Types of Fraud

This page sets out some of the principal forms of fraud and ways that firms can mitigate risk.

If you think you have been the victim of fraud, you muct act quickly and inform

  • your professional indemnity insurers
  • the police
  • the Council for Licensed Conveyancers
  • your bank
  • the National Fraud and Cyber Crime Reporting Centre on 0300 123 2040

You should also discuss with your client what has happened.

Fraudulent contact from your bank

A fraudster contacts you, either by phone or by email, claiming to be from your bank and requesting specific details, or to make the lawyer aware of certain activities on the account which they consider to be suspicious.

The lawyer then contacts the bank, either by email or by returning the call and provides the level of detail needed for the fraudster to access the account and steal the monies.

Ways to mitigate

Check that a call is really from your bank. If you call them back then do some from another phone, such as your mobile.

Never disclose log in details, passwords or other security information. Ensure that your staff are aware of this also.

Limit the number of staff who need to have access to banking details.

Do not allow third parties to remotely access your systems.

Email fraud

A fraudster contacts you by email or phone, claiming to the client to advise you that they have changed their banking details.

Payment is then made to that account.

Ways to mitigate

Double check with clients, by phone or another means of contact, should they ever indicate that bank details have changed.

Have a number of means of contacting clients, including phone, email etc, and utilise them should key information be changed.

Consider providing clients with a security number of password which they should use when contacting you.

Secondary email fraud

A lawyer sends the client details of the practice’s bank account by email, the fraudster then sends on another email apparently from the lawyer advising the client that the bank details have changed.

Client then makes payment to the fraudsters account.

Ways to mitigate

Do not give out banking details by email.

Advise clients in initial, and ideally all, correspondence that bank details will not be changed, or if they are communication will not be sent by email on this matter.

Check on expected payments regularly and contact clients accordingly.