Fraud alerts

We regularly issue alerts to members in response to threats to the profession.

Sign up to receive our regular fraud alerts by email.

You can also view a list of recent cases where scammers have impersonated Scottish solicitors.

Current fraud alerts

Ongoing VAT register scam targeting solicitors - 25 October 2016

We are aware that Scottish law firms are being contacted as part of an ongoing scam relating to a VAT register.

The scam, which typically involves correspondence sent by fax, invites companies to confirm their VAT details and to be added to a ‘European Central Register for the Collation and Publication of VAT Registration Numbers’

In one recent example, a Scottish law firm received a fax like this from a company calling itself 'European Database Services Ltd' with an address in Vienna.

There is information available about how to report fraud and internet crime.

Attempted email fraud targeting a Scottish law firm - 14 September 2016

We have received reports of yet another case of an email scam targeting the Scottish legal profession.

The most recent case reported to us involved a solicitor receiving an email made to look like it came from a client. The client’s email account had been cloned and the email address used was very similar to that of the client.

The fraudulent email instructed that a payment be made to a new bank account.

In this case, when the scammer didn’t receive a reply from the first solicitor they contacted, they proceeded to email another solicitor at the firm.

Please be vigilant for suspicious emails and ensure that all staff are aware of the threats posed by email scams.

Dealing with online fraud will be the focus of the Society’s Technology and Cybercrime Conference on 26 October 2016.

Email fraud with subject line ‘Compensation fund’ - 14 September 2016

The UK’s national fraud and cyber crime reporting centre, ActionFraud, has reported that here is a phishing email currently in circulation that claims to be from the City of London Police and which features the subject line ‘Compensation fund’. The similarity to the Law Society’s ‘Client protection fund’ may make this subject line of interest to the Scottish legal profession.  

According to ActionFraud, the departments that fraudsters claims to represent include the ‘Fraud Intelligence Unit’ and the ‘National Fraud Intelligence Bureau’. The email has a letter attachment that claims to be offering financial compensation to victims of fraud. The letter uses the City of London Police logo.
 
The letter states that in order for compensation to be arranged, the receiver of the email should reply disclosing personal information. It states that HSBC and the South African Reserve Bank have been chosen to handle the compensation claims. All of these claims are false.
 
The email and letter are fraudulent and should not be replied to.

Suspicious emails from a "Linda McNair" - 22 July 2016

We’re aware of potentially malicious emails being sent from a “Linda McNair Conveyancer PLS Connect” reporting to relate to a property transaction.

The emails contain attachments made to appear like ones normally used in conveyancing, but there is a concern that these attachments may contain harmful malware if opened.

There were similar reports of suspicious emails from this source in May 2016, and it appears the threat has now returned.

If you receive suspicious emails from a “Linda McNair” or indeed any suspicious emails, do not open any attachments or click on links. There is information available about how to report fraud and internet crime.

We'd also like to remind members that training on protecting your firm from fraud is available.

Sign up to receive fraud alert by email

Scam emails and online extortion - 3 May 2016

Fraudster attempts to gain access to client account

Fraudsters are continuing to hack into email accounts and are sending fake instructions to practice units instructing client funds to be sent to newly-notified bank accounts controlled by the fraudsters.

In a recent variation, the email received by the practice unit instructed that half of the proceeds from a transaction be sent to the fraudster’s account.  The email confirmed that the balance of funds should be paid to the original (correct) account. This approach appears to be a way of adding credibility to the fraudulent email.

Firms are asked to be aware of the above threats and to ensure that no payments should be made following an email instruction without reliable verification

Scam emails

These continue with recent variations including:

  • Emails to a solicitor apparently from another solicitor in the same area, attaching a fraudulent  invoice
  • Many emails received by unqualified staff of one firm titled “Notice of Legal Proceedings “or “SUMMONS TO WITNESS”.  The email has a word document attached with the recipient’s name as the title.  Emails received feature various sender names and email addresses and feature the words “attorney” and “subpoena”.

Firms should highlight these current threats to staff along with a reminder not to click on email attachments from unknown sources.

Online extortion scam

The National Fraud Intelligence Bureau (NFIB) have issued an alert to make businesses aware of a current online extortion scam targeting UK businesses. The alert document includes advice on how to deal with an online extortion attempt against your business.

Read the NFIB alert.

