V.E. White & Co | Fraudster steals £119,000 after hacking client email

Lasting Powers of Attorney

Whenever a loved one begins to lose their mental capacity or is physically incapacitated due to an illness or injury, it can be an extremely upsetting and difficult time. We at V E White & Co. understand this and strive to aid our client’s through this difficult period to the best of our ability

View +

Deputyship Application

Whenever a loved one begins to lose their mental capacity or is physically incapacitated due to an illness or injury, but has passed the point where they are deemed capable of consenting to a Lasting Power of Attorney, then a Deputyship application can be made to the court, allowing you take care of their financial affairs or their personal welfare.

View +

A week before the completion of a house sale, a firm received an email from a client, providing the client's bank details. The following week the property was sold and, as requested, the firm transferred the money to the client's bank account.

It turned out, however, that it was in fact not the client's bank account. It appears that a fraudster hacked the client's email account and had been intercepting emails from the firm. This allowed the fraudster to contact the firm and provide false bank details. After completion, the fraudster also sent emails purportedly from the firm, explaining to the client that the sale had been delayed and that they would receive the money the following week.

This gave the fraudster time to move the £119,000 and avoid detection. The money has not been recovered.

As you will have seen in the news, more and more businesses are being affected by cyber crime. Being aware of these risks reduces the likelihood that your firm will be affected, so we encourage you to forward this email to your colleagues.

Detecting identity fraud

The majority of cyber crimes reported to us are forms of Friday afternoon fraud, or similar email modification scams.

We know that Fridays can be particularly busy for firms, and there may not seem time to double check the details of a transaction. However, spending just a couple of minutes making sure you are in contact with the correct person could prevent a serious loss of money. It also means that you won't have to tell the client that their money has been lost, and reduce distress on their part.

You can find out more about factors to be wary of in our Risk Outlook, which includes tips for detecting Friday afternoon fraud.

Reporting to the SRA

If you have been targeted by a cyber attack where client money is stolen, you must report it to us, even if the money is promptly replaced. We also want to know if you have been the target of an unsuccessful cyber attack as this helps us to advise firms on how to protect themselves.

If you have been targeted by a cyber attack, you can report this to the SRA.

Need Some Advice?

Simply fill in your details and query to the enquiry form and one of our experts will get back to you.