Your clients may not know the risks of paying their deposits into the wrong bank, but with your help, they can.
Friday afternoon is when many office-based businesses are already clocking off for the weekend in mind and spirit, but for solicitors, it’s prime house-exchange time.
But it’s not just your conveyancing team who are busy seizing the opportunity to finalise a completion for their client’s property. Fraudsters are using this window to con home buyers out of thousands by posing as solicitors.
How it works
Scammers will send an email to home buyers with alternative bank account details. Because they have been monitoring emails between buyers, agents and solicitors up to this point, the recipient is more likely to believe this exchange is legitimate, and deposit potentially tens of thousands into the criminals’ account of choice. Tracing and recovering this money is difficult – so the victim can expect to wave goodbye to enormous funds, as well as their chosen property.
Why it works
Thieves wait until the last minute to send the email on a Friday afternoon, the time when they’re least likely to get caught. It can be almost impossible to detect that the email is false, as all details will be cloned and the sender will have information that would identify them as the genuine solicitor. Another method is to delete the genuine email and replace it with a copy which has different bank account details.
Not only is the victim left without their deposit, but their house purchase could be set back weeks, and they may be left feeling foolish for “falling for” what is an intricate confidence trick which could catch anybody out.
How to help your clients avoid it
London-based Sethi Partnership admitted they had “never had to deal with an incident like this before” when their client, Howard Mollett was tricked out of £74,000. Mr Mollett accused the firm of failing to warn him of the threat, saying they put a cyber crime alert at the bottom of their emails only after he discovered what had happened.
In the absence of a face to the crime, the client Mr Mollet wanted Sethi Partnership to shoulder some of the blame. Being aware of this threat and warning your buyers to be cautious and vigilant is the best way to prevent your own business coming under fire.
- Make your intentions known
In the case of Howard Mollett, Sethi Partnership said they send bank details by post, not email. Make it clear how you intend to communicate bank accounts to your clients. If you would only ever do this by post, warn them not to trust any email with these details, even if it seems legitimate.
- Be open to questions
Those dealing with solicitors for the first time may be put off by fees linked to simple communications. Make it clear that questions over the phone or in person relating to security – such as querying the validity of an email, will not be billed.
Sethi Partnerships were criticised by their client for merely reacting to the situation with their cyber crime alert. It’s best to take preventative measures by including a note in the footer of all email communications warning recipients of the cyber risks.
- Train staff
Vigilance is one of the best defences against cybercrime. The success of a scam often hinges on deception. Staff who are aware of the risks will be more wary of a client calling to ask about an email with payment instructions or look into encrypting emails with sensitive information to prevent a hack in the first place.
While responsibility for this type of fraud doesn’t land with the solicitors, it’s part of a wider picture which can be damaging to business.
Professional indemnity insurance and cyber crime cover can protect your firm if a client makes a claim against you, but offering your assistance to help prevent your clients loosing thousands and their home will help solidify trust among your business and those who support it.
Speak to NC Stirling about you current cover and find out more about what we can offer your business.