Avoiding Cybercrime

Cybercrime & conveyancing

In recent years, conveyancing clients and conveyancers have increasingly fallen prey to sophisticated fraudsters. These criminals have recognized that the UK banking system frequently processes transactions involving millions of pounds based solely on emails or phone calls that provide bank details and transfer amounts. They have devised intricate methods to reroute these funds through identity theft, email interception, and by convincing firms and their clients to send substantial sums to the fraudsters' accounts, often by masquerading as solicitors, banks, and property owners.

Usually none of the money is ever recovered, and the conveyancers and clients lose out. The banks even call this ‘Friday Afternoon Fraud’, in fact. As a result, banks will sometimes delay completion money transfers that they suspect could be fraudulent so they can be investigated. This can cause havoc with conveyancing chains on a Friday afternoon.

When a fraudster deceives a buyer, seller, or their conveyancers into transferring money to an incorrect bank account, the innocent clients may completely lose their funds. If a fraudster impersonates the legitimate owner of a property and sells it to an unsuspecting buyer—often also deceiving the conveyancer representing the fraudster—the buyer could lose all their money, with little chance of insurance coverage or recovering the funds. Such incidents typically lead to years of costly litigation.

It's important not to assume that your conveyancing firm will compensate for the loss through their insurance; staying vigilant against fraud attempts is also your responsibility.

Fraudsters may also hack into your computer to send fraudulent emails posing as your conveyancer or bank, or they may conduct sophisticated phone scams impersonating these entities.

Last year, nearly two million individuals were affected by identity theft, with the estimated total losses surpassing £2 billion. When fraudsters trick a conveyancer into sending funds to a wrong or fraudulent account, the conveyancing firm might cover the loss or make a claim on their professional insurance if they are responsible. Prompt detection of fraud can still result in delays, potentially causing a breach of contract by one or more parties in a property transaction, which often leads to claims and litigation. However, if a fraudster accesses your computer or impersonates you, usually instructing your conveyancer to send funds to their account, you will likely bear the loss, as the conveyancing firm won't be accountable for compensation. This highlights the critical need to secure your computer and email accounts and stay vigilant for any irregularities in transaction procedures or email correspondences.

Bogus conveyancing firms

The explosion of fraudulent conveyancing firms has been alarming. Some have even deceived the solicitor's regulatory body, gaining entry into the official register of solicitors.

Fraudsters meticulously create websites and email accounts nearly indistinguishable from legitimate conveyancing firms. They've gone as far as establishing physical offices with staff to masquerade as genuine businesses. In one instance, a fraudulent operation took two years and £60K to establish, yet it netted £6.8M in a single day before the perpetrators vanished.

Therefore, it's crucial to engage only with a conveyancer whose reputation you recognize and trust. Stick to dealing with familiar contacts within the firm, and approach any unusual requests from unknown individuals with caution, especially if they deviate from standard conveyancing procedures.

Phone scams - ‘Phishing’

Fraudsters may call you, posing as your conveyancer, agent, financial adviser, surveyor, bank, other lender, or even as the police or HMRC. They might claim that your regular contact is unavailable and request personal information, bank details, or passwords.

If this occurs, pause and reflect. Consider whether the information requested is reasonable or expected. Is there an unwarranted sense of urgency? Are they asking for details or passwords they should already possess?

These are significant red flags, necessitating extreme caution. Never assume a phone number or email address is authentic based on its appearance on your phone or computer. Fraudsters can replicate the contact details of the organization they aim to mimic.

Email scams

As with phone scams, the emails may be very convincing - but this could be because fraudsters have infiltrated your computer, and have been reading your emails to find out what you have been doing. The emails may seem to come from your conveyancer, and may have the same logos and references - but they will be fake. The email address shown at the top of the email may not be the real email address it has been sent from. Also it may be ever so slightly different, such as have a dash or full stop inserted, or come from a .com address rather than the .co.uk address of the firm.

Ultimately, the fraudsters, masquerading as your conveyancers, will ask you to send money to a new bank account, with an excuse such as the firm’s bank has just changed. Note that, in reality, firms rarely ever change their bank accounts.

Bank Scams

Fraudsters are increasingly targeting consumers via telephone, impersonating bank staff, police officers, and other trusted officials or companies.

They often allege that your account has been compromised and immediate action is required. However, remember that your bank or the police will never:

• Call to request your 4-digit card PIN or online banking password, even if they ask you to enter it on the keypad.

• Instruct you to withdraw money for them to safeguard.

• Advise you to transfer funds to a new account for security purposes, even if they claim it's registered in your name.

• Dispatch someone to your residence to collect cash, your PIN, payment card, or cheque book as part of a fraud investigation.

Furthermore, your bank will never request that you confirm whether the number shown on your phone corresponds to their official number, since callers have the ability to alter this display.

