In a case of first impression, Thomas v. Corbyn Restaurant Development, Corp., the California Court of Appeal clarified how courts should allocate risk when a cybercriminal diverts settlement funds through a fraudulent scheme. The case arose from a $475,000 personal injury settlement. Before payment was made, an unknown third party, masquerading as plaintiff's counsel, sent spoofed emails to defense counsel containing fraudulent wire instructions. Relying on those emails, defense counsel wired the funds to the imposter, who then vanished with the money.

When the fraud came to light, the plaintiff demanded payment under the original settlement terms. Defendants refused, prompting plaintiff to seek enforcement of the agreement. The trial court, noting the absence of controlling California precedent, turned to federal case law. Under that framework, courts place the burden of loss on the party best positioned to detect and prevent the fraud. After reviewing the facts, the trial court concluded that defendants had failed to identify several warning signs, and that plaintiff bore no fault in the loss. The court enforced the settlement and entered judgment for the full amount.

On appeal, defendants did not challenge the legal standard used, but argued the trial court erred in applying it, claiming the court misread the evidence and gave insufficient weight to facts that could have shifted blame to the plaintiff. The appellate court disagreed. It held that the trial court conducted a proper comparative analysis and found substantial evidence to support the conclusion that defense counsel had overlooked multiple red flags, while no such evidence implicated plaintiff or his counsel. Accordingly, the Court of Appeal affirmed the judgment.

Factual Background

The underlying dispute arose from a personal injury lawsuit filed by Brian Thomas against Corbyn Restaurant Development Corp., dba Cow Shed Bar and Grill, and two of its employees, Nicole Nocentino and Jamie Lee Masters. Plaintiff was represented by Chambers and Noronha and defendants by Tyson & Mendes.

Following mediation, the parties reached a settlement agreement under which defendants agreed to pay $475,000 in exchange for a release of claims. The written agreement specified that the payment would be made to "Chambers & Noronha Client Trust Account for the benefit of Brian Thomas" within 30 days of receiving the executed release.

On August 28, 2023, plaintiff's law office administrator transmitted the signed agreement via email to defense counsel. Her email requested that the check be made payable to the client and the firm's client trust account and included her legitimate email address, signature block, phone number, and firm contract details. Defense counsel acknowledged receipt and indicated he would follow up regarding the disbursement timeline.

A week later, defense counsel received a follow-up email, purporting to be from the same administrator, requesting that the funds be wired electronically instead of sent via check. However, this email originated form a spoofed address that mimicked the real domain but contained slight alterations. Despite the fraudulent nature of the email, the message was formatted to closely resemble the original, even replicating the signature block with the correct name and email while substituting incorrect phone and fax numbers. The impersonator sent an identical follow-up message minutes later.

Defense counsel responded to the fraudulent message, expressing willingness to explore the request and stating that the check may have already been sent. The next day, the fraudster replied, instructing that if the check had gone out, the request for wire could be ignored.

Defense counsel noted that he had attempted to call the listed number but received a failure message. Nonetheless, he proceeded to request wire instructions. Later that day, the impersonator replied again, promising to follow up with instructions. By the next business day, additional messages were exchanged, culminating in the transmission of wire instructions to the fraudulent account. Ultimately, relying on these spoofed communications, defense counsel transferred the $475,000 settlement to the imposter. Plaintiff's counsel never received the funds and initiated this lawsuit to collect when defendants refused to pay again.

Determining Who Bears the Loss in Wire Transfer Fraud

The appellate court acknowledged that no published California decision directly addresses which party bears the risk when an imposter induces one party in a transaction to divert funds intended for the other. However, federal courts have considered this issue and have consistently placed the burden of loss on the party best positioned to prevent the fraud. Beau Townsend Ford Lincoln, Inc. v. Don Hinds Ford, Inc. (6th Cir. 2018); Eerie Insurance Co. v. WAWGD, Inc., No. EA-22-1783 (D. Md. Apr. 29, 2024). In both decisions the court looked to the Uniform Commercial Code (UCC) for guidance.

Although UCC Article 3-404(d), known as the 'imposter rule," formally governs only negotiable instruments, courts have extended its reasoning to wire transfers and contractual payment disputes. The rule provides that a party bearing a loss may recover from a party that failed to exercise ordinary care, to the extent that such a failure contributed to the loss. Courts have treated this standard as a flexible and equitable framework in fraud cases involving electronic funds transfers, even where the UCC does not directly apply.

The Court of Appeal considered the totality of the circumstances, including, but not limited to, the following factors:

  • Whether the party's email or computer systems were previously compromised.
  • Whether either party had advance knowledge of ongoing fraud attempts.
  • Whether suspicious indicators- such as unusual email addresses, grammatical inconsistencies, or duplicated requests- were ignored.
  • Whether changes to payment methods conflicted with prior agreements or omitted key identifying language.
  • And critically, whether the payor independently verified new wire instructions, particularly when such changes came via unconfirmed channels. Erie Ins. Co. v. WAWGD, Inc. (D. Md., Apr. 29, 2024, No. EA-22-1783) 2024 U.S. Dist. LEXIS 77140

Importantly, the court clarified that a finding of negligence is not required for a court to assign responsibility. A party may be found to have been in the best position to prevent fraud even absent traditional fault. Arrow Truck Sales, Inc. v. Top Quality Truck & Equip., Inc. (M.D. Fla., Aug. 18, 2015, No. 8:14-cv-2052-T-30TGW) 2015 U.S. Dist. LEXIS 108823. The central inquiry is practical, not punitive. The court asks which party had greater control or capacity to identify and stop the fraudulent scheme. Id.