Bogus bank calls & emails – 'Safe Accounts' a new variation - 17 March 2016

In the past we have issued alerts about bogus bank calls and emails. However, this week we have been made aware of a new variation which has been attempted in the Perth area and possibly elsewhere.

The scenario reported is as follows:
• Call from a Graham Wilson saying he is with the Fraud Department of the firm’s bank (in this case Clydesdale)
• The caller states that there had been an attempted transfer from the client account to an offshore account but the Fraud Department had stopped the transfer
• The bank had frozen the account as a precaution and the call was to organise the opening of a safe account into which the firm could transfer its funds


Invoice Scams

Traditional invoice scams also appear to be making a comeback.

One firm reported receiving an 'invoice' from an office supplies business which in very small print stated it was not actually an invoice and there was no obligation to pay. Another firm received calls and emails from a scammer claiming to be from a landlord and seeking previous invoice details.

Fraud alerts - 2015

Warning over 'Domain Slamming' fraud - 3 December 2015

A recent bulletin from CIFAS (Credit Industry Fraud Avoidance Service) has warned of scams involving 'domain slamming' which they describe as an 'attempt by third parties to obtain money by pressurising individuals or companies into paying for domain name renewals or similarly named domains.'

This is something which could be targeted at law firms.

You can read the full CIFAS bulletin for details and potential proventative measures.

 

'UK data control' scam - 1 December 2015

We have been made aware that at least one Scottish firm has been receiving scam letters from a company called 'UK Data Control' who claim to be based in Hamburg. 

In one case, the letter and accompanying form ask for the Law Society’s VAT number, but in the small print it explains there will be a £800 annual charge for adding you to their system.  An internet search of this company shows that it is a scam.

Solicitors and firms are reminded to be on the lookout for suspicious letters or emails seeking payment or the transfer of money and to report these where necessary.

Information for firms following increased fraud activity - 16 November 2015

The following is important information about protecting your business from fraudsters who continue to target the solicitor profession and its transactions.

Currently, there is a concerted campaign by criminals to dupe solicitors in to acting on fake bank transfer instructions.

Typically, these instructions are provided in emails which appear to be genuine emails from clients or other solicitors or colleagues – but which are in fact very cleverly designed emails from criminals. These criminals have the ability to monitor email correspondence and have the expertise to be able to create email instructions which are capable of convincing most recipients they are genuine. In some cases, the email will appear to come from an email address identical to the genuine address.

Preventing your firm falling victim to this type of fraud calls for:

• Bank transfer instructions to be subject to careful scrutiny and, potentially, a process of verification.
• All colleagues to be fully alert to the risks and the appropriate risk controls.

In order to help firms, advice and information is provided by the Law Society and by Marsh in a series of risk alert emails, tweets and on our Frauds and Scams page. Additionally there is a regular risk management column in our Journal magazine.


As a minimum, risk controls need to address the following points:

• Whenever a client or another firm or a supplier provides bank account details/instructions for the first time (or changes any details/instructions), it’s essential that these are verified.
• If bank details/transfer instructions have been supplied by email, when contacting the client or solicitor or supplier to verify the information, be sure to do this by a different form of communication, e.g. by telephone. This minimises the risk that a fraudster who has provided a fraudulent payment instruction is also in a position to provide false validation by intercepting your email request for confirmation.
• If bank account details need to be sent by email, if possible send them by encrypted message with a password.
• If in any doubt do not proceed with a transfer of funds until you have established, reliably, that the communication and funds transfer instructions are genuine.

Risk awareness by all colleagues (both fee earners and support staff) is critical to preventing your firm falling victim to this type of fraud. Please ensure all colleagues are made aware of risk alerts from the Law Society and Marsh and warnings and guidance from banks and other sources.

Additionally we urge firms to consider making the free online awareness training available from Marsh, aimed at Scottish solicitors, mandatory for all your staff. The training takes just one hour and can be completed online which means individuals can complete the training at a time to suit them and your business. The training counts as verifiable CPD for solicitors. Further information about the training is available in Marsh’s October bulletin.

Information on who to report fraud and cyber crime to is available on our Fraud and Scams page, where you and your colleagues can also sign up to our fraud alert emails.

Urgent fraud alert following unprecedented levels of scam activity - 7 October 2015

Fraud attempts against law firms are at unprecedented level.

We would urge all firms to review our recent fraud alerts and make sure that all relevant personnel and clients are aware of them.

