Here’s an absolutely typical fraud that we see in the UK on a daily basis. A Mr Pibworth instructed a firm of solicitors to pay money out of his client account at midday on January 25th of this year. It was a Friday (as is typical for these frauds). He asked for the money to be paid into a joint account that he and his brother have. However, a few hours later the solicitors received an email purporting to be from Mr Pibworth (but which was actually from a fraudster) with new instructions saying the money should be paid into a different account. Which they then did.
And £60,000 was sent off to the fraudsters.
(The same firm of solicitors, incidentally, lost £100K to a similar fraud in 2016.)
Still, no harm done. The compo will kick in, won’t it?
Yes, there’s a compensation scheme. Under a new code of conduct for this sort of thing, you don’t have to bother checking that you are sending to the correct account any more because the banks have to pay up if you transfer cash to fraudsters. According to the code, these solicitors would only have to demonstrate that they had taken “the requisite level of care” and then bank customers would have to cough up and compensate them.
But what is a “requisite level of care”?
If you ask me, Mr. Pibworth was negligent for sending sensitive financial details by unencrypted e-mail, since everyone knows that e-mail has absolutely no security associated with it at all and you should generally assume that any unencrypted e-mail without a digital signature with financial details is fraudulent.
Comments
Post a Comment