of businesses must grapple with. The answer depends on the applicable law, which may shift the risk of loss, and the facts, which may be quite nuanced.
In a recent decision in Thomas v. Corbyn Restaurant Development Corp., the Court of Appeal of California, Fourth Appellate District, Division One (No. D083655, 2025 Cal. App. LEXIS 332 (Cal. Ct. App. May 27, 2025)), was presented with “an issue of first impression in California: Which party bears the risk of loss when an imposter causes one party to a settlement to wire settlement proceeds to the imposter instead of the other settling party?” The Court ultimately affirmed the trial court’s judgment against the defendants and defendants’ defense counsel (the payor) who acted on a cybercriminal’s “spoofed” emails and phone call which purported to be from plaintiff’s counsel, and fraudulently instructed them to wire transfer a $475,000 settlement to the cybercriminal’s bank account. After the parties discovered the fraud, the defendants refused to pay the plaintiff, and the plaintiff applied ex parte to enforce the settlement agreement.
