The Solicitors Regulation Authority have published two scam alerts In the past week.
The legal sector lost £731,250 in the opening half of 2019 to speculative and sophisticated fraudsters.
Even outside the legal sector, Action Fraud found that £208 million was stolen through push payment fraud where criminals use social engineering techniques to convince the public to send the money directly to the criminal.
Cyber crime and the prevention of it is now a vital consideration for the legal sector as a data breach could cause irrevocable reputational and financial damage.
Worryingly, the SRA has published 39 scam alert warnings in the final quarter of 2019 as cyber criminals look for innovative ways to steal information and money.
Both recent warnings concerned an unclaimed inheritance and were both published on the same day (04 December).
The first email copied and impersonated a legitimate law firm and solicitor to trick the public into parting with their details.
The SRA warned that emails have been sent, falsely claiming to be from ‘John Cahill’ of ‘Stewarts Law LLP’.
The messages inform the recipient that they are beneficiaries for an unclaimed inheritance worth in excess of £3,000,000.
As a call to action, the fraudsters request address, identification and direct telephone number details from the recipient.
The email claims these details are needed to “enable the holding bank”, The Royal Bank of Canada UK Branch, to “proceed with final clarification / reveal further details and documents” about the inheritance.
Whilst such a windfall usually throws up red flags of suspicion, the convincing legal language and explanation is convincing.
Whilst the SRA authorises both law firm and solicitor involved, the messages used different email addresses and were in no way affiliated with the genuine and regulated firm or solicitor.
Although less sophisticated, the second scam involved a false email claiming to be sent from Ryan Jules, Legal Practitioner/Solicitor using the email address ‘info@asbcosolicitors-uk․com’.
The fraudsters call to action requests the recipient to send a reply to the email address.
Furthermore, fraudsters increased the legitimacy of the email by creating an accompanying website ‘www.asbcosolicitors-uk.com’.
The SRA has since reiterated that both the solicitor and law firm are not regulated by the SRA and should be avoided.
How do you protect against fraud and cyber criminality?
