Skip to content

An email scam cautionary tale

By Nancy Rubin, K.C. and Levi Parsche

What happens if a person accidentally makes payment to a hacker, instead of to the person they actually owe money? Should they have to pay again? In the recent decision, Jane Group Limited v. Heritage Gas Limited, 2022 NSSM 36, a small claims court adjudicator said yes.

EFT Payment Scam

In the case, two companies had agreed to split the costs to repair a sidewalk after a natural gas line was installed. Shortly after the repairs were completed, Jane Group emailed Heritage Gas seeking payment of its share. Heritage Gas responded, requesting an invoice for the repairs, and indicated it could pay by electronic funds transfer (“EFT”) or via cheque. So far, so good.

Then, Heritage Gas received what it assumed was a response from Jane Group, providing banking information and instructions to send payment via EFT. Unfortunately, this email was actually from an online hacker who had intercepted previous communications. The hacker, representing themselves as the Jane Group president, provided information for a fraudulent bank account, and asked for the money to be deposited that same day.

Heritage Gas emailed Jane Group again indicating it needed an invoice before it could make a payment. In response, (and from a different email address) Jane Group provided an invoice, which indicated payment should be made by cheque to a mailing address.

Unfortunately, upon receipt of the invoice, Heritage Gas followed the earlier EFT instructions that had been sent, depositing the payment into the fraudulent bank account provided by the hacker.

Decision

Having not received payment, Jane Group sued for recovery from Heritage Gas.  Counsel for Jane Group argued that there were several “red flags” in the email from the hacker (spacing and typographical errors) which should have triggered a follow-up by Heritage Gas, not to mention the discrepancy in the direction to pay via EFT or cheque.

On the other hand, counsel for Heritage Gas argued that the loss of money was due to Jane Group’s “carelessness” and lack of cybersecurity.

In the end, Adjudicator Darling found that both parties were innocent victims of the hacker and ruled that as neither party had exhibited blameworthy conduct, the case must be decided in favour of the Claimant, Jane Group.

Key Takeaway

As we move towards an increasingly digital world, this case serves as a reminder to keep an eye out for fraudulent activity. Take extra steps to make sure your electronic funds transfers are secure.  Watch out for email red flags (typos, suspicious links, misspellings, a sense of urgency) and confirm payment details via an additional method – otherwise you might end up on the hook and have to pay twice!


This update is intended for general information only. If you have questions about the above, please contact the authors.

Click here to subscribe to Stewart McKelvey Thought Leadership.

SHARE

Archive

Search Archive


 
 

Retail Payments Activities Regulations released and open for comment

February 14, 2023

By Kevin Landry and Colton Smith The Retail Payment Activities Regulations have been released in the Canada Gazette Part 1 for comment. Interested persons may make representations concerning the proposed regulations for a period of 45…

Read More

Outlook for 2023 Proxy Season

February 13, 2023

By Andrew Burke, Colleen Keyes, Gavin Stuttard and David Slipp With proxy season once again approaching, many public companies are in the midst of preparing their annual disclosure documents and shareholder materials for their annual…

Read More

Open work permits for dependent family members of foreign workers

February 9, 2023

By Brittany Trafford and Sean Corscadden In response to the nationwide labour shortage, the Federal government is allowing select family members of foreign workers to apply for open work permits. This temporary policy came into…

Read More

Change to Ontario Employment Standards: IT consultants and business consultants excluded from ESA

January 19, 2023

Mark Tector and Ben Currie Effective January 1, 2023, amendments to Ontario’s Employment Standards Act, 2000 (“ESA”) took effect, excluding “business consultants” and “information technology consultants” from the application of the ESA. This is a…

Read More

Land use planning in Prince Edward Island – the year in review

January 13, 2023

By Perlene Morrison, K.C. and Curtis Doyle Once again, the time has come to review the year that was and to chart the course for the year ahead. For municipalities and planning professionals in Prince…

Read More

Trends in Employment Law: A look forward in 2023

January 13, 2023

By Grant Machum ICD.D, Sean Kelly & Ben Currie As the window for “Happy New Year” wishes winds down, our Labour and Employment Group has compiled an overview of emerging trends and issues in workplace…

Read More

Regulations and other considerations: further impacts of the Prohibition of Residential Property by Non-Canadians Act

January 6, 2023

Wednesday’s Thought Leadership piece from our Immigration Group detailed the impacts of recent Federal legislation limiting housing purchases by non-Canadians on Foreign Nationals, international students and temporary and permanent residents. Today, lawyers from our Real…

Read More

Prohibition on the Purchase of Residential Property by Non-Canadians

January 4, 2023

By Brendan Sheridan Residential housing prices in Canada have been a major area of concern for many Canadians who have been looking to purchase a home in recent years. While the market for residential homes…

Read More

Statutory Snapshot: 2022 Legislative Updates In Corporate Law And Privacy Law

December 21, 2022

By Levi Parsche As 2022 winds to a close, it’s a good time to review some of the legislative changes that have impacted Atlantic Canada in the last year — and consider what’s ahead for…

Read More

Bank of Canada Announces Supervisory Framework for Retail Payments Activities Act

December 16, 2022

By Kevin Landry and Colton Smith The Bank of Canada (“BoC”) has announced the supervisory framework (the “Framework”) it will use to oversee payment service providers under the Retail Payments Activities Act. The Retail Payments Activities…

Read More

Search Archive


Scroll To Top