Email interception and falsification re-directs settlement funds to fraudsters' accounts.

Over the last year or two, law firms, conveyancers and their clients have been targeted by criminals attempting to steal money from property settlements.

In Queensland alone, millions have successfully been stolen per this news article.

The scam involves the fraudster obtaining a solicitor's email username and password, usually through tricking the firm or an employee by posing as a new client and asking for those details so they can share important documents with the firm.

Once the fraudster has obtained the email credentials (by trickery or hacking into a firm's or a client's systems), they monitor the emails and when settlement funds are requested from a client and trust account details given in an email, the fraudster sends a follow-up email posing as the law firm with new fraudulent account details. Conversely, when a solicitor asks for the client's account number to deposit settlement funds from a sale, the fraudster replies to the email with their account number, and intercepts the genuine client email along the way so the law firm doesn't receive it. Either way, once the money has been transferred to the wrong account, it may never be seen again.

The simple way to protect yourself from such a scam, no matter who you are dealing with when it comes to transferring significant amounts of money online, is to never act on bank account details given in an email without first personally confirming the account number verbally with the owner, or by making sure that communications with the party are only done via a secure and encrypted messaging service - such as our secure client portal, or the dedicated secure settlement channels built in to the e-Conveyancing network.

Good security hygiene should always be practiced no matter what in any online environment - never give out your passwords, never use the same password for different services, and use a password manager to generate and store unique and hard to guess passwords.