In this short blog series, Lawyer Checker’s Jennifer Williams outlines how criminals are infiltrating conveyancing transactions and stealing funds, and what law firms can do to mitigate their risk.
In our previous blog we looked at what cyber crime is and how conveyancing firms are being affected.
There are varying degrees of sophistication employed but the main focus of the infiltration is to influence whoever is responsible for transferring the funds, directing them to send the funds to an alternative bank account.
There is no one-size-fits-all definition of conveyancing fraud. Much of the time the deception is via impersonation with varying degrees of sophistication.
In the most recent case to hit the news a fraudster used an email address with a single letter different from the vendor’s advising the firm that she wished to amend her original bank account into which all the funds were to be directed, and instead send half to a savings account which she provided details for.
In another example a fraudster chanced his arm by calling the firm acting on behalf of the purchaser pretending to be the vendor’s solicitor to advise that they have recently updated their bank account details and redirecting funds to the fraudulent account.
A more sophisticated example of email modification fraud is the firm’s emails being hacked into and emails being sent out redirecting funds to fraudulent accounts. This often happens ahead of completion on a Friday to maximise the opportunity for fraudsters, hence the “Friday Afternoon” fraud terminology.
Phishing, where hackers send emails to staff encouraging them to click on links which can then enable access to computer systems, can lock down a whole firm’s computer systems in minutes, with many hackers demanding ransoms to provide unlocking codes for their “ransomware.”
All of these types of methods enable the criminal to complete their goal of redirecting funds to an alternate bank account.
In our final blog we’ll consider the ways in which law firms can protect themselves from 80% of cyber fraud, mitigate the risk to their business and reduce their PI premiums.
