A warning to anyone sending their bank details to their solicitor via email.

PixelPound

jjlandlord wrote: »

Looks like exactly the same thing.

In both cases someone sent a 'faked' email. In both cases the question is indeed 'how did they know?'.

Its easy to find the vendor of a house, there is the land registry and there is electoral rolls. So if the owner has moved out, you can find where to. Social media is treasure hoard of information too. Often they'll have email addresses there, or elsewhere.

When the telegraph's article says that the email was sent from the same account, we don't know if indeed someone logged into that account and sent the email, or if the email was spoofed.

That said, it does seem that the most likely explanation was that the client's email account was compromised, but it could also be the solicitor's (which would seem like a better target).

The far easier option is to spoof rather than trying to hack an account. Send an email with a changed email address that looks similar (how many people simply reply to an email without checking the address is genuine, especially as it may appear truncated or masked by HTML in your email editor). with updated account details. Even if the solicitor acknowledges by replying to the email, the vendor will be unaware.

In_For_A_Penny_2

justcat wrote: »

Agree with nidO.

Suspect the clients email was compromised.

Exactly. Email doesn't get "intercepted". . . it's not a Royal Mail sorting office.

beeg0d

In_For_A_Penny wrote: »

Exactly. Email doesn't get "intercepted". . . it's not a Royal Mail sorting office.

Actually it CAN get intercepted just like ANY internet traffic.

Between you computer and your mail server there will bee 10-30 routers, the same between your mail server and the receivers mailserver and once again between the receivers mailserver and the receiver themselves. If 1 of those routers has been comprimised then YES it is possiable for someone to read your mail. Though this is VERY VERY unlikly it is possiable

Edwardgdee

Firstly it is necessary to understand how emails are transferred. They do not set up a direct connection between sender and recipient like a phone call, Instead, starting from the user's client they are transferred from server to server until they get to the server servicing the recipient's mail client. The path is determined by traffic and other factors and may involve routing through several servers, possibly including one in other countries. At each server, the message will be added to a queue before being forwarded to the next server; the message may sit for a few millie-seconds or maybe for hours or even (in exceptional circumstances) days on a server before being forwarded. At each server, a message in plain text (i.e one that is not encrypted) can be read by any operator with appropriate privileges or could be scanned automatically by malicious software. Server administrators generally are honest and are conscientious in preventing their servers being compromised by malicious software but in this world nothing is guaranteed and crooks, like governments are getting more and more sophisticated in their ability to intercept and read mail transmissions. Never send anything in an unencrypted email that you really want to be private.

Secondly, as most of us know from the spam emails we receive it is trivially easy to make an email appear to come from any arbitrary address. A knowledgeable recipient may inspect the trace of the message's routing to look for address spoofing but I doubt many solicitors would do that in general and a crook that has managed to intercept a cash transfer instruction to a solicitor has little to lose by sending a spoof email requesting redirection of the transfer and possibly much to gain.

Personally I would expect any solicitor receiving any emailed cash transfer instruction that included the receiving account details to confirm the details, for example by phone, before effecting the transfer but clearly many appear not to.