With everything that has been going in the world recently you could be forgiven for having missed the news about the unprecedented levels of cyber-attacks on Microsoft exchange servers affecting hundreds of UK companies as part of a global campaign linked to Chinese hackers. You can read an article from the BBC (here) as well as this blog from Microsoft on the issues (here).
Apparently more than 500 email servers in the UK may have been hacked. Many companies are not even aware they are victims of the attack. This is continuing a trend of heightened cyber security risk, on the rise since the start of the Covid19 Pandemic when so many of us started working from home. It’s vital, now more than ever, to be vigilant when working online. With one in three UK workers currently based exclusively at home, remote working on a vast scale continues to be a major headache for cyber security teams at companies large and small. For these reasons it is essential that businesses give staff proper cyber-security training.
If you’re a regular recipient of this newsletter you’ve probably read articles from us referencing the 2018 Court of Appeal case of Dreamvar (UK) Ltd v Mishcon de Reya and others. The case is of interest to property and insurance professionals as well as the wider public as it concerned a fraudulent property transaction, an increasingly common occurrence. Given its importance to all conveyancing practitioners, but specifically smaller practices, the Law Society intervened so as to be able to make representations on behalf of the profession. The judgment contains a shopping list of “red flags” in the conveyancing process.
At LFBB our team regularly participate in anti money laundering (AML) and proceeds of crime training, which is required by our regulators, the SRA. Our conveyancers also complete regular training updates to raise awareness of red flags. One such red flag is the issue of phishing emails as part of a wider scamming process.
Fortunately, this AML training means that our team are keenly aware whenever red flags arise in our day to day work. One such example occurred recently.
- LFBB received an email from a client – involved in an ongoing case – confirming that he understood the instructions from us that our bank account had been frozen and they confirmed that no payments would be made until they received our updated account details.
- Upon receipt of that email a colleague immediately recognised the red flag for what it was (part 1 of a scam process where the fraudster provides bogus account details to which the client sends payment before the scammer disappears with the funds).
- LFBB contacted the client by phone and identified the email that they had received was part of a phishing exercise.
- Risks were identified and avoided through communication with the client and financial entities.
It is an unavoidable hazard of modern life – not just in the conveyancing process or dealings with Solicitors – that there are more and more phishing emails and attempts to defraud online. It is important that you remember not to click links from unknown sources and be wary of emails received from unknown addresses. Even if you do recognise the sender, please be vigilant.
Scammers are getting more and more sophisticated and in the case mentioned above, our client received an email that on face value looked to be from our firm. Because of our good relationship with them we were able to pick up the phone immediately to make them aware of the red flag and no harm was done.
If you receive any communication from us that purports to change our bank details or indicate that we will be sending bank details by email it is a scam. We will never update our bank details within an email – that is precisely what it says in our email footer – and we only send such details in password protected PDF’s.
This time we were able to step in and avoid any harm being done to our client. We will continue to work with our clients and we hope you will work with us to avoid risks in the future.
If you have any questions or concerns about communications you have received from LFBB or about cyber threats in general please speak to our team on 0114 272 9721.