01/10/2022

Mitigating the risk of Cyber fraud – Q&A with Emily Haskey

Cyber fraud is an increasing risk for conveyancers dealing with large financial transactions. We spoke to Emily Haskey, Operations Manager, Dye & Durham, to find out how firms can take practical steps to mitigate the risk and protect clients’ funds.

1. Outline your experience and describe your role at Dye & Durham

I joined the company in 2018 following the completion of a psychology degree at Chester University. I now lead our data research team of five. For me, the psychology behind cyber fraud is one of the most interesting aspects of my role. For example, 95% of all cybercrime and security breaches are due to human error. In simulation tests where staff are sent fake emails to see if they will click on a link and add their own payroll and bank details when requested, the majority do. Human error plays a big part in the success of cyber criminals, and we work with law firms to help them mitigate these types of risks.

2. Why is the risk of cyber fraud increasing?

The ONS has confirmed hacking offences more than doubled by March 2022 (to 1.3 million offences) compared with the pre-pandemic year ending in March 2020. This included victims’ details being compromised via large-scale data breaches, and victims’ email or social media accounts being compromised.

Loan and mortgage fraud increased by 675%, from £9.7 million to more than £75 million.

This generally corresponds to the growing move to digital workflows. Email, for example, is vulnerable to interception and the majority of communication these days is through email. Logging in for remote working can also provide a weak point for hackers, particularly if firms use shared account access or if individuals use the same passwords for multiple logins.

3. What are the main risks for conveyancers?

Conveyancing firms are a particular target due to the large single sum being transferred on completion of a property purchase by criminals who are becoming ever more sophisticated and experienced.

Impersonation, usually through email interception, is the greatest risk and made up 91% of SRA Scam Alerts in 2021. These days, it’s easy to obtain information on public databases about a particular transaction. Fraudsters can either email the client directly for extra information or to confirm they have changed the bank details just prior to completion. Clients may make the transfer without questioning where the email has come from.

One case reported by the Law Society Gazette in October 2021 details how £640,000 was handed over to criminals when emails between the buyer and the buyer’s solicitor were intercepted. According to the Gazette: “They created an email account made to look like that of the solicitor to request payment. Payment details were provided on headed paper via the spoofed email, and the amount requested was exactly what the buyer had expected to pay. Most of the money was never recovered.”

Fraudsters also impersonate other law firms. Just because a firm has transacted with another firm previously doesn’t mean the transaction is safe. Hackers can change just one digit within an email — which can easily go un-noticed — to obtain financial information. Timing is often key. If they’ve gained access to an account, they can also monitor outgoing emails to find out when the transaction will happen, intercept an email and replace valid bank details with their own.

4. Why is Lawyer Checker an essential tool in conveyancers’ armoury against cyber fraud?

Our Lawyer Checker solution checks the law firm’s account details against our unique database to determine whether those details have a track record of successful usage within conveyancing. Lawyer Checker is a web-based solution and can be accessed securely from any location 24/7 at the click of a mouse, supplying an audit trail for law firms as well as ensuring due diligence by adhering to SRA Code of Conduct provisions.

Lawyer Checker’s unique algorithm checks details against 10 different databases in real time. It checks SRA Scam Alerts and safeguards transactions against human error and typos while also providing the most up-to-date information. All frequent and infrequent results are processed through the latest NatWest tracker to check bank account details. We have verified thousands of accounts and reported back on incorrect details. Our dedicated research team is also highly skilled in providing enhanced further investigation when necessary, making it easy and cost-effective to mitigate risk of fraud during the conveyance.

5. What other practical steps can firms take?

Some law firms are reverting to traditional paper-based workflows to try to mitigate risk. But it can be harder to protect a filing cabinet that anyone can access than correctly password-encrypt digital storage. It’s better to undertake regular business continuity simulations to reveal gaps in systems where work can be undertaken to improve digital security.

Documents should be stored in different areas of the cloud so that storage can be shut down in the event of an issue, but details retrieved from another location, so information is not lost permanently.

Avoid shared passwords. This sounds obvious but it’s amazing how many organisations share access to systems through a single password.

