Friday afternoon fraud – it’s when criminals target conveyancing firms, the busiest time of the week and – it’s on the increase, a recent cyber security review has found. The Solicitors Regulation Authority (SRA) reported that there was a 113% rise in fraud alerts between March 2020 and March 2021, with 89% of all 2020 alerts involving scammers impersonating real firms during a legal transaction with clients.
The exchange of funds between a client and solicitor or from a solicitor to a client is where the criminals tend to focus their efforts, although theft of confidential data also poses a very real threat. Protecting your firm is crucial – not only because of the amount of cash at stake but also the priceless damage such crimes can do to your firm’s reputation.
Tom Lyes, director of engagement at legal cyber security experts Lawyer Checker, a strategic partner of Thames Water Property Searches on cyber fraud, explains that the sector is highly attractive to cyber criminals, thanks to the amount of sensitive data involved and the high sums of money changing hands. He attributes the rising threat to the continued buoyancy of the property market.
‘Conveyancing is a target for fraudsters because they know there are regular high value transactions taking place. Conveyancers are extremely busy and stressed at the moment, it’s a fast-moving environment and mistakes can happen. Criminals feel there is a vulnerability within the sector which they can exploit.’
The good news is that by taking a proactive approach, there is much you can, and should do, to ensure your business doesn’t fall prey to the cyber scammers.
Companies such as Lawyer Checker provide annual cyber security accreditation through their cyber essentials and cyber essentials plus certifications.
Says Lyes, ‘Achieving the accreditations is often not as hard as you might think. These are not always huge and complex infrastructure changes, more tweaks. Ask yourself what barriers are you displaying to criminals, how does your firm look from the outside? What will put them off and make them look elsewhere for an easier target?’
Lyes explains that communicating with clients verbally, rather than via email, is vital.
‘Tell your clients verbally how you will be asking them to pay their deposit funds. Don’t send bank details via email. Clients have sent deposit funds to fraudsters because of communicating via email. Email is not secure, it’s too risky.’
Training your staff should also be a priority in preventing cybercrime. A security aware culture where employees know about common scams to look out for, such as phishing emails and rogue websites, will give your firm the edge.
‘It’s really important that businesses invest heavily in people and training,’ says Lyes.
‘The National Cyber Security Centre website offer half an hour training for free which is a great place to start.’
Think about extra barriers you can put in place to make your firm more cyber secure. These can include measures to improve password security – such as ensuring staff don’t use the same passwords for work and personal email, and two factor authentication for staff email. It’s also possible to check whether email passwords have been sold on the dark web via visiting haveibeenpwned.com. If so, it is advisable to change the password to avoid it being used in a cyber-attack.
With many people still working remotely it’s also important to set up a virtual private network (VPN) to ensure data security for those staff who are at home rather than the office.
Rest assured that at Thames Water Property Searches we are here to support your firm. As well as being the official supplier of the CON29DW Drainage & Water Enquiry, we also offer a comprehensive range of property searches and discounted search packs, offering convenience and value. We are dedicated to training and cyber security is just one of the topics up for discussion at our regular free CPD webinars. Thames Water Property Searches put you and your clients first.
For more information visit our site