How safe is your data? Newspapers are full of horror stories about scam emails and homebuyers losing thousands to online criminals.
Cyber criminals often mislead buyers to misdirect their deposits or outstanding monies into the wrong bank accounts instead of to their Conveyancing Solicitor’s account. You might be wondering how they are able to do it? This isn’t likely to be through a breach in the Conveyancers’ security.
Essentially all the criminal needs is the buyer’s email address and a rough idea of when the deposit would be needed. Criminals have technology that intercepts emails, often estate agents’ emails do not have the same security measures in place that you might expect from a legal practice and certainly a client’s email address is unlikely to be encrypted. So, an estate agent sends the memo of sale to the client by email and the client responds or forwards it on and the criminal now has access showing all parties and contact details for the chain. They now just need to estimate when the Buyer will send the deposit or balance of proceeds to their solicitor.
Legal firms are bound by so much compliance and procedures to ensure their clients’ most important details are kept safe. Conveyancers often get the blame but the reality is very different, with information being obtained by the criminals from a number of varying sources.
Monitoring emails is one option but more often than not a leak of information occurs via social media. A status update on Facebook or Twitter, ‘ So excited, just received my mortgage offer’ is enough to tip off the fraudster. It takes only minutes to set up a spoof email address to enable them to pretend to be the Conveyancer. There are even websites in existence that enable people to create a spoof email address. They then send an email to the client advising that now they have the mortgage offer they must send the deposit to the following account immediately. Caught up in the excitement of moving, the client doesn’t question it.
And that is just it, we need to educate the public to think twice and some really simple measures make all the difference:
- At Barnes and Partners, we tell our clients at the outset our client account bank details and advise them that they will not change
- We advise you to have a verification process – so if you plan to send monies to anyone and you have received the details by email then telephone to double check the details are correct
- Be aware of the perils of open WiFi – criminals spend all day sitting in coffee shops cyber spying through open networks enabling them to identity who your Conveyancer is and even obtaining keystrokes for online banking passwords
- Be careful what you post on social media and generally be vigilant for suspicious emails or communications
- Identify your callers – make sure before you give any information to anyone on the phone that they are who they say they are…are they really calling from the estate agents’ office or are they trying to find out the name of the person dealing with the Conveyancing?
The majority of cyber attacks are unsophisticated and so by taking these simple steps you can make a real difference in protecting your money.
We hope these pointers prove helpful. If in doubt about any of the above, please don’t hesitate to get in touch.