Fraudsters who hacked into clients’ accounts to divert conveyancing funds intended for their solicitor have been jailed.
Five individuals were sentenced last week at Southwark Crown Court for their part in a £10m ‘payment diversion fraud’ scheme.
Officers based in the Metropolitan Police’s specialist crime team identified 235 separate frauds committed by the quintet from 2014 to 2019.
The gang used Malware to steal log-in details of email accounts belonging to businesses and private individuals worldwide. They would monitor the chosen email accounts for high-value financial transactions, then intercept conversations and send spoof emails so that victims were duped into paying funds into one of 100 UK-based ‘mule’ bank accounts controlled by the fraudsters.
The Met Police confirmed that victims included property buyers who thought they were paying money to their conveyancing solicitor.
Detective Constable Chris Collins, from the North West Economic Crime Unit, said: ‘This has been a long trial due to the defendants’ refusal to accept their guilt despite overwhelming evidence.
‘A common feature in this case was the use of mule bank accounts. I advise anyone conducting financial business by email to verify the bank account they are sending their money to by contacting the intended recipient by means other than email.’
Those convicted and jailed for conspiracy to commit fraud and conspiracy to convert criminal property were:
- Olumuyiwa Ogunduyile, 39, from Greenwich, who was sentenced to serve six years and seven and a half years concurrently
- Alex Enyiagu, 50, of Barnet, who was sentenced to serve six years and seven years concurrently
- Mba Atuonwu, 48, of South Ockendon, Essex, who was sentenced serve to six years and six years concurrently
- Satish Kotinadhuni, 44, of East Ham, sentenced to serve five years and six years running concurrently
- Declan Bannerman, 27, of Sevenoaks, sentenced to serve five years and four years running concurrently.
The Solicitors Regulation Authority has identified email modification fraud – where criminals intercept and falsify emails between a client and their firm – as one of the most common types of cyber crime affecting the profession. In its risk outlook for 2019/20, the SRA said it may be better for firms to ask ‘when, not if’ they will be targeted by online criminals.
In the first nine months of 2019, law firms reported a loss of around £4m of client money to online fraud, while clients have lost house deposits, inheritance funds and life savings.
Firms are advised to replace and update systems regularly, use antivirus software ensure systems have appropriate firewalls. They should use two-factor authentication for email and log-ins where possible and make sure staff avoid predictable passwords.