Wire transfer fraud has long been a popular target for cyber criminals.   

A case of first impression decided by the California Court of Appeal, Fourth Appellate District demonstrates the high stakes for victims of this crime. Specifically, on May 27, 2025, the Court of Appeal released an opinion addressing the issue of who bears the loss when settlement funds are fraudulently diverted via a wire transfer scam.

The case originated when Plaintiff Brian Thomas sued Defendants Corbyn Restaurant Development Corp. and two of its employees for personal injuries allegedly sustained during an altercation. Following mediation, Defendants agreed to pay a total of $475,000 to Plaintiff in full settlement and release of all Plaintiff’s claims. The agreement stipulated payment to Plaintiff’s attorney’s client trust account by check.  

One week after the agreement was reached, however, an imposter posing as Plaintiff’s counsel requested by email that payment be sent via wire transfer, and it provided wire instructions to Defendants’ counsel.  After Defendants’ counsel communicated telephonically with the imposter’s associate–who posed as the purported “Head of Finance” at Plaintiff’s firm–it proceeded to electronically transfer the funds in accordance with the provided instructions. 

The fraud remained undiscovered until Plaintiff’s counsel contacted Defendants’ counsel to follow-up regarding payment, after which Plaintiff filed ex parte for an order enforcing the settlement agreement.

The trial court applied federal case law, which generally shifts the risk of loss to the party in the best position to prevent the fraud.  In so doing, it found that the Defendants were in the best position to prevent the fraud, and that Plaintiff bore no comparative fault. It entered judgment in favor of Plaintiff for the full $475,000. Defendants appealed that judgment.

The Court of Appeal affirmed the trial court’s judgment, observing that there was a lack of California authority on the topic of which party bears the risk when an imposter causes one party to a settlement to wire proceeds to a fraudulent operator. 

The Court of Appeal concluded that the trial court properly applied persuasive federal case law borrowing a concept from the Uniform Commercial Code: the so-called “Imposter Rule.”  This rule provides that the “person bearing the loss may recover from the person failing to exercise ordinary care to the extent the failure to exercise ordinary care contributed to the loss.”

In determining which party was best positioned to prevent the fraud, the Court of Appeal looked to precedent. It noted that courts have typically considered a variety of “red flags,” including: the extent to which each party secured its computer system or whether the system had been breached before; whether the targeted party was aware that its transaction was being targeted, and, if so, whether that party disclosed the targeting to the other party in the transaction, or to the court; whether either party failed to scrutinize spoofed email addresses or overlooked typographical errors or duplicative information; and, whether the payor called to confirm wire instructions, particularly when they conflicted with prior payment arrangements or new payment instructions changed material information like names and addresses.

Applying these considerations, the Court of Appeal found that “there were red flags that should have alerted [Defendants’] counsel to the fraudulent scheme,” including the fact that “the imposter’s ‘wiring instructions conflicted with the payment procedure established by the parties’ written Settlement Agreement and Release.’”  Accordingly, Defendants were still on the hook to pay Plaintiff $475,000.

As transaction volumes grow and fraud attempts become more and more sophisticated (including the emerging use of generative artificial intelligence, such as voice cloning, to bypass controls designed to prevent this type of crime), it has become even more critical for organizations to establish layers of controls to verify transfers. And it is equally important to appropriately train, test, and evolve those controls to minimize the risk that they will not hold up under an actual threat.

Posted in California, Data Privacy Laws, Financial Privacy
Tags: California Court of Appeal, cyber risk, Data Privacy Laws, Financial Privacy, Fourth Appellate District, Imposter Rule
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Nolan Goldberg Nolan Goldberg

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range…

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range of types of disputes, including cybersecurity, intellectual property, and commercial.  Nolan’s understanding of technology allows him to develop defenses and strategies that might otherwise be overlooked or less effective and enhances the “story telling” that is critical to bringing a dispute to a successful conclusion.

Nolan is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP) and Certified Information Privacy Technologist (US CIPT).

Cybersecurity

Nolan’s electrical engineering background, coupled with a litigation and risk management-centric focus, allows him to assist companies in all phases of incident response. Nolan often acts as a bridge between the technical and legal response teams (both inside and outside forensic consultants). Nolan uses this deep familiarity with the company and its systems to defend the company in litigations, arbitrations and regulatory investigations, including before the Federal Communications Commission (FCC); Federal Trade Commission (FTC) and before various State’s Attorneys General, including Multi-State investigations.

