How scammers use phishing attacks to steal, exploit company data

Many people spend most of their day in front of a computer or looking at their smartphones, accessing personal or business email. Scammers exploit this through phishing attacks — emails the recipient believes comes from a valid/trusted source that asks them to open a link or an attachment, or go to a website and enter personal information.

“In every case, the scammers prey on people’s good nature, their fears, or anything that will cause them to essentially grab the apple that scammers are dangling in front of them,” says Robert R. Kracht, a principal at McCarthy, Lebit, Crystal & Liffman Co., LPA.

Smart Business spoke with Kracht about phishing attacks — how they’re perpetrated, what legal recourse companies have to recoup damages and how to mitigate their success.

What is a phishing attack?

Phishing attacks tend to fall within three categories, ranging from low-level of sophistication to very sophisticated scams. 

In one approach, a spoof email — one that looks legit but is fraudulent — is sent with the intent of getting the recipient to go to a website and enter personal data that the scammer can then use to gain access to other personal or business accounts.

In a second approach, a scammer sends someone a check and asks them to deposit it into their personal or business account. The recipient is told to take a transaction fee for themselves and then wire the balance of the funds to the scammer.

The check, however valid-looking, is worthless. The scammer is hoping that the recipient will deposit the check and remit the balance via wire to the scammer before waiting for the check to clear their bank.  

In another approach, scammers enter into a person’s home or company network by getting the recipient to open an email attachment. Once in, scammers can search and obtain personal and financial data that they can then sell or use to withdraw funds or buy goods or services. 

How can organizations recover losses incurred from a successful attack?

Attacks are commonly perpetrated by persons outside of the United States ,where their identities and location are difficult or impossible to trace. Even if the transaction can be traced back to the source, if the theft was accomplished by wiring funds to banks outside the U.S., the scammers can avoid any clawback attempts by initiating further wire transfers to multiple banks in other countries.

Speed in detection and quick notification of the FBI may be the best means of tracing back to the source. 

When a wire transfer between two companies is initiated because of a phishing attack, are there legal damages that either company can pursue against one another?

Yes. If a phishing attack causes damages in connection with a transaction between two or more companies, the party or parties that sustain losses as a result of that event can seek recourse from any source available.

That can include other parties to the transaction, their own business insurance policies, any outside network consultants that installed or maintain the company network, and, of course, the scammer(s). In Ohio, the party that is in the better position to prevent the loss will bear the loss.

In the matters that I have been involved in, I am not aware that any of the affected companies placed blame on any officer or employee of the company. In the end, the employees are just victims of very elaborate schemes that are designed to deceive. 

How can an organization insulate itself against successful phishing attacks? 

Educate all employees so that they know how to recognize a phishing attempt. Limit the number of people who can authorize transactions via company credit cards, or who can authorize the issuance of payments by wire. Also, require confirmation other than internal emails that the person who requested a wire transfer made the request.

Consider the retention of cybersecurity companies that will install software to monitor networks for cybersecurity threats. Companies also should review their existing commercial insurance to see if they have cybersecurity coverage, which could help them recover some or all of the damages incurred if they’re the victim of a breach.

Insights Legal Affairs is brought to you by McCarthy, Lebit, Crystal & Liffman

What to look for in a cybersecurity insurance policy

Generally, cybersecurity insurance mitigates the consequences and liabilities incurred due to a data breach or hacking that makes the policyholder’s computer system unavailable in some way, and sometimes it covers other ways computers are used to inflict damages on a person or entity, such as phishing scams. However, there is no industry-standard policy.

“The market is so varied with many entrants and so little formalization that it’s near-impossible to point to one thing and say, ‘That’s what cybersecurity insurance covers,’” says Lucas M. Blower, a partner in the Insurance Recovery Practice Group at Brouse McDowell, LPA.

Smart Business spoke with Blower about how to ensure cybersecurity insurance coverage protects an organization from critical cyber risks.

What should organizations understand about cybersecurity insurance coverage?