When dealing with another law firm, set up a second line of communication. This is usually a phone number to call to verify details if there is any doubt about the validity of information sent electronically.

Check the domains and email addresses carefully. It’s easy to miss a “one” replaced with an “I,” for example. Encourage vigilance across your team as junior staff members have been known to be targeted.

Risk assessments should be produced by the firm at the outset of each transaction and kept under constant review. Processes should also be in place to combat money laundering; however, the risk of fraud should be assessed independently. Transactions can be low-risk for Anti-Money Laundering (AML) but high-risk for fraud, for example.

Cyber security training within the firm will raise awareness of the common issues and help avoid human error. Awareness of the scale of the issue is a positive step towards mitigating risk. With only 27% of businesses actively training staff to avoid security breaches, more can be done.

Legal professionals must now ensure that cyber security is high on the agenda for every property transaction and conveyancers must be proactive in addressing the increasing risk of cyber-attack. Lawyer Checker can help mitigate risk by ensuring funds are safely directed to the correct bank account.

Go to Media

LATEST MEDIA

17/07/2024
News

Dye & Durham launches Unity® Practice Management

DeeDee is an always-on AI assistant available 24/7 to streamline tasks and boost law firms’ productivity. Powered by the latest models from OpenAI, DeeDee makes it easy to generate first…

Read more
24/06/2024
News

How solicitors can step into the era of climate risk advice with confidence

Modelling the future  Solicitors can only provide their best advice when they’re armed with the best available data, presented in a meaningful way.  This is where legal technology can make…

Read more
07/02/2024
News

Dye & Durham’s Unity® Global Platform goes live, provides UK legal practices a next-generation solution to propel their firms 

Gives law firms a single destination for everything they need to run their legal practice, from intake to invoice.  Law firms will save time and administrative resources with Unity® Global…

Read more
05/02/2024
Press Releases, Pulse Report

Gen Z takes the lead in the race to adopt AI in the UK

New research finds a seismic generational gap when it comes to embracing AI in the UK. According to the Dye & Durham UK Pulse Report for Q4 2023, younger generations…

Read more
05/02/2024
News, Pulse Report

Q4 2023 UK Pulse Report

Read more
14/12/2023
Press Releases

Dye & Durham’s UK practice management solutions are winners of the 2023 ILFM Law Firm Software Users Award

Read more
12/10/2023
Press Releases

UK consumers showing signs of optimism about property market despite continued financial pinch

LONDON, UK, 12 October 2023: UK consumers are feeling financially worse off than they were a year ago, especially those aged 35-54, according to Dye & Durham’s newly launched UK…

Read more
25/09/2023
Press Releases

Dye & Durham launches revolutionary Unity® Global Platform, offering first-of-its-kind user experience to UK law firms

Unity® Global Platform will provide everything a thriving UK legal practice needs from client intake, due diligence, task and workflow management, trust and firm accounting, to document management and much…

Read more
12/06/2023
News

Dye & Durham enters strategic partnership with the Law Society of England and Wales

Monday, 12 June 2023 — Dye & Durham, the industry-leading provider of cloud-based, efficient workplace software for legal and business professionals, is now a Strategic Partner of the Law Society…

Read more
28/04/2023
Press Releases

Dye & Durham nominated for PropTech innovation at the Property Awards

Dye & Durham (TSX: DND), the industry-leading provider of cloud-based, efficient workplace software for legal and business professionals, is a finalist in the 2023 Property Awards in the PropTech Innovator…

Read more
28/04/2023
News

Response to the Chancellor’s Spring Budget 2023

Richard Norman, Commercial Director & Head of Strategic Partnerships, Dye & Durham UK: “This week the Chancellor of the Exchequer, Jeremy Hunt, has taken steps to support various areas of…

Read more
08/03/2023
News

Cost of living crisis could have a lasting effect on legal professionals across the United Kingdom

Recession worries and rising interest rates are weighing heavily on mortgage holders across the UK and impacting their property expectations, financial wellbeing and mental health. According to a new survey…

Read more