Fraudsters deceived Woodfords Solicitors by using a phony email to trick them into sending more than £600,000 from the proceeds of a client’s house sale to their bank account.
Nicola McConnell, 70, who is a retired educational psychologist was scammed out of £613,000 after selling her five-bedroom in Fulham, London, for £1.9 million.
The fraudsters had set up an email account which was only different by one letter to Mrs McConnell’s email address in order to request the money from her solicitors.
In reaction to her solicitors being defrauded and the thought that she may never see her money again, Mrs McConnell was “traumatised to the point of being suicidal.”
She further added:
“My sleep, memory, and confidence have been hugely damaged. What to some is a victim-less crime, since it was against a company and apparently covered partially by insurance, is to me highly personal.”
Giuseppe Olivia, 41, who stole the money by pretending to be the client was apprehended by the police, but by the time they had caught him, most of the money had been dispersed into many other accounts – with only £150,000 being recovered and the rest being reimbursed by the duped solicitors.
Based in Milton Keynes, Olivia, was found guilty last month of converting criminal property and sentenced to five years in prison and banned from being a company director for eight years.
Mrs McConnell and her husband Brian, 74, never bothered using online banking and always kept all their personal information off the internet. To be cautious, she even went so far as posting a handwritten note to her solicitors enclosing instructions of where to send the proceeds of sale so her bank details were not online.
However, on the morning that contracts were exchanged in February 2017, a badly written email was sent to Woodfords Solicitors from a bogus email address saying: “After Due consideration, I want Half of the proceeds paid into my account you have on file and the other half directly into my fixed savings account details below… Please reply me now so I know you have received this instruction.”
Enclosed in the email was details of a metro bank account and Mrs McConnell’s name which was misspelt.
After receiving the email, Woodfords Solicitors phoned their client to confirm what was contained in the email was genuine and her instructions. At the time of the call, Mrs McConnell was busy packing her belongings and could not remember her sort code and account details but did have a Metro bank account. Woodfords Solicitors continued to go ahead and transfer £613,051.74 to the account.
The money was traced by the police to a business owned by Olivia called Eco Voice, but unfortunately, just over £533,000 had been transferred to numerous accounts by Olivia and a few overseas businesses.
Alarm bells rang at Metro Bank as they attempted to stop the account and quizzed Olivia to verify he was the correct recipient for the money. A fake invoice, which had no VAT address, was presented to the bank by Olivia, which claimed that more than £600,000 of computer equipment had been ordered by Woodfords Solicitors.
When finding Olivia guilty, the prosecution said the paperwork was a dishonest creation “put forward to support a lie.” He knew “full well” that Mrs McConnell’s money was “criminal property, her money gained by fraud”
A spokesperson at Metro Bank said:
“We continue to work closely with the wider industry and law enforcement agencies to protect customers from these crimes.”
This case highlights that even the most cautious people may be vulnerable to risk and shows the importance of firms to fully verify emails purportedly from their clients and to implement robust measures to mitigate email fraud.
Last month, during a presentation about cyber crime at the LegalEx Conference, the Solicitors Regulation Authority highlighted that the vast majority of cyber attacks reported to them involve email compromise – and everybody is now 20 times more likely to be a victim of cyber crime than a victim of in-person crime.
As a conveyancer, what measures do you have in place to mitigate email fraud?
4 Responses
The stresses of completion cause conveyancers to take their eyes off the ball. Scammers know this and exploit it.
Mortgage lenders should require money to be held in third party accounts under the control of people whose primary task is to look after it without distractions
Not sure that would make a difference here as the funds were not mortgage related. Lenders cannot dictate how client funds are held on a sale.
Let’s go back to sending cheques out 🙂 and doing personal completions (yes I’ve been in the profession that long!).
Seriously, though, the amount of cyber crime is appalling and frightening. As solicitors/conveyancers continually remind clients that we will NEVER send our bank information by email, nor will we ever change our Bank during the course of their transaction, then similarly we need to take our clients’ Bank details AT THE OUTSET and tell the client we will NEVER accept a change of Bank information from them (regardless of whether it is email or written) and that the first Bank information they give us they must be sure that this is the account they want the monies to go into as we will NOT change the info later? I feel for everyone in this instance because there is TOO MUCH PRESSURE on our profession to speed everything through. We are LAWYERS and here to practice Law – that seems to have been forgotten by the various Bodies who place more and more administration on us, and the other parties in conveyancing who insist it could actually be undertaken quicker and easier, yet no one actually comes forward with any productive and substantive suggestions to simplify and at the same time secure the transactions 🙁 Many years ago there was talk about our being able to use the same system as the Stock Exchange (which I was lead to believe has instant transmission of funds with high security) yet that has never materialised – why?
I couldn’t agree more Rob.
Mrs McConnell could not remember her account details, which she kept ‘securely off line’, but not to hand during a transaction of hundreds of thousands of pounds where she was packing or not.
The title of this article makes it sound that the Solicitors were wholly at fault, where the blame upon the information given in this article, shows one following a process in place, but not completing it, someone not competent to have their own ‘secure off line’ bank details to themselves and a bank not knowing that an invoice should contain a VAT number?
I really don’t know who’s the worst.
Is it actually noted all this is human error, not the system in place, but three people not completing their part of the puzzle correctly.
The bank with a fake invoice, the solicitors with not refusing to move the money without the correct details being confirmed and no mention of if Mrs McConnell asked for her payments to be split to different accounts; and Mrs McConnell neglect of not knowing her ‘securely kept off line’ account details.
IMO, it’s like a comedy sketch. One person getting it wrong along the chain is a mistake, 3 people is neglect.
Conveyancers too busy so making a mistake? Then manage the conveyancers, reduce their work, employ someone to help with the workload and most of all, the most important part of a conveyancers job, is the clients money!
Sorry everyone, but this infuriates me how people just bury their heads in the sand with excuses.