A member of the profession has informed the Law Society that they were subject to a cyber-attack in the week before Christmas.
Method of attack
The client received an e-mail purportedly from the solicitor. However, rather than the solicitor’s usual email address ending in “.ie” the email came from a “.com” address. The client did not identify this difference and responded to the email, hence was corresponding with the fraudster. It appears that the fraudster forwarded the contents of the email to the solicitor. Again the fraudster used a slightly amended email address for the client by including an extra “i” in the address. Again, the solicitor did not notice this difference and corresponded with the fraudster.
The client was requested to forward the balance of a purchase deposit of €24,000 to a fraudulent bank account. Believing this to be an authentic email from the solicitor, the client transferred the money. It was not until after Christmas holiday that the fraud was discovered and the money has since been withdrawn from that account.
Friday afternoon frauds
It is noted that fraudsters often target times when a solicitor is likely to be busy, resulting in them not paying as much attention to details (such as the email address in this case). They may also target periods where there will be some time before the discovery of the fraud, giving more opportunity to withdraw the money. For this reason, these types of fraud are often known as “Friday afternoon” frauds.
Guidance
Members of the profession should stress to their clients that they will never provide bank account details by email and, if the client does receive same, they should contact the practice immediately to verify the details before acting.
This should be stressed in person to the client rather than by email to ensure the client is aware of the risk involved. The Society is aware of a number of cases where the message is included in an email to the client but the client did not heed the message, resulting in a loss of money.
Also, if a solicitor identifies a fraudulent email they are advised to change their email passwords immediately, contact their IT providers for further advice and ensure that your system is checked for, and, if necessary, cleaned of any malware found.