Those firms who have adopted and adhered to the protocol, along with other safeguards, have been certified as ‘cyber safe’ and have committed to staying in step with each revised set of guidelines.
The guidelines offer a list of up-to-date official definitions of each activity including Vishing, which is a fraudster calling to extract confidential information or to facilitate the transfer of money to a fraudster’s account.
For Vishing, the guidelines offer a raft of advice including never relying on caller ID, which can be spoofed and never revealing the name of a business relationship manager at your bank or transferring calls internally when the caller should know the contact number already.
Other terms in the guidance include Smishing, or SMS Phishing, which are mobile text messages pretending to be from a trusted source requesting account details or giving instructions.
Other definitions include outbound or inbound cheque fraud, card payment fraud, spear phishing, which is targeting potential high net worth individuals and intercepting their emails to misdirect funds while they are known to be away from the office.
Protect client identity
The protocol also offers advice and information on how firms can operate and the measures they can take in order to protect themselves, including info on client identity, change of bank details and actions when funds have been fraudulently redirected.
Other advice for legal firms dealing with client money include advice to ‘patch’ firewall and virus protection as soon as new updates are available and taking out cyber insurance and making staff work with dongles rather than public wifi in a public space.
The CA urges all its member firms to follow the protocol and achieve accreditation as soon as possible.
Beth Rudolf, director of delivery at the Conveyancing Association, said: “Given the larger sums of money involved in property transactions, we’re all acutely aware that conveyancing practitioners are a constant target for fraudsters and it’s therefore imperative we have a very strong line of defence in place to ensure that neither the firm nor the client becomes the victim.
“This should not simply be viewed as an outside threat; there is just as much potential for fraudulent activity within conveyancing firms as a recent case where a solicitor was sentenced to seven years in prison for money laundering via conveyancing services shows.
“This is a threat that is not going to go away, every time we make it harder the criminals have to find other ways to perpetuate their criminal activities. By reviewing the Cyber Fraud Protocol annually we can ensure our members are kept up to date on emerging threats.”