The Conveyancing Association (CA), the leading trade body for the conveyancing industry, has today (5thMay 2016)launched its Cyberfraud and Fraud Protocol which seeks to provide CA member firms with practical information on how criminals operate and the measures they, and their staff, can take to avoid being victims of fraud and cyber-crime.
Firms will be asked to work towards a Cyber Safe Standard whereby they adopt, and adhere to, the Protocol and demonstrate they have been certified under the Cyber Essentials Scheme for IT security – or its equivalent.
Cyber Essentials focuses on internet-originated attacks against an organisation’s IT system. It concentrates on five key controls: boundary firewalls and internet gateways; secure configuration; access control; malware protection; and patch management.
Firms must be independently verified as having completed their Cyber Essentials standards before applying for a ‘Cyber Safe’ logo which they can use on their website and literature. Those taking part must also commit to a continuous review of their risk to cyberfraud and must keep up to date with reviews and updates to the Protocol.
Achieving the Cyber Safe standard allows CA member firms to demonstrate to customers they are tackling the growing threat of fraud within the property industry. Given the large sums of money involved in the house-purchase process, criminals are actively targeting firms and their clients and attempting to defraud them of their purchase monies.
There have been a number of recent examples whereby customer’s email accounts have been hacked with fraudsters posing as the conveyancing firm and convincing the buyer to send their deposit monies to a different account. Customers have lost tens of thousands of pounds plus their potential new home as a result of this fraud.
The Cyber Safe Scheme also provides firms with a customer leaflet detailing how they can avoid being a victim of this fraud, the conveyancing firm’s bank account details, how to set up secure communications with the firm, plus details of a range of measures to ensure the customer is ‘Cyber Safe’.
The CA is urging its member firms to follow the Protocol and achieve accreditation as soon as possible. By achieving this, and adopting the Cyber Safe Standard, it believes members can mitigate much of the risk that criminals using unsophisticated techniques present.
Beth Rudolf, Director of Delivery at the Conveyancing Association, commented:
“The launch of the CA’s Cyberfraud and Fraud Protocol is the culmination of a number of months’ work, and the input of a large number of member firms, our Affiliate partners, lenders and expert consultants, and Government agencies.
“We have recognised the growing number of attempts at fraudulent activity in the conveyancing process and we wanted to provide our members with a set of standards which they can achieve in order to help them in the fight against this fraud. From vishing and smishing to social engineering, the Protocol offers our members a common-sense approach to cyber security and a valuable training tool for their conveyancing teams.
“By following the Protocol, completing the Cyber Essentials standards, and ensuring they are ‘Cyber Safe’ the chances of this type of fraud being successful are far less and it goes a long way to ensuring fewer customers have to go through the terrible ordeal of losing vast sums of money plus the potential purchase of their new home.
“In following the Protocol firms are not just committing to a good level of protection for their organisation and their clients now, but will be able to maintain a continuous review of risk. Our Cyber Committee will update the Protocol at regular intervals to ensure it is kept up to date with developments in criminal activity and prevention, and we will continue to update our members on the products and services coming on to the market which will help protect them and their clients.
“Those firms committing to the Cyber Safe Scheme will also be able to provide each customer with a ‘Client Warning’ factsheet which details the risks, plus the measures they can take in order to mitigate against them. It would also include the firm’s Bank Account details so that if the customer were ever contacted to suggest a change, they can check against this and take the appropriate action.
“The CA is absolutely committed to ensuring our members meet the highest standards when it comes to both cyberfraud and fraud prevention. Criminals are increasingly looking at the conveyancing process as a means to defraud firms and customers and we would urge everyone to be vigilant and to increase their protection levels plus make sure that security levels are at their highest, communication channels are fully monitored and that money transfers are checked and double-checked. It will take the whole industry working together to drive cyber fraud out of the home moving process.”