Bogus Bank Calls & emails

Please revisit previous fraud alerts on the following fraud methods:

  • Bogus calls from Banks
  • Bogus emails purporting to be from senior people within the firm – attempting to instruct fraudulent accounts transfers
  • Bogus firm emails being sent to genuine clients of the firm advising them that the firm has a new bank account and instructing them to send payments to that accounts which is controlled by the fraudster

Malware

In addition, there is currently a heightened risk of malware attacks against firm systems to enable the processing of fraudulent payments from client and firm accounts.

Please review our alert of March 2014 “Cyber fraud and scam emails” for sources of guidance on how firms can protect themselves against these risks. Your IT supplier should also be able to assist. 

Please ensure that all staff are aware of the risks posed by suspicious emails and do not click on any links on such emails as this may infect your systems with malware.

Invoice Redirection Fraud

The Royal Bank of Scotland have also reported seeing an increase in fraud against the legal sector, specifically highlighting the risk of invoice redirection fraud.

In this fraud, the firm will be contacted by a fraudster pretending to be a genuine supplier or client and will request that the bank account details held for that suppler or client are to be changed.  If this change is made, payments intended for the genuine supplier or client will be redirected to an account controlled by the fraudster.

The Royal Bank of Scotland have provided an information sheet which contains advice on how to prevent the fraud.

Cyber security funding for your business

If you are interested in improving the cyber security of your company then you can apply for up to £5,000 of Government funding, through Innovate UK, which is only available until the 20th of October 2015.

If your business has under 250 employees and has a turnover of less that £50 million then you are eligible to apply for funding.

View more information on the funding

 

Bogus banks calls targeting firms - 1 October 2015

A number of Scottish firms have today reported that they have been contacted by phone by a male person claiming to be from the 'Fraud Department' of their bank.

These calls appeared to be bogus.

Cashroom Managers are reminded to ensure that all relevant staff are made aware of this threat and how to minimise risks.

Attempted frauds on client accounts - September 2015

Recent attempted frauds on client accounts have involved the cashroom receiving emails, apparently from the most senior person in the firm, enquiring into how to initiate a bank transfer.

A second email instructs a transfer to a bank account in Leicester (London personal address noted) and follow up emails are received pushing for the transfer to be processed promptly. The emails still appear to come from the most senior person in the firm but some come from a gmail account.

In a separate case, a bank has made a firm aware of attempts to initiate a large transfer and to set up a standing order on the strength of mandates/instructions containing forged solicitor signatures.
Cheque books and statements have also been diverted to a London PO Box following the forging of the solicitor’s signature on a request.

Please make cashroom teams and solicitors aware of these attempted frauds. Transfer requests should be fully checked and verified. Firms should also pay particular attention to monitoring of transaction activity and ensuring that thorough bank reconciliations take place in good time. Firms should also ensure that any delay in receiving bank statements is followed up with the bank as soon as possible.

Police Scotland have confirmed that all of these issues should be reported to the Police Scotland Economic Crime Unit and through the Action Fraud website.

False bank account details

We’ve also been made aware of a scam where members of the public have received emails claiming to be from solicitors, providing false bank account details.

Clients who have instructed a genuine firm of solicitors, often during the purchase of a new property, have received emails claiming to be from their genuine firm of solicitors reporting that the firm's bank account details have recently changed. The fraudulent emails, sent from a very similar email address to that of the genuine solicitor, ask the recipient to pay into the new bank account, often the deposit or completion payment for the purchase of their new home.

We have updated our scam alerts page for members of the public and are advising they contact their solicitor to verify their firm’s bank account details if they have unexpectedly received new details

If you have any questions, please do not hesitate to contact the Society's financial compliance team.

Bogus banks calls targeting firms - September 2015

We have been made aware of  'bogus bank calls' currently being received with the following features:

  • Caller claims to be from the Fraud Dept of the bank (this may not be the bank you are with)
  • Caller suggests that he is following up on two problem transactions through the account earlier in the day
  • If advised that you are not with the bank mentioned, the caller confirms that he meant to advise that the payments were going out to that bank and he actually works for your bank
  • Caller will invite staff to provide their name

Cashroom Managers are reminded to ensure that all relevant staff are made aware of this threat and how to minimise risks.

Bogus banks calls - April 2015

Bogus bank calls

We have been made aware of a number of recent 'bogus bank calls' which coincides with the release of a further warning from the SRA to solicitors in England & Wales.

Cashroom Managers are reminded to ensure that all relevant staff are made aware of this threat and how to minimise risks.

