The Conveyancing Scam
One of the most recent forms of cyber attack is on the rise and is rapidly making it’s way into small to medium businesses.
The ‘Conveyancing Scam’ or ‘Friday Afternoon’ fraud – so called as hackers take advantage of the busy day and where transactions can be hurried through before the weekend – has been responsible for 75% of all cybercrime in the legal sector in the last year.
How does it work?
Typically the victim will receive a request for payment via email from their normal supplier, for services rendered. This would not cause any concern to the victim as the email request would look genuine and would be for the correct amount owed and is also expected. However, the email account of either the victim or the business has been hacked and the victim ends up transferring up to thousands of pounds to the hackers.
One of our clients recently placed an order by telephone with their supplier and then emailed a purchase order to confirm. They then received an invoice from a slightly different email address to what they would normally expect, highlighting their new bank account details. The amount of £10,000 was then transferred directly to the fraudsters.
We are seeing that compromised email accounts are monitored over long periods of time to pull together information to make a fraud much more believable.
What can you do to protect yourself and your company
- Check for any changes in the bank account details before making a transfer.
- Talk to a new payee in person or via telephone to check their account details, use a known contact telephone number, not one from the email.
- Look for any changes in the email address through your email conversation.
- Keep your antivirus software up to date.
It will not be immediately obvious that an email account has been hacked as it will only become clear after a fraud has taken place or emails have gone missing. If you are hacked, the scammers can:-
- Set up rules on your email account to forward out mail to a third party.
- Read and send emails on your own behalf (including confidential information on your customers).
- Access your other accounts; email accounts are often used to reset passwords on other services eg: Facebook, LinkedIn.
How we can help:
- Enforcing password policies to set password complexity and expiry time.
- Multi factor authentication so that if a password is compromised then you need to accept the login via a different device.
- Checking for any suspicious rules in outlook or mail servers.
- Protecting PCs with Heimdal to help prevent spyware infection.