Top tips on PC safety

• Install antivirus software on all your Windows or Android devices, including computers, phones, and tablets.

• Avoid using public Wi-Fi to send or receive emails, or for entering your bank account details online.

• Only install software from trusted sources on your computer.

• Employ a firewall on your computer to block unauthorized access.

• Never allow individuals you do not trust to have physical access to your computer.

• Do not permit remote access to your computer over the internet for any reason.

• Regularly update all software and operating systems on your computers and tablets. Do not open emails or attachments that seem suspicious or are from unknown sources.

• Avoid clicking on attachments in dubious emails, text messages, or pop-up alerts.

• Never share your bank account information, passwords, user IDs, or payment card details on websites unless the site is secure and the URL begins with 'https://' rather than 'http://'.

• Create strong passwords that are lengthy, unique to each website, and consist of a combination of random numbers, and both lowercase and uppercase letters.

• Change your passwords frequently, and keep them confidential.

• Consider using a password manager app to generate secure passwords and store them, so you don't have to remember or type them in. iPhones and Macs come with a built-in secure Passwords app—utilize it.

• Monitor your bank statements for unauthorized transactions and inform your bank immediately if you detect any suspicious activity.

• Refrain from posting sensitive information on Facebook or other social media platforms that could hint at your password details, such as birthdays, addresses, family names, or banking information.

Elderly people

Elderly individuals might not recognize scam emails and phone calls, making them prime targets for fraudsters. If you're concerned about your parents or relatives falling prey to scams, consider asking your conveyancer to place a restriction on their property title or sign up for the Land Registry's property alert service.

Hospital or long-term care

Vulnerable individuals or those not residing at their property can also be targets. Ensure that the address registered for document service at the Land Registry is not the property itself. Tenants, care assistants, lodgers, or neighbors may orchestrate complex scams. A conveyancer can provide guidance on measures to safeguard against fraud in these situations.

Buy-to-let landlords

Tenants sometimes impersonate landlords to remortgage or even sell the property. In a notable instance, a tenant assumed the landlord's identity and remortgaged the property 17 times in a single day, then absconded abroad with the funds, forcing the landlord to convince the banks that a fraud had occurred.

Mortgage-free properties

Once you have repaid your mortgage, you might want to enter a restriction on the register or subscribe to the Land Registry's Property Alert service.

Empty properties

In addition to identity theft, certain brazen fraudsters break into vacant properties, strip them of contents, possibly refurbish, and then lease them to unsuspecting tenants. A notable case in London involved a fraudster who ran a lucrative operation by illegally taking over and renting out at least twelve properties.

Warning signs include:

• Be wary of last-minute changes to your bank or lending arrangements, or those used by your buyer or seller.

• Be cautious if there are sudden requests for additional funds from your bank or conveyancer without a clear reason.

• Watch out for sellers who seem uninformed about the property, fail to answer pre-contract inquiries, or are eager to sell quickly without questions.

• Be suspicious of requests to pay the seller directly, especially if offered a cash discount.

• Question valuations that do not align with the property's selling price.

• Be alert to emails or letters with spelling or grammar errors, generic salutations like 'Dear Client,' or unfamiliar phrases not typically used in local or business communication.

• Do not trust call-back numbers or direct lines with different area codes, or mobile numbers; only use verified landline main switchboard numbers.

• Avoid clicking on 'contact us' or 'email us' links in emails; instead, manually enter a known and correct email address, or directly type in the web address, or contact your conveyancer personally.

• If a deal or price seems too good to be true, it often is. Impostors may offer properties at low prices for a quick sale without due diligence.

• Always verify all amounts and bank details provided by your conveyancers, and ensure there have been no alterations.

What to do if you have any suspicions

Should any of the events mentioned in this blog occur, exercise extreme caution. In the case of a phone call, hang up immediately, wait five minutes to ensure the line is clear, or use an alternative phone line if possible. Then, contact your bank or card issuer using their official number to report the fraud. Be vigilant as fraudsters may remain on the line, giving the illusion that the call has ended. When you attempt to make an outgoing call, believing you're contacting the legitimate firm or organization, the fraudster could still be connected and may simulate a switchboard operator, only to redirect you back to them. Always dial the main switchboard number that you know is authentic, and avoid any 'direct lines' provided by them.

If you lack access to a second telephone, make a call to a known and trusted individual first to verify that your line is clear.

Should you have any doubts regarding an email, reach out directly to your conveyancer, and speak to a familiar contact with whom you've previously communicated.

If in any doubt:

• Contact your conveyancer.

• To report any fraud, call Action Fraud at 0300 123 2040. Visit www.actionfraud.police.uk for more information.

• For the Land Registry fraud hotline, dial 0300 006 7030, available Monday to Friday from 8:30 am to 5 pm.