Buying a cybersecurity insurance policy not only helps on the back end in terms of paying for recovery from a data breach, but also on the front end because it helps the policy-holding organization become self-conscious about the procedures it needs to implement in order to avoid the problems from the outset. As organizations increasingly buy cybersecurity insurance, it’s having an overall positive effect because, as part of buying cyber insurance, organizations tend to tighten up their data handling protocols.

Certainly, the best way for organizations to protect themselves is to not have a data breach in the first place. However, sometimes insurance companies will, if an organization is being blasé about its data security, try to use that failure as the basis to deny a claim.

How or where do the obligations of an organization to protect itself against cyberattacks overlap with cybersecurity insurance coverage?

Insurance companies have not had a lot of opportunities to interpret some of the conditions and exclusions in their cybersecurity policies. So, for example, some policies will take away some of the coverage policy owners believe they’re purchasing through exclusions for failure to maintain cybersecurity procedures that were disclosed as part of the application process. Insurance companies have tried to use that failure to deny coverage where human error resulted in a data breach. That’s typically a big shock to the policy- holder because the reason insurance is purchased is because sometimes protocols fail, usually because of human error.

Organizations need to scrutinize cybersecurity insurance policies for those lurking exclusions that the insurance companies will try to use to nullify the coverage. That can be difficult because there is no uniformity in the available products, so it’s a challenge for organizations to compare and contrast their options and ensure they’re covered for what they believe a cybersecurity policy should cover. In any event, though, effective coverage counsel can assist in pushing back against insurers who try to avoid their obligations based on opaque exclusions in their policies.

How can organizations determine the best cybersecurity insurance policy for their needs?

A cornerstone component organizations should look for in any cybersecurity policy is coverage for the cost to defend lawsuits that result from a data breach. The policy should also cover the cost of monitoring the credit of those affected after a data breach, as well as the costs of responding to the data breach, such as retrieving the data and plugging holes. If those elements are not a part of a policy, don’t buy it.

Organizations should consult a professional when buying cybersecurity insurance. Have them diagnose and explain how each policy available in the market differs. It’s not like buying commercial general liability policies, which are pretty uniform in their coverages. Organizations should get an independent eye to review those policies, whether it’s an in-house risk professional, a trusted broker, or outside insurance coverage legal counsel.

With cybersecurity policies, make no assumptions. Courts, when hearing a challenge to a policy provision, will expect that the company has read the policy — ignorance and assumptions will not be an acceptable defense.

Insights Legal Affairs is brought to you by Brouse McDowell, LPA

How a recent decision affects coverages and exclusions during construction

When something goes wrong during a construction project, the first thing most business owners and general contractors ask is, “Am I covered?”

Some commercial general liability (GCL) policies may not cover faulty workmanship or related defects. That’s why general contractors often purchase additional policies to provide added coverage or request special clauses, such as the products-completed operations-hazard (PCOH) clause, which covers damages “arising out of completed operations.”

A recent Ohio Supreme Court decision, however, has cast doubt on the degree of confidence that these special clauses can create and highlights the need for businesses to thoroughly review their policies with their insurers and legal counsel to ensure they are covered in any situation.

Smart Business spoke with Nicholas R. Oleski, an associate at McCarthy, Lebit, Crystal & Liffman Co., LPA, about ensuring your business is actually covered during a construction project.

What was the Ohio Supreme Court decision that impacts PCOH clauses?

In Ohio N. Univ. v. Charles Constr. Servs. Inc., Ohio Northern University filed a lawsuit against general contractor Charles Construction for water damage at its new hotel, claiming defective work by the contractor and its subcontractors. Charles Construction submitted a claim to its insurance company, believing that it was covered as a result of its PCOH clause. Charles Construction had paid an additional premium for the clause, which included terms that specifically applied to work performed by subcontractors.

The insurance company refused to pay the claim and asked the court to issue a ruling that it did not have to defend or indemnify Charles Construction under the CGL policy. The Supreme Court agreed the insurer did not have to indemnify the contractor based on a single definition contained within the policy. According to the court, the CGL policy, by its term, only was triggered by an ‘occurrence.’ The CGL policy defined an occurrence as ‘An accident, including continuous or repeated exposure to substantially the same general harmful conditions.’

