Bogus law firm reports up by over 20%, with identity theft to the fore

Print This Post

6 November 2014


The Cube

SRA: Bogus firms “increasingly use online methods”

The number of reports of bogus law firms received by the Solicitors Regulation Authority (SRA) in the first eight months of this year is up by over 20% on the same period last year, the regulator has said.

The SRA said 454 reports were made in the eight months to the end of August 2014. Last year’s total of 548 bogus law firm reports itself represented a 57% increase on 2012.

In a report on the risks associated with bogus law firms, published alongside an update of its 2014/15 Risk Outlook, the SRA said: “Bogus firms increasingly use online methods to conduct activity. Almost half (46%) of all reports of bogus firms received this year involved the identity theft of a law firm or solicitor.

“This often involves the cloning of a genuine firm’s website. We have also noted an increase in individuals sending bulk e-mails, asking for money and confidential information, under the guise of being a solicitor or working for a genuine firm.”

Error, group does not exist! Check your syntax! (ID: 14)

Of the remaining bogus law firm reports this year, the report found that 37% involved an identified firm or individual posing as a solicitor, 17% a fictitious firm or individual posing as a solicitor.

The SRA said victims of bogus activity were not covered by the “normal regulatory protections”, such as access to the Compensation Fund, and law firms were under a duty set out in principle 10 of the Handbook to protect client money and assets.

One way of dealing with the threat of bogus firms suggested by the regulator was for practices to regularly carry out internet searches using names of firms, partners and staff to check whether they were being used with authorisation.

Another method was to ensure that details on the Law Society’s ‘find a solicitor’ web page were accurate and up-to-date, another to read warnings about bogus activity on the SRA website.

In a case study, the SRA described how a large City firm reported finding a site with a number of pages “almost identical” to their own, following a routine ‘clone search’ by their web team. Profiles and photos from the firm’s ‘meet the team’ section had been copied and names had been changed.

The suspicious website claimed to represent another firm of solicitors and displayed an SRA identification number. The SRA checked its records, found that the firm had never been regulated and that the ID number was fake. It contacted the bogus firm’s web provider and asked them to shut down the site.

A few days later it emerged that the bogus firm had sent a member of the public an e-mail asking for a small upfront payment to secure a large inheritance from an unknown relative.

Earlier this year many solicitors received a scam e-mail claiming to be from the SRA. The regulator said the scam was given away by the fact the sender’s email did not end in @sra.org.uk.

“However, this is not a guaranteed test as it is possible to falsify a sender’s address on an e-mail. In addition the e-mail contained an attachment that, if opened, could install malicious software (malware).”

Tags: , ,



Leave a comment

* Denotes required field

All comments will be moderated before posting. Please see our Terms and Conditions

Legal Futures Blog

Know your client checks – A lesson from BHS

Paul-Bennett for Legal Futures

As you will be aware, it is a legal requirement for advisory firms to carry out ‘know your client’ checks. The purpose of doing so is to confirm your client’s identity and to seek to provide protection in respect of anti-money laundering (AML) and terrorist financing laws. The BHS experience before the House of Commons’ work and pensions committee and business, innovation and skills committee shows that firms need to think beyond AML obligations.

September 29th, 2016