New Zealand Law Society

Navigation menu

How fraudsters interfere in money transfers

27 August 2018

The following outline of events occurred in a New Zealand law firm recently during a property settlement. Unfortunately, it’s not unusual. The criminals involved had hacked the client, not the firm, but lawyers and law firms are also vulnerable.

(1) The lawyer emails the client requesting deposit of several hundred thousand dollars into the firm’s trust account. The client was expecting the email.

(2) The client’s IT system has been hacked. The hackers intercept the email and they draw up a new trust account deposit slip and create an email address very similar to the lawyer (replacing one letter with a numeral). They forward the email to the client.

(3) The client is confused by the numbers on the deposit slip. She decides to test it by sending a small amount, and then emails the hackers’ fabricated email address requesting that the funds have been received.

(4) The hackers respond in the name of the lawyer, saying he has received the test amount.

(5) The client transfers the remainder of the money into the fraudulent account.

(6) Two days later, on the day before settlement, the lawyer notices that the funds have not arrived. He rings the client, who tells him of the confirmation email – which the lawyer knows he has not sent.

(7) Realising that hackers are at work, the lawyer asks the client to send him all the emails (to a trusted email address). The lawyer detects the fake email address and deposit slip and immediately advises the client to contact her bank.

(8) Shortly afterwards the lawyer receives an email from the “client”, saying she had tried transferring funds but there has been a problem and could the firm cover for her over the weekend. It is clear this is not the client – in the language used and, of course, in the knowledge that she has been hacked - but it shows the hackers are still tracking the client.

(9) The bank confirms that the money is still in the country. The funds are later recovered.


Last updated on the 27th August 2018