Funds transfer instructions received by email

Marsh have recently issued a risk alert regarding funds transfers instructions received by email. 

The alert from Marsh states “we have been made aware of thefts and attempted thefts of client funds and firm’s own money where, believing them to be genuine, law firms have acted on an email providing bank details or payment instructions for funds transfers”.

Fraud alerts - 2014

Fraud alert - Gozeus & Cryptoclocker (June 2014)

GoZeuS & Cryptolocker Malicious Software

The National Crime Agency have recommended that businesses take steps by midnight on 17 June to protect their systems from powerful malicious software threats.

The NCA are recommending immediate action and have issued guidelines on how to counter the risk posed by the 'GoZeuS' and 'CryptoLocker' threats.

National Crime Agency update

We recently issued an NCA alert to the legal profession regarding debt recovery of unpaid loans or promissory notes. Please note the following additional names which now feature in cases of the attempted scam:

'Jennifer FISHER' and 'Michael SMITH'

LSS Financial Crime Conference

Places are still available at the LSS Financial Crime Conference on 25 June at the Glasgow Hilton. Speakers from Police Scotland and RBS on cyber crime risks will be joined by speakers from the NCA, HM Treasury, the Society/profession on topics including AML, Financial Sanctions, Mortgage Fraud & SARS.


If you have any questions, please do not hesitate to contact the Society's financial compliance team.

Ian Messer
Director of Financial Compliance
The Law Society of Scotland

Fraud alert - bogus bank calls, advance fees and email scams (May 2014)

There are a number of fraud issues currently affecting solicitors in Scotland. To protect your business and your clients, please read through them carefully and share them with all the solicitors in your firm.

1. Fraudsters gaining access to solicitors' client account/security details

Fraudsters pretending to be from bank fraud or relationship management teams are calling firms attempting to obtain unique account information from you and your staff in order to steal cash. The callers are knowledgeable and persistent and may appear to have the appropriate ID information.

Once you have refused to give out the information, another caller may contact you saying they are from the Relationship Management team or they may ask you to insert your card into the card reader machine for verification and type in the PIN. This is another way in which account information can be obtained and banks will not call asking you to do this.

Remember:
. Passwords/PINs should NOT be disclosed to anyone even if they purport to be a member of the bank's staff.
. If a caller asks you to insert your card/PIN into your card reader machine, you should not do this.
. If calling your bank to check the validity of a call, disconnect the caller and call your bank from another phone.
. Banks do not send emails asking for bank account information. Emails requesting password/PIN information should NOT be answered.
. It is also worth reviewing your IT security generally in light of recent publicity over vulnerabilities in IT security.

2. National Crime Agency fraud alert

The NCA have issued a fraud alert to the legal profession regarding debt recovery of unpaid loans or promisory notes. The details can be found in the full NCA alert.

3. Email scam

We've also had reports from members of emails which appear to come from the website 'Solicitors from Hell.net' with the subject title 'SolicitorsFromHell.net article regarding your firm'.

Members should delete the email without opening it or clicking on any of the links. Anyone who has received such an email can let us know the time and date they received it, and confirm its source and title – but should not forward the email itself.

Those who have opened the email should contact their IT provider for support and alert the Action Fraud police service

If you have any questions, please do not hesitate to contact the Society's financial compliance team.

Ian Messer
Director of Financial Compliance
The Law Society of Scotland

Fraud alert - bogus bank calls (April 2014)

Fraudster gaining access to solicitors' client account/security details

A firm had funds stolen from its client account after an experienced member of the firm's cashroom/finance staff was persuaded to disclose password/PIN information enabling the fraudster to transfer client funds using the bank's automated bank transfer facility. The password/PIN was disclosed to someone posing as a member of the bank's fraud investigation team who telephoned the firm under the pretext that he was investigating suspicious account activity. His 'cover story' was evidently convincing and the firm's employee complied with the request for details of password/PIN. Transfers of funds were effected overnight and this was only discovered the following day.

Passwords/PINs should NOT be disclosed to anyone even if they purport to be a member of the bank's staff.

Banks do not send emails asking for bank account information. Emails requesting password/PIN information should NOT be answered.

IT Security

It is also worth reviewing your IT security generally in light of recent publicity over vulnerabilities in IT security.

Reporting

You may be aware of other frauds or scams, or had a 'near miss' yourself. Sharing information about frauds and scams will help the profession as a whole guard against exposure to fraud. If you are willing and able to share information for the benefit of the profession as a whole, please click here to contact the Marsh team."