Nolan has worked on incidents that range from simple phishing attacks on e-mail accounts by cyber-criminals to intrusions by (formerly) trusted inside employees to complex technical breaches of hosted systems by state-sponsored advanced persistent threats (APTs). These incidents have involved both client systems, and systems of a vendor of a client that hosted its data.

It is often the case (both in response to an incident and for other reasons) that a company will want to undertake an assessment of its security posture, but has concerns about the discoverability of any such analysis.  Accordingly, Nolan also frequently assists companies’ scope and conduct privileged security assessments, including “dual purpose” assessments where privileged analysis are also used for ordinary-course purposes.

Commercial Disputes

Nolan also assists companies with commercial disputes, particularly in cases where there is a technology component, including disputes arising from hosted software agreements; outsourcing and managed services agreements; software and technology development agreements and the dissolution of joint ventures.  When these disputes cannot be amicably resolved, Nolan has litigated them in State and Federal Court and in arbitrations, including international arbitrations.

Intellectual Property

Nolan’s work has included numerous patent and trade secret litigations and negotiations, primarily in cases involving computer and network-related technologies. In particular, the litigations have involved at least the following technologies: hosted software; telecommunications, computer networking; network and computer-related security hardware and software; microprocessors, voice-over Internet protocol (“VoIP”); bar code scanners  financial business methods and software, including securities settlement, fail management and trade execution and reporting software; data compression; handheld computers; pharmaceuticals; cardiac electro-stimulatory devices and prosthetics.

Nolan also has experience prosecuting patent applications before the U.S. Patent and Trademark Office in encryption, CMOS, HDTV, virtual private networks (“VPN”), e-commerce, XML/XSL, financial instruments, semiconductor electronics, medical device technology, inventory control and analysis, cellular communications, Check 21 and business methods. Nolan also has conducted numerous freedom-to-operate searches, written opinions, and counseled clients in the areas of bar code scanners, imaging, book publishing, computer networking, business methods, Power Over Ethernet (“PoE”), and digital content distribution.

He has assisted in evaluating patents for inclusion in patent pools involving large consumer electronics and entertainment companies concerning CD and DVD technology.

Computer Forensics and Electronic Discovery

Nolan is often called upon to develop e-discovery strategies to be used in all types of litigations, with a particular focus on selecting appropriate tools, developing proportionate discovery plans, cross border electronic discovery, managing the overall burden and cost of the electronic discovery process, and obtaining often overlooked electronic evidence, including computer forensics. He also assists clients to develop and implement information management programs to reduce expense and risk, meet compliance obligations, and tame e-discovery burdens.

Thought Leadership

Nolan has authored numerous articles and given numerous presentations on emerging issues and trends in both technology and law, and has often been called upon to comment on various media outlets including Business Week, IPlaw360, IT Business Edge, CIO.com, Forbes, and The National Law Journal.

Prior to practicing law, Nolan was a computer specialist at Underwriters Laboratories (UL).

Read more about Nolan Goldberg
Show more Show less
Photo of Michelle M. Ovanesian Michelle M. Ovanesian

Michelle Ovanesian is an associate in the Litigation Department, and a member of the Intellectual Property and Privacy & Cybersecurity practice groups. Michelle’s practice primarily focuses on helping companies navigate the complex and rapidly evolving laws, regulations, and industry best practices relating to…

Michelle Ovanesian is an associate in the Litigation Department, and a member of the Intellectual Property and Privacy & Cybersecurity practice groups. Michelle’s practice primarily focuses on helping companies navigate the complex and rapidly evolving laws, regulations, and industry best practices relating to cybersecurity and data protection.

Her experience includes counseling clients through the important steps that must occur immediately after incidents, as well as navigating the federal and state government investigations and private litigations that often go hand-in-hand with cybersecurity incidents.

In addition, Michelle’s practice has encompassed a variety of other legal matters, including commercial and bankruptcy litigation, in both federal and state courts.  Most recently, Michelle was part of the successful litigation team that represented the Financial Oversight and Management Board in the Commonwealth of Puerto Rico’s bankruptcy proceedings.

Michelle is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP).

She maintains an active pro bono practice with a focus on reproductive rights, immigration law, and veterans.

Read more about Michelle M. Ovanesian
Show more Show less
Related Posts
PCI Council Issues Biz Tips to Reduce 3rd Party Security Risk
August 14, 2014
California Supreme Court Holds Online Retailers of Downloadable Products May Require Personally Identifying Information For Credit Card Transactions
February 13, 2013
Alternative Trading System Agrees to Pay $800K for Failure to Protect Confidential Information
October 30, 2012