Current fraud alerts

'Law abiding citizen' and other phishing emails - 6 April 2017

The National Fraud Intelligence Bureau has issued an alert which explains how fraudsters are deploying banking trojans to unsuspecting victims in order to compromise their banking credentials and passwords.
The fraudster claims in the email to be a ‘law-abiding citizen’ notifying the individual that their information has been breached. They attach a file containing the ‘leaked’ information for the victim to see what has been exposed. The attachment is a ‘.dot’ file, usually titled with the email recipient’s name, which contains a banking trojan.

You should never open an attachment in any email that you are suspicious about.
An example of the email text can be found below:

Law Abiding Citizen Pic


In addition, law firms have been reporting a number of fraudulent emails.

For example, a cash room partner will get an email, apparently from a partner, but on closer enquiry it’s a very dubious looking email address.  The emailer asks for an urgent payment and eventually provides some bank details, hoping to con the firm into sending a payment.

Please be vigilant for suspicious emails and ensure that all staff are aware of the threats posed by email scams.

How to report an attempted fraud or scam.

Return of fraudulent bank calls to law firms - 17 February 2017

A law firm based in Inverness has received calls from a ‘Brian Johnston’ claiming to be from the ‘Bankline Fraud team’. He called about a ‘£5000 fraudulent transaction’ on the firm’s account. We understand that another firm in the area has received similar calls recently, which are not from the relevant bank. The attempted fraud may not be limited to the Inverness area, however.

Firms are encouraged to remind all staff of the potential for fraudulent calls purporting to be from banks.

Passwords/PINs should NOT be disclosed to anyone, even if they purport to be a member of the bank's staff.

Banks do not send emails asking for bank account information. Emails requesting password/PIN information should NOT be answered.

How to report an attempted fraud or scam.

Email phishing attempt at Scottish law firm - 16 February 2017

We’ve been made aware that Scottish law firms have recently been targeted by a new email scam.

Fraudsters have made contact with solicitors, initially with enquiries for assistance with a property purchase or transfer of ownership. However, when replied to for more information the scam emails have directed the solicitor to a ‘secure’ Adobe Acrobat document via a web link provided.

This link reportedly takes the user to a website made to look like a secure cloud store, but which isn’t SSL protected, and asks for an email address and password. As there is no password provided in the email, it’s suspected that the scammers hope that an individual would enter their office email address and password allowing the scammers to access the user’s emails.

To report suspected fraud and cybercrime, call ActionFraud on 0300 123 2040 or visit

The Society is interested in being made aware of email scams (and other similar issues) which are sent to our members so we can alert the profession. Contact us at