The Law Society’s Graham Murphy says law firms are as vulnerable as every other to CEO fraud if they aren’t vigilant.
Graham, who has been Product Manager at the Law Society for a little over two years and previously held senior roles at recruiters Manpower as well as SPG Media, believes firms can fall victim to the simple but seemingly effective fraud technique if they don’t take precautions.
According to Action Fraud, CEO fraud will typically start with an email being sent from a fraudster to a member of staff in a company’s finance department. The member of staff will be told by the fraudster who is purporting to be a company director or CEO that they need to quickly transfer money to a certain bank account for a specific reason. The member of staff will do as their boss has instructed, only to find that they have sent money to a fraudster’s bank account.
The fraudster will normally redistribute this money into other mule accounts and then close down the bank account to make it untraceable. Out of the £32 million reported to be lost by businesses to CEO fraud only £1 million has been able to be recovered by the victims. This is due to businesses taking too long to discover that they have been the victim of fraud and the lost money already being moved by fraudsters into mule accounts. Most businesses reported initially being contacted via emails with gmail.com and yahoo.com suffixes.
The fraud can be enhanced by monitoring a company’s social media to ensure an email coincides with the member of staff it purports to come from being out of the office or not ordinarily contactable, and is only ever enabled by staff cutting corners and procedures under pressure.
Graham Murphy spoke to Today’s Conveyancer’s Josh Morris at Legalex about how firms can best protect themselves and their clients.