Scammers do not need legal qualifications if they can borrow a solicitor’s name.
The SRA issued a series of scam alerts in early June, including warnings about emails misusing the identities of genuine solicitors and law firms. In one instance, the name and details of Tina Pettinger at RWK Goodman LLP were used to request a payment into a supposed trust account. In another, fraudsters adopted the identity of Alexis Martinez at Watson Farley & Williams in correspondence linked to fictitious acquisitions. The specifics shift, but the method is consistent: attach a trusted legal identity to a payment request and let credibility do the rest.
That credibility is precisely the point. Law firm names carry authority, and legal transactions often involve significant sums-property purchases, estate distributions, corporate deals, settlement payments. A well-timed message, arriving when a client expects documents or instructions, does not need much embellishment. It needs only to look familiar.
The SRA’s alert system serves an obvious purpose, but it also highlights a broader vulnerability. Legal services operate within the flow of money. At key moments-completion, transfer, distribution-clients may be under pressure, working to tight deadlines and relying heavily on professional reassurance. Fraudsters target those same moments. They are not undermining the law itself; they are exploiting the trust that surrounds it.
For firms, the response is less about policy statements than routine discipline. Payment instructions need to be clear, consistent and reinforced through secure channels. Clients should be told at the outset, and reminded when necessary, that bank details will not change by email alone. Staff should recognise the signs of attempted fraud and know how to respond when a client queries unexpected instructions. Often, it is the most unremarkable line in a client-care letter that proves most valuable later.
There is also the less welcome question of liability. Payment diversion fraud tends to generate disputes once the money has gone. Was the firm’s system compromised, or was the client misled independently? Were warnings adequate? Could the loss have been prevented with different procedures? These are questions that draw in insurers with brisk efficiency, which rarely improves matters.
For clients, the practical precautions are straightforward, if not always observed. Verify bank details using a known and trusted contact number, not one supplied in an unexpected message. Treat urgency with suspicion rather than compliance. Be wary of last-minute changes, unfamiliar account details or pressure to move funds quickly. A brief and slightly awkward verification call is preferable to a more expensive form of regret.
The profession rests heavily on trust, and fraudsters understand that rather well. An alert notice, however useful, is not much of a defence on its own.
When a solicitor’s name becomes the instrument of the fraud, it is the profession’s credibility that is doing the work-for the wrong side.
Author: TOF
Leave a Reply