While clients are often the most visible victims, lawyers themselves are also increasingly being targeted. As professionals who routinely handle financial transactions, trust account funds, and confidential communications, lawyers can represent a high-value target for fraudsters. Scams aimed at legal practitioners can result in significant financial loss, compromised trust accounts, reputational damage, and breaches of professional obligations. This growing threat highlights the need for diligence not only when advising clients but also within day-to-day legal practice.
This Fraud Awareness Week provides an opportunity to remind practitioners and clients alike to take a moment before responding to unexpected contact, particularly where payment requests, account changes, or confidential information are involved. Scammers frequently impersonate government agencies, banks, utilities, and increasingly, professional services such as law firms or individual practitioners.
Consumer Protection’s Scamwatch urges individuals and businesses alike to adopt three simple but powerful steps whenever they or their clients encounter suspicious communication: Stop. Check. Report.
Whether it's a dodgy delivery text, a convincing phishing email, or a too-good-to-be-true investment pitch, scammers are everywhere. The Scamwatch guidance encourages you to:
Stop. Pause before you act. If something feels off, trust your instincts — don’t click links, forward money, or hand over personal data.
Check. Verify the source. Look closely at email addresses, web links, and grammar. Use search engines to confirm that companies or contacts are legitimate — try Googling “[Company Name] scam warning.”
Importantly, never call the phone number provided by someone claiming to be from your bank, your firm’s IT support, or a government agency. Instead, independently source the organisation’s publicly listed contact number from its official website and call back to verify.
you’re not 100% sure, report suspicious contact. The more reports that agencies get, the better positioned they are to shut down scam operations.
Why it matters to the legal profession
Lawyers as targets
Lawyers and law firms are increasingly being targeted due to the sensitive information, trust funds, and authority they hold. Email interception, invoice manipulation, business-email-compromise scams, domain spoofing, and impersonation attempts are now common attack strategies. These risks make strong verification, secure communication channels, and internal protocols essential.
Client risk
Clients might fall victim to increasingly sophisticated frauds, particularly in areas like investment, property transactions, estate planning, or tech-enabled crime. Lawyers can help by reinforcing scam awareness and modelling best practice in verification.
Reputational and compliance risk
The Lawyers and Conveyancers Act (Lawyers: Conduct and Client Care) Rules 2008 and the Privacy Act 2020 require lawyers to protect and hold in strict confidence all information concerning a client acquired during the professional relationship.
Chapters 8 and 11 of the Rules of Conduct and Client Care outline lawyers’ fundamental obligations in protecting confidentiality — obligations that may be compromised if a practitioner falls victim to a scam or cyber-attack.
Community leadership
As trusted community figures, lawyers can share the Fraud Awareness Toolkit (from MBIE) with clients, networks, and whānau and help uplift awareness across Aotearoa.
Reporting across different channels
Depending on the nature of the scam, you or your clients can report to:
Online scams more broadly to Netsafe
Phone call scams to your telecom provider or local police via calling 105
Report online scam threats – like job or lottery scams – at 105 online.
