An emerging area of risk in Ireland of which we all need to be aware is Online Identity Theft.
Identity theft is increasingly a problem where transfers of funds between bank accounts is concerned. For Donal T. Ryan Solicitors LLP, we are particularly concerned that our clients should not fall foul of these cyber criminals when they are transferring funds to us.
If you are transferring money electronically to us, you must first verbally verify the bank account details with the solicitor you are dealing with.
One example of scammers taking advantage of solicitors’ clients is where they hack the solicitors’ firm’s e-mail account to find people who owe them money. The scammers then send “chaser” e-mails to these people, pretending to be from the solicitors’ firm, and supplying the bank details – which are in fact the scammers’ own bank details. If the solicitors’ firm’s e-mail signature includes a warning not to transfer funds without confirming bank details verbally by phone, as we include on all our e-mails, the scammers simply delete this warning. Once the money is transferred to their account, the scammers then empty the account. Even worse, because the bank was given instructions to transfer the money by the account holder, the bank is not obliged to get it back.
Prevention is better than cure, so Irish individuals and businesses need to take steps to make sure that neither they nor their customers become the scammers’ next victims. Businesses can take measures to prevent their e-mails from being hacked, from two-factor authentication to data loss prevention, and security awareness training. This use of technology must be supported by well implemented policies and procedures, such as a Password Management Policy and Acceptable Use policies.
On an individual level, in order to protect yourself never use bank details contained in an e-mail without checking them verbally with the solicitor or other person you are transferring funds to. Always ring the person you are dealing with to double check bank details.