Cyber criminals in Ireland are said to be targeting email accounts of Irish solicitors in an attempt to steal tens of thousands of euros from unsuspecting home buyers.
The Law Society confirmed that a number of Irish-based legal firms have been subjected to this kind of assault named ‘Friday Afternoon Fraud.’
This kind of fraud involves the hackers intercepting emails between home buyers or sellers and their solicitors.The hackers then reportedly generate similar emails, posing as the solicitor involved in the deal.
Reports, explaining the modus operandi of the fraud said that during the final stages of a property sale, the fraudsters inform buyers by email that certain bank account details involved in the transaction have changed, and hence payments have to be made to another account. Now, either the solicitor’s own email is hacked or is impersonated.
Accordingly, clients are told to transfer money to an account which is controlled by the fraudsters. Another way the fraud is enacted is by making a telephone call to the lawyer, acting as the bank’s anti-fraud team, asking for account details and passwords for the account handling transactions.
After getting the passwords, the fraudsters then withdraw the money transferred for a payment.
Such frauds usually occur on a Friday afternoons, exactly when it is expected that client accounts will be holding large amounts of cash.
The increase is more shocking because such frauds involve large sums of money. Such scams have become the most frequent crime in U.K.’s legal sector. In a statement, the Law Society of Ireland said that legal practices have been subject to similar “attacks.”
While it is accepted that the number of such frauds is “small,” the frequency of such activity is unknown as “exact statistics are not available.” In a bid to “protect solicitors against these frauds” the Law Society has added a new cybersecurity section on its website. This section advises members on ways to protect themselves from cyber criminals.
A 50 percent increase has been reported in the number of cyber attacks on Irish firms in the past year. Shockingly, three firms out of 10 have been subject to a cyber attack in 2016.
Rory O’Neill, investigating accountant with the society, said that the continued integration of technology has “significantly increased the risk” of attacks. O’Neill said, “When a genuine email is sent with bank account details enclosed, the fraudster intercepts and amends the details of the bank account. This amended email is then forwarded to the appropriate recipient from the spoofed email account.”
If the recipients “act on the emails”, the money will be transferred to the fraudulent account.