The wave of cyber attacks and email scams on conveyancers continues – now in Queensland. However, this article “Queensland law firms lose millions to hackers in ‘highly sophisticated’ email scam” from the Brisbane Times is misleading in two important respects.
Firstly, it is not the conveyancers or the solicitors that have lost money. It is their clients who have been duped into transferring the purchase money to the criminals account instead of the conveyancers trust account.
Secondly, these email scams (as described) are not that sophisticated at all. The criminals engage the conveyancer and then “At this point, they send a link to supposed important documents the firm will need. The link is protected and personalised for the specific legal staffer who they have been speaking with and requires them to enter their email address and password to access the documents.”
Bingo. With an email address and password now in hand the criminals can now sign in to the conveyancer’s email system, reading and writing emails as if they were the conveyancer or solicitor.
That’s not sophisticated. It’s simply relying on untrained staff who have had no cyber security training. While the staff may be forgiven, we act on behalf of victims who do not.
Email scams or Business Email Compromise Attack; We can help.
If you have been the victim of an email scam and have lost money relying on an email sent from a professional we can help. Call us on 08 8278 1779 for a no obligation conversation with Darren Kruse.
Our principal lawyer, Darren Kruse is one of the very few lawyers with a deep technical background in IT networking, cyberlaw and cyber security. Darren is uniquely positioned to assist client’s in bridging the divide between the cyber and legal worlds.
We are presently (April 2018) instructed to bring actions regarding email scams; against several solicitors in Queensland and several conveyancers in SA. We will be alleging that they have had their IT security breached – to the detriment of their clients. State boundaries are not a problem. We work across the country in the Commonwealth, Federal jurisdiction. We don’t need to rely on State police or the AFP.
At least two Queensland law firms have lost several million dollars after falling victim to a “highly sophisticated” email scam, prompting an urgent warning from the Queensland Law Society.
Hackers commandeered the email accounts of staff at the law firms by tricking them into revealing their email account login details before hijacking payments from clients.