Fraudster steals £119,000 after hacking client email

A week before the completion of a house sale, a firm received an email from a client, providing the client's bank details. The following week the property was sold and, as requested, the firm transferred the money to the client's bank account.
It turned out, however, that it was in fact not the client's bank account. It appears that a fraudster hacked the client's email account and had been intercepting emails from the firm. This allowed the fraudster to contact the firm and provide false bank details. After completion, the fraudster also sent emails purportedly from the firm, explaining to the client that the sale had been delayed and that they would receive the money the following week.
This gave the fraudster time to move the £119,000 and avoid detection. The money has not been recovered.  
As you will have seen in the news, more and more businesses are being affected by cyber crime. Being aware of these risks reduces the likelihood that your firm will be affected, so we encourage you to forward this email to your colleagues.
Detecting identity fraud
The majority of cyber crimes reported to us are forms of Friday afternoon fraud, or similar email modification scams.
We know that Fridays can be particularly busy for firms, and there may not seem time to double check the details of a transaction. However, spending just a couple of minutes making sure you are in contact with the correct person could prevent a serious loss of money. It also means that you won't have to tell the client that their money has been lost, and reduce distress on their part.
You can find out more about factors to be wary of in our Risk Outlook, which includes tips for detecting Friday afternoon fraud.
Reporting to the SRA
If you have been targeted by a cyber attack where client money is stolen, you must report it to us, even if the money is promptly replaced. We also want to know if you have been the target of an unsuccessful cyber attack as this helps us to advise firms on how to protect themselves.
If you have been targeted by a cyber attack, you can report this to the SRA.
Back to News +