Relying on one of its previous decisions, the court explained that an ‘accident’ involves a fortuity and faulty workmanship. According to the court, water damage resulting from the alleged defective work did not constitute a fortuity. The court went on to explain that ‘CGL policies are not intended to protect owners from ordinary ‘business risks’ that are normal, frequent or predictable consequences of doing business that the insured can manage.’ So, despite the fact that Charles Construction paid additional money for the PCOH clause to cover claims against its subcontractors, it still was not covered against the supposed faulty workmanship of its subcontractors.

What are the implications for businesses of the court’s decision?

The implications of this decision for the construction industry are far-reaching, as general contractors with CGL policies can expect that claims of faulty workmanship will not be covered. To ensure better protection, general contractors need to ask their insurers to explicitly include an endorsement that covers defective workmanship.

Such miniscule definitions should be carefully considered in all insurance policies, whether they are related to construction or not. Consider, for example, a typical cyber insurance policy. Many companies today purchase special riders that they believe will completely cover them in the event of a computer hack. Depending on the wording of the policy, however, the insurance company may only pay to fix the problem, but not cover the loss of income incurred while the computer system was down or the damage to the company’s relationships with its valued customers as a result of the hack.

How can businesses ensure they’re protected during construction?

When dealing with insurance, it’s never clear how a court will rule in a specific case. Definitions can be interpreted very differently, and outcomes could vary dramatically depending on the state where the case is being tried. You can help mitigate this uncertainty, however, by involving legal counsel in the review of pertinent insurance policies and analysis of other previous relevant cases.

Insights Legal Affairs is brought to you by McCarthy, Lebit, Crystal & Liffman

How to resolve conflict among business owners

Many business owners claim to be blindsided when a co-owner files a lawsuit against them detailing a list of grievances. The truth is that business owners often ignore disagreements with co-owners for years or even decades by focusing on pressing day-to-day business matters.

If your company does not address owner conflicts and succession planning issues, these matters will eventually disrupt, impact or injure the business. But with the right approach — and the right facilitator — these challenges can be identified and resolved.

“Disagreements among co-owners of a business are natural. They come up frequently. The key is how owners address those conflicts. Even a company with one owner eventually has to deal with succession issues to avoid potential tension between family members or others vying to be the next generation of owners,” says Kevin Douglass, shareholder at Babst Calland.

Smart Business spoke with Douglass about conflict resolution among business owners.

What events can trigger an escalation of a disagreement between owners?

The reasons why a disagreement may bubble to the surface are almost endless. One trigger is business financial health. If the company is doing very well, owners may feel entitled to more compensation or at least more input into how additional profits will be invested. If the business is struggling, an owner’s benefits may need to be decreased and tough decisions made about the company’s direction.

Other reasons for conflict include a change in an owner’s level of commitment or job performance, a desire to change the governance structure, conflicting business strategies, and compensation and benefit differences. Personal changes may also spark controversy, such as an owner’s marriage or divorce, owner children who are employed by the business, personal finances or advancing age.

It is surprising how often business partners, including those in the same family, do not openly voice their concerns. If co-owners are not comfortable discussing issues or sharing information, resentment festers and grows.

What are the risks of ignoring owner disagreements?

Owner disagreements, or failing to address succession issues, can spill over into business operations and finances. Employees, lenders, customers, vendors and others can easily become aware of, and even embroiled in, the drama. They may be confused about which owner is in charge. If left unchecked, the reputation and health of the business may be threatened. Just as significantly, relationships on a professional, personal and family level may be destroyed, if not addressed thoughtfully and with sensitivity.

Some owners resort to litigation to obtain the satisfaction they believe they are entitled to — and the expense, stress and distraction of co-owner litigation is never positive.

How can owners resolve their underlying issues more quickly?

