Firm Loses £600K In Conveyancing Scam
Fraudsters deceived Woodfords Solicitors by using a phony email to trick them into sending more than £600,000 from the proceeds of a client’s house sale to their bank account.
Nicola McConnell, 70, who is a retired educational psychologist was scammed out of £613,000 after selling her five-bedroom in Fulham, London, for £1.9 million.
The fraudsters had set up an email account which was only different by one letter to Mrs McConnell’s email address in order to request the money from her solicitors.
In reaction to her solicitors being defrauded and the thought that she may never see her money again, Mrs McConnell was “traumatised to the point of being suicidal.”
She further added:
“My sleep, memory, and confidence have been hugely damaged. What to some is a victim-less crime, since it was against a company and apparently covered partially by insurance, is to me highly personal.”
Giuseppe Olivia, 41, who stole the money by pretending to be the client was apprehended by the police, but by the time they had caught him, most of the money had been dispersed into many other accounts – with only £150,000 being recovered and the rest being reimbursed by the duped solicitors.
Based in Milton Keynes, Olivia, was found guilty last month of converting criminal property and sentenced to five years in prison and banned from being a company director for eight years.
Mrs McConnell and her husband Brian, 74, never bothered using online banking and always kept all their personal information off the internet. To be cautious, she even went so far as posting a handwritten note to her solicitors enclosing instructions of where to send the proceeds of sale so her bank details were not online.
However, on the morning that contracts were exchanged in February 2017, a badly written email was sent to Woodfords Solicitors from a bogus email address saying: “After Due consideration, I want Half of the proceeds paid into my account you have on file and the other half directly into my fixed savings account details below… Please reply me now so I know you have received this instruction.”
Enclosed in the email was details of a metro bank account and Mrs McConnell’s name which was misspelt.
After receiving the email, Woodfords Solicitors phoned their client to confirm what was contained in the email was genuine and her instructions. At the time of the call, Mrs McConnell was busy packing her belongings and could not remember her sort code and account details but did have a Metro bank account. Woodfords Solicitors continued to go ahead and transfer £613,051.74 to the account.
The money was traced by the police to a business owned by Olivia called Eco Voice, but unfortunately, just over £533,000 had been transferred to numerous accounts by Olivia and a few overseas businesses.
Alarm bells rang at Metro Bank as they attempted to stop the account and quizzed Olivia to verify he was the correct recipient for the money. A fake invoice, which had no VAT address, was presented to the bank by Olivia, which claimed that more than £600,000 of computer equipment had been ordered by Woodfords Solicitors.
When finding Olivia guilty, the prosecution said the paperwork was a dishonest creation “put forward to support a lie.” He knew “full well” that Mrs McConnell’s money was “criminal property, her money gained by fraud”
A spokesperson at Metro Bank said:
“We continue to work closely with the wider industry and law enforcement agencies to protect customers from these crimes.”
This case highlights that even the most cautious people may be vulnerable to risk and shows the importance of firms to fully verify emails purportedly from their clients and to implement robust measures to mitigate email fraud.
Last month, during a presentation about cyber crime at the LegalEx Conference, the Solicitors Regulation Authority highlighted that the vast majority of cyber attacks reported to them involve email compromise – and everybody is now 20 times more likely to be a victim of cyber crime than a victim of in-person crime.
As a conveyancer, what measures do you have in place to mitigate email fraud?