A novel brand of cybercrime has arisen in the last few years which targets those attempting to buy or sell property. Given the large sums of money involved, the rewards for this type of criminal activity can be enormous. According to figures carried by the Daily Telegraph, scams are able to secure around £112,00 on average. Although the number of those affected is relatively low nationwide, there are indications that it is becoming more common. Figures released last year reckon that on average two of these property, or ‘conveyance’, frauds are committed each week netting criminals around £250,000. Up to October 2015 the National Fraud Intelligence Bureau reported 91 cases of this fraud, but 16 of these were reported in September and October alone. This type of fraud can have real and far-reaching consequences for consumers so it is worthwhile understanding how it works and what can be done to minimise the risk of it happening to you.
How it works
The scam itself is simple. The criminals hack into an email chain between sellers, buyers and brokers. Google currently blacklists over 50,000 websites a week for phishing tactics, which gives some scale to the amount of dangerous activity that happens online. By hacking into the email address of one of the participants, usually on the day money is due to be transferred, the criminals switch the account details of the legitimate party for their own. Immediately the money is transferred into the bogus account, it is emptied through various channels thereby making the stolen funds all but impossible to trace.
The scam is so effective because, unlike many types of online scam via email, it is impossible to tell if an email is fake or genuine because the criminals are operating from a hacked address in the first place. What’s more, because they will have hacked into the email stream in good time, they will have had ample opportunity to mimic the style of the party they wish to impersonate, and thus eradicated many of the tell-tale signs of fraudulent emails such as spelling mistakes and ungrammatical or unidiomatic English.
Police suspect that cybercriminals gain access to email addresses through strategic use of malware. Once they have access, they scout for evidence of property transactions and act when payment is due to be made. The UK’s National Fraud Intelligence Bureau recommends that internet cafes and public computers not be used by those involved in buying or selling a property since free Wi-Fi systems are especially vulnerable to attack by criminal hackers. Indeed, public systems should be avoided when dealing with any sum of money, let alone that involved in property exchange.
The scam in action
The Solicitors Regulation Authority (SRA) has recommended that law firms ensure their systems have robust measures in place to guard against cyberattack. According to the SRA, five firms a week report attempts to hack their systems to the regulatory body but the real figure is likely to be much higher since law firms are not obliged to report hacking attempts against them. There are many hidden costs involved in buying a house, which is why it is always important to use solicitors at every stage of the process to give you some protection, when necessary.
British newspapers have done good work and raised the plight of many families affected by conveyancing fraud. In May 2015, the Daily Telegraph carried a story concerning the plight of Paul and Ann Lupton who had sold a flat in London for £340,000. Days before the funds from the sale were due to be transferred to the Luptons, hackers accessed their account and informed the property broker that they should send the money instead to an account controlled by the criminals. Following discovery of the crime, £284,000 of the money was recovered. But the broker refused to reimburse the remaining sum, claiming that there was little they could have done to spot or prevent the fraud taking place. Only after months of wrangling were the Uptons fully reimbursed.
A number of cases have recently come to light, and even if the crime is swiftly reported and the accounts frozen, money can still be hard to recover. This is because the fraudsters tend to be as sophisticated as they are ruthless – a great deal of planning goes into each hack attack because the rewards are commensurately greater if the crime succeeds undetected until it is too late. It is therefore of the utmost importance that consumers are aware of the risks inherent in buying and selling property, but also of some of the ways they can safeguard themselves from attack.
What can I do to protect myself?
Above all, ensure that the machine you use to process payments and generally carry out business (preferably your personal computer or a machine that no one else can access) is protected by anti-virus and anti-malware software. Secondly, ensure that know what you are downloading. If you are prompted to accept an unverified file, decline it. Finally, pay close attention to the addresses and content of emails. A great deal of malware is downloaded by unwitting users thinking the data to be from a recognised address. If the address seems suspect and if the content seems unusual or too good to be true, reject it.
Conveyancing fraud is increasing. Due to the fact that it often involves large sums of money, it is an attractive fraud-type for criminals. Consumers must educate themselves on what it looks like but most of all ensure that their own security procedures are strong enough to deter hackers.