Email scam – internal email compromised


A firm in Dublin has informed the Society that it was subject to two cyber-attacks in the space of a week.

Attack details

Both attacks requested the solicitor to transfer money to fraudulent bank accounts.

In the first case, the practice was redeeming a mortgage, with the money payable to a fund. The email received requested that the money be sent to a bank account in Turkey and that the account name was “Bitcoin Concept”. The practice identified this as a fraud and did not act upon the email. They made enquiries with the appropriate bodies to determine the correct bank account details before transferring any money.

However, the practice was also acting in another matter to redeem a mortgage to Pepper Finance. The fee earner received an email from a member of staff in Pepper Finance which included Bank of Ireland account details. The fee earner contacted Pepper Finance to verify these details. After doing so, the fee earner sent an email to the bookkeeper, stating that they had verified the account details, however, this email was intercepted and the bank account details were changed to a fraudulent bank account.

In this case, the fraudulent account was in an Ulster Bank branch in Ireland and was not as easily identifiable as being fraudulent. The bookkeeper did not identify the fraud and a sum of approximately €97,000 was transferred. The money has since been withdrawn from that account.

In this case, the firm held a cybercrime insurance policy and has been advised by their insurers that it is covered in relation to the loss.

Verify before transferring money

Members of the profession are advised that as far as possible, they should not rely upon bank account details received in an email.

However, in cases where this is done, it is imperative that the individual transferring the money is the person verifying the account details. The profession is reminded that both external and internal emails have been intercepted and the details amended.

It is recommended that, when contacting the sender, obtain his or her phone number through the Law Directory, phone book etc. Do not use the phone number contained within the email.

Also, if a solicitor identifies a fraudulent email they are advised to:

  • Change email passwords immediately.
  • Contact IT providers for further advice.
  • Ensure that your system is checked for and cleaned of any malware.