Legal firms themselves are increasingly of interest to cybercriminals because of the volume of money firms deal with – especially in respect of conveyancing.
Adrian Czajkowski (pictured), is legal executive in the commercial dispute resolution department at Blacks Solicitors
Cybercrime is the fastest growing area of crime in the world, as criminals find and exploit internet loopholes, and take advantage of people doing business at a distance using only electronic communication.
The most common classes of cybercrime are online harassment, hacking (direct attacks on internet security), identity theft and phishing (tricking people into providing card details or similar information).
Most litigation departments will have tried to help pick up the pieces after one or other of these incidents, but legal firms themselves are increasingly of interest to cybercriminals because of the volume of money firms deal with – especially in respect of conveyancing. While some conveyancing frauds involve duplicitous or outright fake solicitors, there are many ways that criminals can attempt to hijack a genuine transaction.
One common scam involves phishing phone calls, where the caller claims to be from a bank or similar institution, and seeks to obtain financial information from either the client or the solicitor. This is particularly tricky as many banks, when called, will require their customer to provide some confidential information to prove their identity. Criminals may also have access to software that allows them to stay on the line, so that when their victim calls up their bank (using the same phone) to check the validity of the first call, they end up unwittingly talking to the same person.
For example, buying a house is a momentous occasion. It’s exactly the sort of thing people talk about on social media. Later on, perhaps the happy buyer receives an email purporting to be from their solicitors, providing fresh bank details for the transfer of the deposit. Social media is eminently searchable to discover who is talking about what – intentionally so, as that data is invaluable to advertisers. Much email traffic is not secure, and it’s eminently possible for a criminal to “listen in” on email correspondence, enough to create a very plausible message at exactly the right time.
Despite the convenience of email, many solicitors firms, including Blacks, have ceased to provide information like bank details by email because of the potential for mishap. Any email requesting confidential information or the movement of money should be scrutinised very carefully and preferably not replied to directly.
On receipt of any email relating to personal or financial details, making a phone call to the sender (on a number not provided in the email) is probably a wise precaution. When dealing with solicitors (or any similar profession) ensure you know whether they will make any such requests by email – as noted, many firms expressly do not.