Beware of Conveyancing Fraud

Conveyancing Fraud has been around for some time, and it’s estimated that there are roughly 2 successful attempts per week in the UK.

That figure might not sound like a large number in the grand scheme of things and year-on-year rise in cyber-attacks, but when those conveyancing scams are in the thousands and in one case £600,000, it’s quite significant for one attack.

Reading many comments on various articles across the Internet regarding conveyancing scams, many are quick to judge and comment ‘they should have called their solicitor and checked details first before sending any money etc.’ but in reality, we don’t always carry out due diligence. We all make mistakes, and some can be extremely costly.

How does a conveyancing scam work?

One method is where a hacker intercepts information sent between the target (victim) and the solicitor they are dealing with. They usually listen in on the communications being sent and then when the transaction is ready to be made the hacker emails the target with fraudulent bank details of where to send the payment. At this point, in successful scams, the target is unaware they are not dealing with the solicitor but the scammer.

In some reported cases scammers have gone one step further and have been known to intercept communications from the solicitor chasing up payment to the target and delete them, so the target isn’t aware of anything until the scammers have cleared out the bank account the target has sent the money to.

REMEMBER: if you receive email communication from your solicitor that the bank account details have changed, follow this up with them by phoning the named person you have been dealing with throughout this process. To further confirm this, ask them to send the change request in writing to your address. 

Below we’ve outlined a few steps you can take to avoid becoming a victim of a conveyancing scam or other scams for that matter.

Best practices to keep your email safe

We’ve already covered a useful guide on email security best practices and why you should create a strong password, but to recap on identifying scams and potential fraud, consider the following: –

  1. Make sure your passwords are strong and use a combination of uppercase, lowercase, numbers and special characters. Remember: don’t use the same password more than once and don’t write it down!
  2. Enable two-factor authentication to add an extra layer of security to your email account. Setting this up is quick and easy and provides you with more protection.
  3. Be mindful of what information you share over email.
  4. Always check who you are sending and receiving emails from. Are there any typos in the email address? Does the domain after the @ match their website domain? Are you expecting their email? Don’t open attachments if you are not expecting them.
  5. Avoid sending confidential information over a public Wi-Fi network. Anyone sharing that network can potentially intercept your communications.
  6. Verify the legitimacy of the email if the contents seem odd or you have any doubts call the company.

Getting help

If you suspect you are a victim of fraud, immediately contact your bank and make them aware. You can find further information on how to deal with fraud and how to report it at Action Fraud.

Find out more

If you’d like to learn more about keeping your business and users safe, contact MMRIT. We offer a range of services from cybersecurity awareness and training to security audits and protection.

Comments