Cybercrime in conveyancing and legal services is unfortunately on the rise. Criminals have realised that the home-buying process includes the movement of high-value transactions between conveyancers and clients and that those transactions happen multiple times every single day. This is attracting criminals who are attempting to divert funds to their own accounts and disrupting or damaging hundreds if not thousands of property sales. Cybercrime can also be highly detrimental to businesses as it damages customer confidence in both the buying process and the individual companies it involves. There is also the risk of data breaches and personal customer data getting stolen. The UK Simplify Group were the victim of a massive data breach in 2021 which sent shockwaves through the industry.
How are Cyber Criminals Targeting Conveyancers?
One of the main strategies that cybercriminals have been employing is the taking over of conveyancer’s business email accounts. They then email clients who are about to complete property purchases and ask them to send their deposit to the criminal’s own bank account instead of the correct details. This enables them to take control of the movement of deposit payments and by the time the crime has been committed, the money has already been moved on and can be impossible to retrieve. Conveyancers also deal with a large volume of customer data and if this is compromised, conveyancing companies can find themselves in breach of GDPR regulations.
Cybercriminals have started to see conveyancers as easy targets as they think that this sort of crime will not happen to them. Furthermore, the rise of conveyancers working from home during and after the covid pandemic has taken away some of the controls in systems and processes as conveyancers working away from the office might not have appropriate security on their devices and home networks. The Law Society has written guidance on the purchase of cyber insurance to protect companies and clients.
How Conveyancers Can Protect Their Clients
There are a number of ways the conveyancing solicitor can protect their clients and business. First, there needs to be in-depth and regular staff cyber security training to identify any weaknesses in knowledge and processes. Additionally, some companies also outsource to a cyber security company for extra protection. Firms such as https://www.samconveyancing.co.uk/ have a number of practices in place to protect their clients. Conveyancing companies should never email you to ask for funds to be transferred and will never change their bank details in the middle of your sale.
Remember to check any emails very carefully, cybercriminals will often replicate the email addresses apart from a missing number or letter. Look for any changes in the emails you receive, a different tone in the language used. Any unusual email signatures or details should arouse your suspicions. If anything doesn’t seem right, call your conveyancer to check but if you receive a suspicious phone call, call your conveyancer back on their published telephone number. Furthermore, sign up for Action Fraud Alerts from the National Fraud and Cyber Crime Reporting Centre, if there are any scams and fraud in your area, you will be notified.
With these strategies and mitigations in place, the conveyancing and legal communities can combat the rise in cybercrime and protect the money and data of their clients.