Menu

Tackling Fraud and Cybercrime

Firms holding client information and funds are increasingly vulnerable to the risk of theft of confidential data which could lead to the loss of monies held in client accounts. Firms of all sizes can be, and are, targeted and the effect on the scammed firm and its clients can be extremely serious.

According to the Office for National Statistics, in 2015 there were an estimated 7.6 million cases of fraud and cybercrime in England and Wales alone.

Recent Law Society research shows that 1 in 5 law firms were targeted by scammers in the past year. 

Find out about the different types of fraud

See the latest scam alerts

Find out about the CLC's secure badge for your website

Visit the National Cyber Security Centre for lots of guidance and materials you can use

Watch this useful webinar from the Information Commissioner

Promote the Take Five to Stop Fraud campaign to your clients

 

 

Protecting yourself and your clients

The reputational impact on the business, management time spent dealing with related issues and cost of covering losses can be significant to practices. However some simple steps can be taken to minimise these risks.

With cybercrime and fraud on the increase it is important that practices take all reasonable steps to protect themselves and their clients from possibly devastating consequences.

However a recent GCHQ report indicated that around 80% of cyber attacks could be prevented if businesses put simple security controls in place

GCHQ has provided documents on reducing the risks of cyber attacks that might prove helpful and provide some assistance in implementing some simple steps.

Here are some actions that CLC Regulated practices have taken to mitigate their risks. 

 

Appropriately and regularly train staff

Typically the fraudster has to be provided with access to your system, so an e-mail has to be opened or a link clicked on. Staff need to be trained to spot phishing emails and advised how to deal with them.

Consider how you manage your staff’s internet activities, possibly blocking access to certain types of sites where security risks may exist.

Are you and your staff using strong, secure passwords?

 

Install and run regular anti-virus and malware checks

Review the results with your IT experts.

Keep your software and operating systems up to date, and install the latest versions which often contain enhanced security features.

 

Reduce the amount of confidential information sent by email

Consider if you should prevent your staff using personal email accounts for work related matters.

Recently a number of practices have ceased sending any bank details by email, after incidences of emails being intercepted and banking details changed by fraudsters.

 

Consider appropriate controls of employee access to data and documentation

For example do all employees need access to the account systems? Ensure that staff who leave the organisation have their access rights revoked.

 

Third Party Access

Limit third party access to your systems as much as possible and ensure that you have an appropriate contract in place with your IT providers, especially around access and use of data.

 

Suspicions? 

Where you have concerns over the validity of a potential client’s identity or the authenticity of the proposed transaction you should consider informing HM Land Registry (HMLR). It might not be that you suspect fraud, but there may be something dubious, which for example may lead you to decide not to represent the person. This information could help HMLR to combat fraud. You can do this by emailing reportafraud@landregistry.gov.uk or calling the HMLR property fraud line on 0300 006 7030.

 

Help from the CLC

Should you require any further assistance then please contact your Regulatory Supervision Manager, Nicola Anthony nicolaa@clc-uk.org or John Hosie johnh@clc-uk.org.  

 

What to do if you are a victim of fraud

Do not waste any time.  As soon as you become aware of fraud, report the matter to 

  • your professional indemnity insurers
  • the police
  • the Council for Licensed Conveyancers
  • your bank
  • the National Fraud and Cyber Crime Reporting Centre on 0300 123 2040

You should also discuss what has happened with your client.