“Fraudsters hacked emails to my solicitor and stole £340,000 from my property sale”

“Fraudsters hacked emails to my solicitor and stole £340,000 from my property sale”

“Fraudsters hacked emails to my solicitor and stole £340,000 from my property sale”

What Happened:

Paul and Ann Lupton sold the flat they had bought for their daughter for £340,000. Two days before the set completion date, Mr Lupton’s solicitor emailed requesting his bank account details for the sale proceeds to be paid into. Mr Lupton duly replied, sending his Barclays bank account number and sort code.

The email was intercepted by cyber criminals, using extremely sophisticated technology that examines millions of emails to identify patterns of data that could contain valuable information. Posing as Mr Lupton, the cyber criminal emailed the Luptons’ solicitor again – from the same email account – and told the firm to disregard the previous details and send the money to the fraudulent account instead.


The solicitor sent the funds intended for the Luptons, worth just over £333,000 after fees and charges, to the fraudulent bank account. A few days later, Mr Lupton called the solicitors to chase the payment and the crime was discovered. Both parties contacted Barclays and the police.

Safeguarding strategies:

Firms have a responsibility to look after their clients’ money. However, do they have the necessary facilities to do so in a situation such as this? Would email encryption or the use of fax for confidential and sensitive information be a policy firms should adhere to for all future scenarios of this nature?

Government security service Get Safe Online, which offers advice on protecting against fraud, said the Luptons’ case was a stark reminder of how sophisticated cyber criminals had become.

Tony Neate, head of Get Safe Online, said: “In this case, the user would have had no idea that their emails had even been intercepted by a criminal or that the money had been fraudulently hijacked. It goes to show the importance of protecting online accounts in as many ways as possible.

“Your first line of defence for your email account is a strong password that is different to other online accounts and is changed regularly. Protecting your devices with security software and regularly installing updates will also help.”

The Solicitors Regulation Authority said member firms were responsible for safeguarding client funds and must replace any money that was “improperly withheld or withdrawn from a client account”.


Barclays was the account provider for all three involved: the solicitors, the fraudsters and the Luptons. The account was frozen and £271,000 was returned to the Luptons, still leaving them £62,000 out of pocket. The firm in this case denied they were at fault due to the sophistication of the fraud, but after 8 months their PI insurer paid out and reimbursed the Luptons.

 About Lawyer Checker

Award winning service Lawyer Checker provides market leading, risk management solutions to the conveyancing industry. To combat the ever increasing risk of fraudsters intercepting transactions to steal funds, the Account & Entity Screen provides a quick and simple check. This allows firms to determine whether or not a client account that they are sending funds to has a track record of successful use within conveyancing.

“Leading Innovation, Your 360 Solution.” – Conveyancers are taking the threat of bogus firms and cyber criminals far more seriously, make sure that you are too.

This article was submitted to be published by Lawyer Checker as part of their advertising agreement with Today’s Conveyancer. The views expressed in this article are those of the submitter and not those of Today’s Conveyancer. 

David Burrows from Lawyer Checker

Leave a Reply

Your email address will not be published.