With these principles in mind, the Court of Appeal found the trial court's approach legally sound. It adopted the prevailing federal standard that loss from an imposter's diversion of settlement funds should fall on the party in the superior position to detect and prevent the fraud.

Defendants Were in the Better Position to Prevent the Fraud

The court affirmed the trial court's conclusion that the defendants were in the best position to prevent the fraudulent transfer of settlement funds. Reviewing the record under the substantia evidence standard, the court found ample support for the lower court's determination.

Conflicting Payment Instructions

The court noted that the wire transfer instructions provided by the fraudster materially conflicted with the payment terms set out in the executed settlement agreement. While the contract required payment to the "Chambers and Noronha Client Trust Account for the benefit of Brian Thomas," the fraudulent instructions changed the payee to "Chambers & Noronha APC." It also omitted both the trust account designation and the plaintiff's name which removed key fiduciary safeguards designed to protect client funds. These deviations, coupled with the shift from a check to a wire payment, should have prompted heightened scrutiny,

Phone Number Inconsistencies and Inadequate Verification

The defense counsel's attempt to call the number listed in the spoofed email was met with an inoperable line. Rather than verifying the correct contact information using an independent or previously known source, counsel continued to communicate with the fraudster and ultimately delegated follow-up duties to internal accounting staff. The failure to verify such a critical change in payment method, despite multiple inconsistencies, further supported the trial court's finding that defendants failed to exercise ordinary care.

Spoofed Email and Digital Tells

The fraudster used a subtly altered email address that changed both the administrator's name and domain. These signs are often a hallmark of fraud. Further the imposter sent duplicate wire transfer requests within minutes of each other, a circumstance that courts in similar cases have viewed as a significant red flag. These digital irregularities, when viewed in the totality of the circumstances, reinforced the conclusion that the defense team should have detected the scam before the funds were transferred.

Allegations of Plaintiff Fault Rejected

On appeal, the defendants argued the trial court failed to consider plaintiff's counsel's contribution to the fraud. They asserted that the scam must have involved a breach of the plaintiff's computer system and, since they believed their own systems were secure, argued fault must lie with the plaintiff's firm. The appellate court rejected this logic, calling it speculative and unsupported by the record.

Importantly, there was no direct evidence of breach on either side. The fraud, the court emphasized, could have been orchestrated without hacking. Information could have been revealed in overheard conversations or obtained in improperly protected information about the parties and the settlement. Moreover, plaintiff's counsel submitted a sworn declaration confirming that their own investigation found no evidence of compromise. Although defendants challenged the evidentiary value of this declaration, the appellate court held that they failed to preserve that objection in the trial court and had thus forfeited it on appeal.

The court also rejected arguments that plaintiff's counsel delayed response after the fraud occurred somehow contributed to the loss. Defendants contended that plaintiff's failure to inquire earlier into the status of the funds gave the fraudster additional time to deceive both parties. Ultimately, the court was unconvinced and found no evidence that plaintiff's post-transfer conduct played any role in the initial diversion of funds.

In the end, the court decided not to apportion any fault to the plaintiff or counsel. Even if the plaintiff's systems had been compromised, clear warning signs were ignored by defense counsel. The court reaffirmed the standard that allocation of loss turns not on strict negligence, but on a practical assessment of which party was best situated to prevent the fraud. Under that totality of the circumstances test, the court determined the trial court's conclusion was well-supported. The defendants were in the superior position to catch the fraud and failed to do so.

Key Takeaways

  • In the absence of controlling precedent, California courts looked to federal authority and UCC principles, specifically "the imposter rule," to determine who bears the risk of loss in a fraudulently diverted wire transfer.
  • Courts will allocate loss based on which party was in the best position to detect and prevent the fraud, not necessarily on who was negligent or whether either party's systems were breached.
  • Courts will scrutinize the presence of warning signs such as changes of payee names, deviations form agreed-upon payment methods, spoofed email addresses, and nonfunctioning phone numbers. Failure to verify such anomalies may shift the entire loss to the payor.
  • Arguments based on conjecture or inference, such as assumed cybersecurity failures, will not support shifting the burden of loss without evidentiary support.
  • Law firms and businesses handling settlements or financial transactions must implement rigorous verification protocols for any changes in payment instructions, especially when conducted by email.

Conclusion

This decision marks an important development in California law concerning liability for wire fraud. It signals that courts will assess not just what parties did wrong, but who was realistically in the best position to prevent the fraud. In doing so, California aligns with a growing national consensus that emphasizes practical risk management over abstract notions of fault.

This case should serve as a wake-up call for attorneys, insurers, and any parties engaged in high-value financial transactions. In an era where wire fraud is increasingly sophisticated, the courts are holding professionals to a higher standard of vigilance. Paying parties must be prepared to verify payment details independently, scrutinize digital communications with care, and respond appropriately to any anomalies, because failure to do so could result in being held solely responsible for the loss.

By using this site, you agree to our updated Privacy Policy.