Free Spoofing Test Available From Lawyer Checker
You may have seen in the news recently the story of Mr Mollett and how fraudsters made off with thousands of pounds of his hard earned cash. If not we’ve summarised it below.
Howard Mollett, a charity worker, who was working in the US, encountered problems whilst trying to make a down payment on his property. He emailed his solicitors to make them aware of the problem, as he didn’t want to slow down the process.
However, fraudsters intercepted this correspondence between Mr Mollett and his solicitor. They then sent him an authentic looking email, asking Mr Mollett to transfer the funds into a different bank account.
In total Mr Mollett transferred £74,000 to the fraudsters.
This is unfortunately an all too familiar case. It’s devastating for the client and everyone involved. The case highlights two key areas that law firms need to make sure that they address in order to protect their clients and themselves from email modification fraud.
The simpler out of the two issues to make progress on is to implement the DMARC protocol so that a criminal can not impersonate the firms email address. On this occasion the criminal has sent an email purporting to be from the lawyer using their exact email address. Too many firms are leaving themselves exposed to the criminal exploiting this gap. Criminals can publicly see whether a firm has this layer of protection in place.
The second issue that needs addressing is how we as a sector educate clients on what the process is when it comes to paying deposit funds. It is simply not enough to use headers and footers in emails to convey this message. This should be included in client letters and be addressed on initial client care calls. I strongly believe education to clients is a huge part of protecting yourselves from this threat. This education needs to be embedded into cultures.To request your free spoofing test click here.