An owner willing to address an issue with a co-owner head-on is often in the best position to resolve it. However, given the sensitivity of all the moving parts, including each owner’s legal rights and vested interest in the outcome, it frequently makes sense for owners to separately consult with an attorney for a comprehensive and objective assessment of the issues, risks and alternatives for resolution.

As part of that process, it is important to understand not only why the disgruntled owners are upset, but also what owners hope to achieve and whether their expectations are realistic. After fully vetting an owner’s desires and legal rights, finding a solution may include answering difficult questions. Do the owners want to continue in business together, or separate via a buyout? Do the owners share the same vision for the company’s future? Does the ownership, compensation or governance structure need to be redefined? Are new leaders and investors needed? Should the business be sold? Should a strategic or succession plan be developed, and if so, what should it look like?

Any resolution of issues involving owner conflict or succession should strive to satisfy, or at least account for, the concerns of all owners and interested parties. Unlike a winner-takes-all litigation setting, an opportunity exists to develop workable solutions for owners while preserving and protecting the business. Wise owners take advantage of that opportunity.

Insights Legal Affairs is brought to you by Babst Calland

How to comply with the Plain Language Consumer Contract Act

Pennsylvania and many other states have passed laws requiring consumer contracts to be written in “plain language” to make contracts easier for consumers to understand.

Many companies, however, may not be aware of these laws and their requirements.

“Any company that does business with consumers should have its contracts reviewed by an experienced business attorney on a regular basis to ensure compliance with these laws,” says Julia Richie Sammin, a member at Semanoff Ormsby Greenberg & Torchia, LLC.

Smart Business spoke with Sammin about what businesses need to know to stay in compliance with Pennsylvania’s Plain Language Consumer Contract Act.

What is covered under the Plain Language Consumer Contract Act?

Pennsylvania’s Plain Language Consumer Contract Act applies to all written contracts between a business and a consumer. A consumer is any individual who borrows, buys, leases, or obtains credit, money, services, or property for personal, family, or household purposes. The Act’s scope is therefore fairly wide; for example, residential leases, home improvement contracts, security alarm contracts, and gym membership agreements are all covered by the Act. Consumers cannot waive the protection of the Act.

There are exceptions for, among other things, some real estate contracts, contracts involving amounts over $50,000, marital agreements, and documents used by regulated financial institutions. Also, a company will not be liable under the Act if all parties have finished what was required under the contract, the consumer wrote the part of the contract that violates the Act, or the company made a good-faith and reasonable effort to comply with the Act.

What are the guidelines by which contracts should be written to comply with the Act?

The Act requires all consumer contracts to be written, organized, and designed so that they are easy to read and understand. For instance, consumer contracts should use short words, sentences and paragraphs, and should avoid Latin and foreign words, technical legal terms, and sentences that contain more than one condition.

Consumer contracts should also have font sizes, margin width, line spacing, and other formatting and visual characteristics that make them easy to read. Therefore, contracts that use tiny fonts and cramped text can run afoul of the Act, even if the contract language itself is easy to understand.

The Act also requires specific language to waive a consumer’s rights in residential leases, and there must be a description of any property that may be repossessed if the consumer does not meet the terms of the contract.

What happens to a company that doesn’t comply with the Act?

A company that does not comply with the Act is liable to the consumer for any or all of the following: actual damages, statutory damages of $100, court costs, reasonable attorneys’ fees, and any other relief ordered by the court. In addition, a violation of the Act is deemed to be a violation of the Pennsylvania Unfair Trade Practices and Consumer Protection Law (UTPCPL), which carries more significant penalties, and pursuant to which the Pennsylvania Attorney General’s Bureau of Consumer Protection has the authority to investigate and take action against companies engaged in unfair trade practices. The attorney general has an array of enforcement powers under the UTPCPL, including injunctions, restitution and civil penalties.

How can companies ensure their contracts comply with the Act?

An attorney can rewrite a company’s contracts to comply with the readability requirements under the Act. In addition, companies may submit their consumer contracts to the Pennsylvania Office of the Attorney General (OAG) for preapproval. Preapproval means that the contract is considered to be a good-faith effort to comply with the Act, which is a defense to liability under the Act. Preapproval does not mean that the OAG has approved the contents of the contract; rather, it simply means that the contract meets the readability test under the Act.

