Stay cyber safe

2 March, 2017

Our society has obtained numerous benefits from technological advances such as the internet, modern forms of communication and data storage. However, these technologies have also been exploited by those who seek to unlawfully acquire our data, traditionally for financial gain, but also for political and ideological motivations. This type of unlawful activity is known as cybercrime.

Anyone can become the victim of cybercrime and online crime is becoming more sophisticated and organised. Therefore, we want you be aware of the different online scams that could potentially affect your transactions and provide you with some simple tips to reduce the chance of becoming a victim of cybercrime.

Hacked Email Scam

This type of fraud is committed by criminals who obtain unauthorised access (“hack”) into personal email accounts in order to monitor exchanges between clients and their solicitors. Once money is due to be transmitted, the fraudster will create and send an email which will appear to have come from the solicitor, informing the client that the bank account details have changed and that the money should be transmitted into a different account. As a result, the client unknowingly transfers the funds to fraudsters, and not their solicitors, resulting in substantial loss.

Follow these steps to reduce the risk of becoming a victim of this scheme:

  • Please remember that we do not notify changes to important business information, such as bank account details, by email. Therefore, treat communications of this kind with the utmost caution.
  • As internet threats are constantly evolving, make sure that your internet security software is up-to-date.
  • Avoid using guessable passwords to protect your personal accounts, in particular, your email, social media and online bank accounts.

To create a strong password, consider using three random words to create a ‘pass phrase’. This may contain a mixture of numbers, symbols and upper and lower case letters if needed.

Fraudsters are able to read all your email correspondence and cite details about you and your transaction. Therefore, please do not assume that all the communications that you receive are legitimate because one appears to know the details of your transaction. If you receive communications that are unusual or present any factors which give you concern, please contact your solicitor or the person managing your transaction by telephone using any of the numbers available on our website or headed notepaper.

 

Bogus Firms

This term describes any situation where a firm or individual that is not regulated by the Solicitors Regulation Authority (SRA) pretends to be entitled to undertake certain legal activities or call themselves a solicitor. This fraudulent activity is usually carried out through the unauthorised use of the identity of a law firm or a solicitor, for example, by cloning the website of a genuine law firm or by sending communications that claim to be from a genuine firm or solicitor when they are not.

Follow these steps to reduce the risk of becoming a victim of this scheme:

  • Check whether the firm or solicitor is recorded on the Law Society’s “Find a Solicitor” This free service will provide you with information about organisations or people providing legal services in England and Wales that are regulated by the SRA. The SRA’s Law firm search resource also provides similar information about regulated law firms in England and Wales.
  • Our lawyers do not use free webmail providers such as Gmail, Hotmail and Yahoo. Therefore, check whether the email that you have received is specific to Cripps and is consistent with the information provided on the firm’s website or an independent source.
  • If you have received an email or letter purporting to come from the firm, consider whether the firm’s logo, contact details, layout, grammar, spelling, use of technical terms and the format of the email address (e.g. joe.bloggs@cripps.co.uk rather than joe_bloggs@cripps.org etc.) matches what is displayed on independent websites and directories and is consistent with what you would expect from a legal professional.

 

Phishing

Phishing is an unlawful activity that is designed to trick you into revealing sensitive information such as bank account details, usually for financial gain. In order to make the scam appear credible, the fraudster will use unsolicited emails, text messages, telephone calls or direct mail which appear to come from a legitimate organisation such as a bank, solicitor or an individual who may be indirectly linked to your transaction.

Scams of this kind are impossible to prevent, therefore it is important that you are vigilant and look for anything suspicious.

Follow these steps to reduce the risk of becoming a victim of this scheme:

  • Never respond to an email from an unknown source.
  • If you have any doubts about the legitimacy of an email that you have received, do not follow any links or open any attachments, as it may contain malicious software (malware) which can corrupt your computer system and steal valuable information such as banking information.
  • If you receive a call purporting to be from a bank or any other individual who may be linked to your transaction that is unexpected or unusual, it is prudent that you do not deal with their request immediately. Instead, end the call and consider carrying out additional steps to verify the identity of the caller until you are satisfied that the call is legitimate.
  • When responding to emails or telephone calls never disclose any authentication or account details. If you receive such a request from a company that claims to be legitimate, contact the respective company using a telephone number held by a reputable source or directory, and ask them whether they are able to confirm and verify that the communications are genuine.

 

Further Information

You can find further information on scams on the Solicitors Regulation Authority website.

If you receive communications purporting to be from Cripps LLP or any of our partners or employees about which you are uncertain or suspicious, please either contact the partner or employee you normally deal with through our main switchboard: +44 (0)1892 515 121, or email contact@cripps.co.uk before taking any action and we will investigate.