A chain collapsed this week and two young first-time buyers lost £94,000 when they were defrauded of funds they thought they had safely transferred to their solicitor.
The couple were at the bottom of a chain with all the transactions reliant on their funds arriving in their lawyer’s bank account.
One of the agents, Stuart Lesser, of Aldermartin Baines & Cuthbert, in Edgware, Middlesex, acting for a seller further up the chain, was told that the couple had paid in their money a week ago.
However, there was no exchange of contracts, and he chased up on Friday, to be told that there was still a delay.
By Monday this week, it was clear there was a serious problem.
It emerged that fraudsters had intercepted emails between the first-time buyers and their conveyancer, forging the law firm’s business email to make it look authentic and sending the couple bank account details.
The couple duly paid in, and currently seem to have lost all the money. Police are investigating.
Lesser is concerned that other agents should be made highly aware of the possibility of fraud, and should in turn warn buyers and sellers transferring money to check that the bank account details are correct before sending money.
He said: “It was such an awful thing to happen. People in that chain and the agents concerned will all have lost something, but we’ll get over it. These young first-time buyers won’t.”
This is not the first time such a fraud has happened and sadly may not be the last. Other advice includes never putting any bank details in any emails, and making sure that the recipients know that this is the case.
While there are new compensation rules in place, banks do not always refund victims of fraud.
There have also been a number of instances where hackers get into an estate agent’s email account and are able to put together enough detail to create a fake email trail.
Property lawyers and estate agents need to work together on this issue and highlight the potential dangers to home buyers and sellers. Clients need to tell their conveyancers (and agents), by phone, when they will be sending any money. All parties then need to make sure it has arrived within the expected timeframe. If it hasn’t, I believe the first few hours are vital in stopping the diversion or recovering the funds.
Most conveyancers provide their bank details to their clients by letter, and then have warning notices (on emails and websites etc) saying that their bank details will not change. It would appear that more information and education is needed though.
“It emerged that fraudsters had intercepted emails between the first-time buyers and their conveyancer, forging the law firm’s business email to make it look authentic and sending the couple bank account details.”
It would be useful to know how ‘authentic’ it was. If it was an identical match, impossible to spot. Nevertheless, even a slight change to the email address would be very difficult to pick up.
I do hope these young first-time buyers are able to recover all or most of their money.
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
I am so sorry to hear about these poor people above, it is awful to see.
About 18 months ago, we alerted all staff, and inserted into all our client communications to NEVER EVER send bank details by email (as cyber criminals are watching for key words in emails and will then hack emails change the account and then send the email on like happened above) nor rely on bank details sent to you by email.
I kid you not, if you send your bank details now by email, a hacker will be watching the rest of your emails, as you are a prime target.
Even the Law Society have warned lawyers, and the SRA.
The scary thing is – we still receive bank details by law firms – commonly when they send us conveyancing ‘Replies to Requsitions’.
Single solution – be 100% certain you are using bank details that belong to the person you wish to send the money to.
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
This is a depressing pre-Xmas indictment of the appalling lack of care that lawyers are taking over their clients.
We’ve been telling people for three years that lawyers that continue to use email with their clients are exposing them to fraud.
Forget secure email nonsense chatter from the snake oil salesmen – bin emails and move to secure portals.
It’s no wonder so many PI insurers are ditching the legal market while lawyers fiddle and Rome burns…
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
Shocking – but entirely the fault of the bank.
Despite similar frauds going back many years (including pre-email), banks still do not check that the account number/sort code match the account holder name.
I hope the young couple get some good legal/PR help and shame the bank into coughing up.
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
I have a Landlord who has found the Tenant direct, but still wants me to do the tenancy agreement and deposit etc. I have been in touch with the new tenant and provided bank details, and told him that if he would like to confirm them before sending, he can either call the number on my email signature, find my office number online or speak to the Landlord to get my number to call.
Hopefully he will be reassured by that, but if not I am happy to confirm them over the phone to him. I hate paying for things online (she says, aware of the amount of online delivery boxes at home with gifts waiting to be wrapped…)
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
Very Worrying. How are they hacking emails?
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
Very easily it seems. I receive a continuous stream of nonsense emails that are meant to look like they are from solicitors; all with a suspicious looking file (an “invoice”) attached.
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register
cyber liability is regarded as the largest threat faced by businesses. Since the implementation of GDPR we have seen a pronounced increase in cyber related claims frequency and especially in SME’s, who hackers regard as being more vulnerable and therefore easier to penetrate. In the ever expanding age of digitalization, it is essential that we are aware of the genuine risks associated with cyber-attacks.
You must be logged in to like or dislike this comments.
Click to login
Don't have an account? Click here to register