Insights Legal Affairs is brought to you by Semanoff Ormsby Greenberg & Torchia, LLC

Adding context to autonomous vehicle commercialization

At times, automated vehicles (AV) have dominated the headlines, so it can be easy to forget that the technology is still in the early stages of development and commercialization.

Justine Kasznica, shareholder at Babst Calland, is routinely asked: Why are AV companies and their automotive partners missing their stated deployment dates?

“This question raises an important point about current challenges to AV commercialization, with direct analogy to other autonomous mobility platforms, such as drones, personal delivery robots and more,” she says.

Some resources are being held back by the industry because of regulatory uncertainty, safety and security concerns, and the need for infrastructure that supports the technology, says Timothy Goodman, shareholder at Babst Calland.

“Even in view of this, progress is happening, particularly with regard to electrification and advanced driver-assistance systems (ADAS),” he says.

Smart Business spoke with Kasznica and Goodman, in the firm’s Mobility, Transport and Safety practice group, about AV development and commercialization.

Why should business executives stay aware of AV and other mobility development?

Automation has penetrated every segment of industry. In fact, warehousing, shipping, logistics and transportation are becoming more automated at a greater pace than ever before. In the future, whether it’s a drone, a legged robot or a wheeled delivery vehicle that solves the last mile problem, nearly every business will be impacted by AV. In addition, there’s plenty of opportunity to participate in this mobility evolution, even if it’s indirectly.

How is regulatory uncertainty playing a role in AV commercialization?

The federal government controls motor vehicle safety, with input from the automotive industry. Historically, National Highway Traffic Safety Administration regulations assumed vehicles would have a steering wheel, brake pedal and driver. The rules need to catch up to AV technology, which may or may not have these legacy items. However, federal rulemaking can take years, and this technology is changing rapidly.

In the absence of a strong federal framework, states are stepping in. A patchwork of laws ranges from hands-off and hesitant, to the proactive approach of Pennsylvania and California, which want to lead the way in developing sound regulations for AV testing and deployment. In addition, industry groups are creating voluntary standards for AV companies, which may influence future legislation.

The lack of a consistent regulatory frameworks had led many AV companies to start missing their projected targets for commercial deployment, in part because these regulations often dictate design features in their products.

What other challenges need to be overcome?

Autonomy is described in different levels, from zero to five. The technology is currently at level two, which is partial automation, i.e. lane assist, where the driver is still critical. Moving up to level three, four or five will require more than regulatory certainty — although that’s a big part of it. There are many transportation and infrastructure factors, like the advent of 5G, that need to catch up to the technology. This, in turn, further complicates AV development cycles.

The industry — and regulators — want AV systems to function well and not take unreasonable safety risks. AV systems in beta mode can become confused by unusual conditions, such as dust/rain/snow, pedestrians or unique road obstacles. Built-in redundancies are also required to combat software fails, while expensive and complicated technology, production cycles and implementation delays create barriers. Other concerns related to the cybersecurity and data privacy of integrated software systems need to be fleshed out before there will be full-scale commercialization. Solutions will require industry collaboration, public-private partnerships and data sharing.

While level five automation is years away, it will happen. Regulators are still trying to figure out how to promote safety without chilling innovation or picking winners and losers. In turn, resources are being held back by companies until there is more clarity with regard to regulations and the science.

Insights Legal Affairs is brought to you by Babst Calland

How companies can get the most from outside legal counsel

Smaller businesses tend not to have the budget for a full-time, in-house general counsel. Fortunately, there is another solution to help them avoid the common, and costly, legal pitfalls of being in business.

“Working pre-emptively with an outside general counsel on matters such as commercial contracting, general corporate governance, mergers and acquisitions, and vendor and supplier agreements reduces or eliminates the chance of encountering legal issues down the road,” says Elizabeth G. Yeargin, an attorney at Brouse McDowell.

