First Time Buyer Has Deposit Stolen

Home buyers are being warned that fraudsters are out to steal their money and to be on guard when purchasing a new property.

Action Fraud has issued the warning after a charity worker who was about to purchase his first home, had £67,000 stolen after hackers Blocked emails between him and his solicitor.

It is known as Conveyancing fraud and is committed when criminals hack into the email chains between sellers and buyers and their solicitors and estate agents.  The fraudster will wait for the right time, usually the day of the sale, and send a spoofed email informing the parties that bank account details have changed suddenly and that the money should be sent to a new account.

This is a dangerous period for anyone transferring large amounts of money and is often referred to as ‘Friday Afternoon Fraud’ as the majority of Transfer transactions take place on a Friday.

Howard Mollett, a first-time buyer is the latest in a long line of people to fall victim to this difficult to spot and devastating scam. He emailed his solicitors from the US, where he was working and this is when fraudsters intercepted the email and chain of correspondence with his solicitor. When it was time to transfer his deposit, a fraudster sent him an authentic email and requested him to send the money to alternative account. In total he transferred £74,000 to the fraudster.

What is Authorised Push Payment Fraud?

Payment schemes, such as Faster Payments in the UK, has made push payments more attractive to criminals because they can quickly take the money and run. This type of fraud is on the rise, but what is it? And who are the victims?

Authorised push payment fraud happens when fraudsters deceive consumers or individuals at a business to send them a payment under false Pretense to a bank account controlled by the fraudster. As payments made using real-time payment schemes are irrevocable, the victims cannot reverse a payment once they realise they have been conned.

The approach taken by the fraudsters is not new. They use social engineering techniques and may hack into email and other systems in order to set up their victims. These methods of attack are used to perpetrate a wide range of attacks, the defining factor in authorised push payment fraud is the use of real-time payment schemes to transfer the money to the fraudsters. This has given the fraudsters a wider potential pool of victims, as more consumers and businesses adopt simple ways to send money in real time. Real-time payments have also lowered the risk for fraudsters, since the money is received instantly, fraudsters can quickly extract their ill-gotten gains. These criminals are devious and clever, and victims cannot simply be written off as gullible fools.

Action Fraud have released the following guidance on how to protect yourself from becoming a victim:

• Get bank details from your solicitor either in person or over the phone at the start of the conveyancing process. Ask them to confirm the details by post.
• Always check the bank details and do not feel pressured into changing any details. If you receive an email stating a change in the bank details don’t be afraid to question its authenticity. Check the email address carefully and if in doubt use a trusted phone number to check the information is correct.
• Avoid using public Wi-Fi systems to check emails when house purchases are being made. Fraudsters can easily hack into vulnerable Wi-Fi systems.
• Avoid posting on social media about buying/selling your house or getting a mortgage. Fraudsters may get hold of this information and know the next step is a large financial transaction.
• Make sure you have strong passwords for your accounts and have anti-virus installed on your devices. To create a strong password, simply choose three random words. Numbers and symbols can still be used if needed.

What to do if you’re affected:

Victims should contact their bank as soon as they become aware that they’ve been tricked and ask them to contact the receiving bank and freeze the account.

To report fraud or cybercrime, call Action Fraud on 0300 123 2040 or use our online reporting tool.