03 March 2015
Law firms, like any other business, can be targeted by scammers looking to defraud them of both the practice's money and money belonging to clients. Some of these scammers are highly sophisticated and firms should be aware of the latest tricks being used.
We issued a news release in November alerting you to be aware of scammers trying to trick you into disclosing banking security information over the telephone, which could then be used to access bank accounts to steal monies.
We continue to have reports from law firms who have been targeted, with an average of four a month being received.
Firms are being targeted by scammers who operate in the following ways.
The scammers gain access to a firm's online systems by downloading malicious software via unsolicited email communications. They then intercept email communications between law firms and replace them with their own, in an attempt to hi-jack monies from true client accounts, particularly for conveyancing transactions. On two occasions these email intercepts have been followed up with telephone calls from the fraudsters pretending to be from the bank's counter-fraud team, requesting to check their online security information in order to check the integrity.
The scammers telephone law firms pretending to be from a bank and request verification of a specific electronic transaction. They state that they suspect there are some fraudulent transactions that have been set up on the account. The scammer then requests to check their online security information in order to check the integrity of the information received.