Protecting your Business against Cyber Fraud
Cyber fraud occurs using a computer or mobile device intending to corrupt another individual's personal and financial information stored online. Cyber fraud is the most common type of fraud - businesses and individuals should work to ensure their information is protected from fraudsters.
£34.5 million has been stolen as a result of Cyber Fraud
Cyber fraud rates dramatically increased between 1st March 2020 - 24th March 2021 due to cybercriminals taking advantage of the pandemic. Action Fraud revealed that £34.5 million had been stolen during that period.
The UK Finance Annual Fraud Report 2023 reported that fraudulent activity/fraud cases among internet banking usage accounted for £114.1M of losses in 2023. 70% of this was Remote Banking Fraud, with telephone and mobile banking fraud accounting for 9% and 21%, respectively.
An educational institution fell victim to a hacker who transferred funds to a false bank account
A recent example was with an educational institution when a hacker compromised a legitimate email account and then fraudulently started instructing clients to pay advanced fees for tuition into a false bank account. A staff member from the educational institution fell victim to an email that appeared to be legitimate which instructed them to reset their password via a supplied link.
The email to the staff member appeared genuine; it used a known 'exact' email address. But once the staff member attempted to reset their password, the web page would not load properly, leaving them confused. The staff member did not know the email address/password combination had been compromised.
The staff member and the educational institution were alerted to the issue when their clients began contacting them regarding the payments they had made without receiving any confirmation follow-up. Only the educational institute discovered they had not received any funds when investigating.
How can I protect my business from becoming a victim of conveyancing fraud?
Criminals are experts at impersonating people, businesses, and the police. They spend hours researching your company for their scams, hoping you will let your guard down for a moment.
Confirm bank details from a law firm in person or over the phone at the start of the conveyancing process.
Agree on a robust mechanism by which any legitimate changes in bank details would occur, such as confirming them in person.
Ask them to confirm the details by post if you've obtained them in person or over the phone.
Law firms rarely change bank details or payment information. If you receive an email or telephone call stating a change in the bank details, question its authenticity.
Always check the bank details directly with YOUR lawyer or someone senior at the firm by calling them on their published telephone number.
Do not feel pressured into changing any details before you have spoken to someone from the firm.
Check the email address carefully and if in doubt, use a trusted phone number to check the information is correct, not the one given in the email demanding payment.
Set strong and separate passwords for your accounts, and ensure you have anti-virus software installed on your devices; these frauds usually rely on compromised email accounts. To create a strong password, choose three random words. Numbers and symbols can still be added if required.
Avoid using public or unprotected Wi-Fi to check emails when buying a house. Fraudsters can easily hack into vulnerable Wi-Fi systems.
If you are making a payment to an account for the first time, transfer a small sum first and then check with the law firm using available contact details that the payment has been received.
If you doubt the transaction, do not transfer your money until satisfied. It is correct; can you lose your entire deposit or purchase money?
Further reading; Supplier invoice fraud and how to keep your business safe?
At the North West Cyber Resilience Centre, we can work with your legal practice through our membership packages that help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection.
Through our memberships, you get regular updates on new threats, designed to help you stay safer and be able to access affordable cyber security services designed to help improve cyber resilience.