Smart Business spoke with Yeargin about the many ways businesses can utilize outside general counsel.

What is corporate counseling, and why should an attorney deliver this service?

Legal counsel’s expertise is not limited to law. Through a legal lens, they can also offer practical business advice. For instance, an outside general counsel can participate in strategic and succession planning, disaster recovery and crisis management.

An outside general counsel may also have a background in the laws of a specific industry — tech or manufacturing, for instance. Generally, if it’s a highly technical industry that requires more than a general business law background, it’s better to work with someone with specialized trade knowledge.

These relationships have the added benefit of attorney-client privilege. Attorneys are bound by ethics rules and are prohibited from disclosing information received from their clients, which is different from other non-attorney advisers. Even emails between the attorney and client are privileged so long as outside parties are not included in the address line.

Which companies benefit most from working with an outside general counsel?

Smaller, closely held companies may benefit most due to the significant costs involved with staffing an attorney in-house, especially if those companies don’t have the volume of legal work to justify that expenditure. However, most inevitably have legal issues of some type that arise frequently enough that they need a trusted legal adviser who knows their specific business and can walk it safely through a legal minefield, or handle a one-off issue, such as selling a business or contracting with a difficult customer.

Who within an organization should work with an outside legal counsel?

Often an outside general counsel works directly with the CEO, CFO or president. There are, however, businesses that make outside legal counsel available to employees at other levels of the organization. For instance, sales managers or vice presidents are sometimes tasked with working directly with legal counsel when they have questions regarding supply agreements, procurement contracts or other sales-related obstacles.

It comes down to cost, need and comfort level.

Ideally, what should the general counsel-company relationship look like?

It’s best to be proactive, because it’s better to spend a little money up front to prevent much more costly issues later. That’s often the case with supply agreements and vendor contracts, which are easy to enter into but hard to get untangled from once a contract is signed.

Unless there’s a compelling reason — corporate compliance, for instance — outside counsel doesn’t likely need to be in attendance for every company meeting. But, especially when it comes to board or strategic meetings, it can be beneficial for the company’s lawyer to have a seat at the table to field legal questions and stay apprised of the general affairs of the organization. A lawyer never likes to find out through the news that a client is embroiled in a legal issue.

It’s a good idea for a company to hold regular checkups with its legal counsel so that he or she can keep track of the company’s current challenges. These checkups could be in the form of monthly meetings with the entire corporate management team or a brief phone call or lunch with the CEO. Counsel will, ideally, keep a running checklist of ongoing projects, discuss issues that are pending and those that have been resolved, and discuss upcoming strategic initiatives to keep everything at the forefront.

Insights Legal Affairs is brought to you by Brouse McDowell LPA

Critical considerations to make when forming a business

Starting a business often brings a sense of excitement coupled with owners’ desire to move quickly, but careful thought should be given to the tax and non-tax factors affecting the critical decision of how to structure the business. 

The right choice of entity protects the owners’ personal property by isolating liability associated with the business operations. Entity choice further affects access to capital, management rights and tax compliance.  

“The business form is incredibly important,” says Jonathan C. Wolnik, a tax and corporate attorney at McCarthy, Lebit, Crystal & Liffman Co., LPA. “Failing to start with the right advice from competent advisers can cause significant problems for the business and its owners.” 

Smart Business spoke with Wolnik about choice-of-entity considerations.

What are the key factors to consider when choosing a business entity? 

It starts with understanding the owners’ goals. Their vision answers questions as to how the company will be capitalized, if it needs to have closely guarded or freely transferrable ownership, and how it shall be managed. Very few owners are willing to intentionally accept personal liability for business activity, so the limitation of liability is always paramount. 

Partnerships can have very flexible management arrangements, whereas corporations typically have a more rigid management structure. However, general partnerships do not insulate personal assets, making the individual partners joint-and-severally liable for the activity of the other partners. This is often unacceptable to the owners, especially when it is easily mitigated.  

Further, the owners should understand the tax ramifications of their choice of entity, which can be easily explained by working with good advisers. But while it’s important to understand the tax ramifications among the entity options, taxes should not entirely control the business structure. 