If you have any questions, please do not hesitate to contact the Society's financial compliance team.

Ian Messer
Director of Financial Compliance
The Law Society of Scotland

Fraud alert - cyber fraud & scam emails (March 2014)

Cyber fraud against client account

A Scottish law firm has recently been the victim of a cyber fraud against their client account resulting in a significant loss.

While the exact details of the methodology used by the fraudsters is not clear yet, you are advised to use this email as a prompt to ensure that your businesses IT security systems are robust and up to date.

Scam emails from "SRA"

Scottish solicitors are now receiving scam emails which purport to come from the Solicitors Regulation Authority (SRA) and may refer to an investigation of the practice unit.  It is understood that these emails contain a virus which could damage and compromise your systems.

You should not open this email.  Instead please forward it to law enforcement via the Action Fraud website and the "Report Attempted Scams or Viruses" tab on that screen.  If you have opened the email please report this to your IT provider.

The Society would also be interested to know how many of these emails have been received and if it has been opened and would be obliged if you could report receipt of such emails to us using the fincomp@lawscot.org.uk email address.

More detail on the format of the emails is available on the SRA website.

Help available

The Scottish Business Resilience Centre (SBRC) offer an on-site Cyber Security Assessment which enables businesses to evaluate the level of protection within their systems infrastructure and provides guidance to resolve issues.

More information on this service is available on the Society's website or by calling the SBRC on 01786 447 441.

The HM Government publication – "Small Business: What you need to know about cyber security" – also provides useful advice on reviewing your IT security and implementing improvements. 

If you have any questions, please do not hesitate to contact us.

Ian Messer
Director of Financial Compliance
The Law Society of Scotland

Fraud alert - bogus bank calls (January 2014)

We have become aware that the fraud methodology outlined in our risk alert in August 2013 continues to be attempted and recently has been successful.  Cashroom Managers are advised to urgently bring this alert to all relevant staff including cashroom staff to emphasise that passwords and PINS should not be disclosed to anyone even when they purport to be members of bank staff (relationship management, fraud investigation, etc.) and possibly members of staff that you have dealt with previously. View our August 2013 alert.

 

Please contact me if you have any queries.

Ian Messer
Director of Financial Compliance     
The Law Society of Scotland 

 

 

Fraud alerts - older

Risk alert - external frauds and scams (2013)

External frauds and scams are a significant live risk issue for solicitors. Recent adverse experience of claims and 'near misses' proves the determination of fraudsters and the alarming sophistication of the frauds and scams they commit. Some have involved identity theft/fraud, fake transactions, fake cheques/drafts and in some cases fake law firms. It is appropriate to alert the profession to a recent situation where solicitors have been victims of a fraud/scam:

Fraudster gaining access to solicitors' client account/security details

In the past month, a firm had funds stolen from its client account after an experienced member of the firm's cashroom/finance staff was persuaded to disclose password/PIN information enabling the fraudster to transfer client funds using the bank's automated bank transfer facility. The password/PIN was disclosed to someone posing as a member of the bank's fraud investigation team who telephoned the firm under the pretext that he was investigating suspicious account activity. His 'cover story' was evidently convincing and the firm's employee complied with the request for details of password/PIN. Transfers of funds were effected overnight and this was only discovered the following day.

Passwords/PINs should NOT be disclosed to anyone even if they purport to be a member of the bank's staff.

Banks do not send emails asking for bank account information. Emails requesting password/PIN information should NOT be answered.

You may be aware of other frauds or scams, or had a 'near miss' yourself. Sharing information about frauds and scams will help the profession as a whole guard against exposure to fraud. If you are willing and able to share information for the benefit of the profession as a whole, please click here to contact the Marsh team.

SCDEA bulletin March 2011

An update from the Socttish Crime and Drug Enforcement Agency on issues including bank account takeover fraud and the National Anti-Fraud Network.

Read the SCDEA bulletin.

 

SOCA alert - advance fee fraud (2010)

This alert was based on assessed intelligence and warned of dangers and threats from serious organised criminality and is devised with the aim of bringing about preventative or remedial action.

View the full alert.

Financial compliance bulletin - mortgage fraud (2010)

This bulletin deals with mortgage fraud and its purpose is to assist solicitors by highlighting the risks and requirements along with a number of warning signs and good practice points.

View the Society's Financial compliance bulletin on mortgage fraud.