Another firm falls foul of ‘social engineering’ telephone scam

Print This Post

23 April 2015

Are you sure you know who's on the other end?

Are you sure you know who’s on the other end?

The Solicitors Regulation Authority (SRA) has urged solicitors to be extra vigilant after a north-east conveyancing firm became the latest victim of telephone bank scammers.

The firm lost a significant amount from its account and the crime follows two further serious telephone scams in March this year.

In each case the callers have used a technique known as ‘social engineering’ to gain the confidence of those they call and obtain information to access accounts. They ask for ‘challenge and response’ codes, which are then used to authenticate payments and in some cases digital banking log-in and password credentials. Four firms were targeted in this way in November last year, losing £2m between them.

Robert Loughlin, the SRA’s executive director of operations and quality, said: “We are very concerned about this continuing activity. The fraudsters are highly sophisticated in their approach and their script makes them sound as though they are genuinely who they say they are.

“Solicitors throughout England and Wales are raising this serious issue as one of their major concerns in general discussions with us. We are aware of firms of all sizes receiving calls – this isn’t something that affects just one sector of the profession.

“All firms should ensure that their own internal systems for guarding against scams are up-to-date and that staff know how to implement them.”

The SRA reminded solicitors that banks will never ask for passwords or account related details over the phone. If employees are concerned about the authenticity of a caller, they should terminate the call and make further enquiries.

To validate callers, firms should contact somebody they already know at the bank, using a separate telephone line. There have been examples of the scammers keeping telephone lines open, to intercept an outgoing call.

More information from the SRA can be found here.

Tags: ,

One Response to “Another firm falls foul of ‘social engineering’ telephone scam”

  1. This is in danger of becoming another ‘double whammy’ for the profession. Insurers have already had to pay out significant sums off the back of client firms falling victim to such scams. Please ensure that everyone in your firm is aware of the current fraud risks. Check our advice on (i) Invoice Hijacking (; and (ii) Vishing ( Firms that are not alert to these dangers and have suitable controls in place may start to find it more difficult to obtain cover.

  2. Calum MacLean on April 30th, 2015 at 12:29 pm

Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Delivering a first-class service experience

Helen Hamilton Shaw 2

I visit a lot of different businesses in the course of my job – both law firms and other types of organisations. This gives me a unique opportunity to compare how the legal sector is shaping up against the commercial world in how they welcome visitors to their business, and it’s fair to say that those that go the extra mile certainly stand out.

October 21st, 2016