Why would a company change entity type, and what would that process look like?

An entity formed as one type may convert to another, meaning, for example, that a corporation can become an LLC and vice versa. Typically, the entity seeking to change its form must notify certain state agencies before taking action. Further, a corporation typically must obtain a certificate of tax clearance from the Department of Taxation indicating that all prior tax liabilities have been satisfied. Other entity types do not share this requirement when converting.

A formal plan of conversion outlining why the entity wants to convert and how it will be accomplished must be adopted. The plan must be authorized at the appropriate level of governance. Note that tax-elections, such as the ‘S-election,’ do not constitute a formal change of entity type.  

The reasons for a conversion can vary and may include tax considerations or ownership changes. For example, an S-corporation is restricted as to who the permitted owners are. Therefore, admitting a new owner that does not meet the tax code’s requirements may necessitate a conversion to an LLC.  

Another factor to consider in conversion is the owners’ exit strategy. It may make sense to change entity type to obtain certain tax benefits at the time of exit, if possible. Foresight and careful planning are required when contemplating this type of action.  

What do people tend to overlook when setting up a business entity? 

Dispute resolution is often ignored by individuals starting a business. At the beginning, optimism and a desire to control costs keep owners agreeable. But those initial good feelings often fade, and if the governance documents do not adequately address dispute resolution, the problems compound. It is easier to reach agreements on dispute resolution at the start when everyone is looking forward to a peaceful and prosperous future. Processes for dispute resolution should be documented early in the business formation. 

For these reasons, professional advisers, both lawyers and accountants, should be consulted. Candid and honest conversation is critical and allows the lawyers and the accountants to ask important questions to help their clients reach the proper conclusions that shall fundamentally shape the business for years to come.

Insights Legal Affairs is brought to you by McCarthy, Lebit, Crystal & Liffman Co., LPA

The myth of title theft: What providers of “protection” against it aren’t telling you

“Title theft” was a term unknown just a generation ago. Now advertisers bombard us daily with warnings about it. They say that thieves can “steal” our homes by forging our names on deeds, then resell the property or take out mortgage loans to drain its equity. They pocket the proceeds and “stick” us with any mortgage payments.

But can a thief really “steal” your house through forgery, and are you really obligated to pay off a thief’s mortgage loan?

Smart Business spoke with William Maffucci, a real-estate litigator with Semanoff Ormsby Greenberg & Torchia, LLC, to find out.

Can someone acquire title to a real property simply by forging the owner’s name on a deed?

No. A forged deed conveys nothing. And, having acquired nothing, the forger has nothing to resell to a third party or to ‘mortgage’ to a lender.

Although title theft isn’t real, a forged deed or mortgage can have a very real — often devastating — impact on the owner. Since the forger’s name will appear on the land records, the forger can sometimes deceive a third party into “buying” the property or a lender to take a “mortgage” of the nonexistent title.

The owner cannot simply ignore the forgery unless the defrauded buyer or lender accepts the owner’s account and disclaims any interest in the property. That rarely happens. Usually owners must file a lawsuit to clear title. Most owners need a lawyer to do that, and few lawyers are willing to handle such matters for free. The litigation can be lengthy, involving expert testimony as to the validity of the signatures, and prohibitively expensive.

Although the owner has no legal obligation to repay the forger’s loan, the owner may ultimately feel constrained to do so as a practical matter. Some owners don’t learn of the forged mortgage until the lender moves to foreclose the mortgage, or even after the foreclosure process is complete and title has passed again. Bringing legal action at that late stage can be particularly expensive.

Why do the advertisements for “protection” against so-called title theft say that a forger who subsequently “mortgages” the property to a lender can “stick the owner with the payments”?

Either the advertisers don’t understand the law, or their statements are intentionally ambiguous. The advertisements speak of ‘putting a shield’ around your title, ‘monitoring’ it, and issuing ‘alerts.’ If you inquire further, here is what you are likely to learn: The provider will regularly check the land records to see whether your name has appeared on any deed or other instruments. The provider will alert you of any such instruments it finds. If you respond that an instrument was forged, the provider will prepare and file in the land records document to alert further buyers or lenders that the instrument was forged.

Owners can check the land records on their own, but there’s value to the convenience of having someone regularly check the land records for them. There’s also a value to having a ‘red flag’ affidavit prepared and recorded as to any forged deed that is discovered — but only if the recording is accomplished before the forger succeeds in finding another victim to ‘buy’ or take a ’mortgage’ on the property.

Will a provider of “title theft” protection also pay for a lawyer to represent an owner in seeking to clear title after a forgery?

That’s the $64 — or even $64,000 — question. If the provider’s terms include its payment of the legal fees necessary to clear title of any forged instrument that it discovers, the service could prove to be extremely valuable. But that’s a huge ‘if.’

I’m not aware of any providers of ‘title theft’ protection who do cover their customers’ legal fees in litigation to clear title. And if such providers do exist, their service would almost certainly cost much more than the dime-a-day rates advertised widely.

Insights Legal Affairs is brought to you by Semanoff Ormsby Greenberg & Torchia, LLC

How litigation management helps companies in and out of court

Litigation management is a service that helps streamline the litigation process by focusing primarily on discovery.

“We help develop and coordinate discovery strategies, and handle discovery issues and projects in both serial and individual litigation matters,” says Marguerite Zinz, a partner at Brouse McDowell. “Our services help keep projected costs down because of the efficiencies we bring to information collection, management and review.”

These attorneys, because of their information management experience, are often used for nonlitigation projects such as creating policies and strategies for record retention and information governance and preservation.

Smart Business spoke with Zinz about how litigation management professionals can help companies improve their information management practices, both litigation-related and not.

How can litigation management professionals help companies?

Litigation management professionals are particularly valuable to any company that has to manage and collect information that will be involved in a litigation, whether the company is the one suing or being sued. As attorneys, they can be involved in as many aspects of the discovery process as is needed by the company, including written discovery, document productions, depositions and motion practice. These attorneys can also work with companies outside of litigation to develop and implement record retention and information governance policies, including assisting with the defensible disposition of information, performing audits and training employees on information-management policies, and assisting in legal holds.

What does a litigation management attorney do that a typical litigation attorney doesn’t?

A litigation management attorney can do anything a typical litigation attorney can do; they’re just generally not the person standing in front in the court room. Instead, they’re focused on discovery and making sure it aligns with the overall approach to the case.

Having a litigation management attorney focused specifically on discovery creates procedural and cost efficiencies, and frees up trial counsel to focus on the trial and not get bogged down with collecting or organizing the large amounts of information involved.

In a serial litigation context in which a company is getting sued repeatedly, a litigation management attorney can also ensure consistency in the company’s defense strategy across cases, and if new trial attorneys take cases later, they can more easily get up to speed on the issues generally involved in the case.

What types of companies would benefit from having an ongoing relationship with a litigation management attorney?

While litigation management professionals can assist any company that has large volumes of information, these attorneys are of particular benefit to companies in a lawsuit that involves a lot of information — and not just the company that has a lot of information that’s subject to discovery, but also the company that needs to acquire and review a lot of information from another party in a case.

This service is also helpful to companies that face repeat or serial litigation. Companies that manufacture any type of product can often find themselves the frequent target of lawsuits and would benefit from the creation of consistent and defensible practices that also mitigate costs through efficiencies.

What do companies often misunderstand about litigation management services?

Often companies think these attorneys are just focused on document production and handling, and are interchangeable with vendors that are not typically attorneys who handle eDiscovery and large-scale information reviews. What litigation management attorneys do encompasses that, but their legal training and licensure also give them a role in the strategy of the case, working with trial lawyers to determine where and how all of the information fits together in the overall litigation strategy.

There’s much more to litigation than arguing in court. Proper management of information is critical before and after a trial, and can save money, time and heartache for everyone involved.

Insights Legal Affairs is brought to you by Brouse McDowell