Lawyer must pay R1.4 million he accidentally paid into scammer's bank account

Why do we still need attorneys for property deals? They only add costs and unnecessary processing time.

The technology exists to remove them from the equation (APIs, Blockchain for business).
I wholeheartedly agree that needing bond and conveyancing attorneys for every run of the mill property sale with no complicated clauses and conditions is just a massive waste of clients money. Banks should be able to handle this.
 
I wholeheartedly agree that needing bond and conveyancing attorneys for every run of the mill property sale with no complicated clauses and conditions is just a massive waste of clients money. Banks should be able to handle this.

They can handle it... but its an additional revenue stream for them and the conveyancers so its not going to go away any time soon.
 
I think someone in the deeds office is in on this.

When I sold a property, the second the deed was finalized at the deed office my conveyancer received one of these "change of details" emails.

Luckily they weren't retarded and just ignored it.

"Intercepting emails" - what a joke :D
This has to be inside jobs. I cannot imagine that people send mass emails to everyone and hope one sticks. The info is just a bit too specific.
 
This has to be inside jobs. I cannot imagine that people send mass emails to everyone and hope one sticks. The info is just a bit too specific.

Most companies are pretty lax on security. People hack the email system and then intercept the emails.
 
Lawyer should have had insurance for this. It would at least go some way to justifying their retarded fees
 
I see FNB has an option on their website to verify the name and ID number of a bank account. It seems like a no brainer.
Sauce?

Using FNB's own search to search for the keyword "verify" proved to be a fruitless and wasteful exercise in futility.
1675524540263.png

All that I could find is this (preumably to verify that an existing letter was issued by FNB):

1675524417196.png

1675524299552.png


1675524342709.png

Lawyer should have had insurance for this. It would at least go some way to justifying their retarded fees

If the lawyer was not part of this scam, it points to dumb, and there's no insurance for dumb.
 
"Intercepting emails" - what a joke :D
You make a joke,but let me regale you a client of mine's personal experience

Background: Client was busy with the sale of a fairly large hotel
They contacted me because their lawfirm had notified them something was wrong with their(the client's) emails. Upon investigation I determined that the client's mailbox had been tampered with at the mail provider,online rules were added to forward and redirect mails from certain entities (banks,investment firms,the lawyers). These rules had been added months prior. I could relatively determine this because the items in the online Trash folder were ONLY these rulebased ones,since the client used Outlook and POP3 to access it

The assailants had registered a web-domain like the client's Surname (to look like a personal email address).
At a critical point during the sale process they interjected themselves by Emailing the lawfirm and CCing in the client's Business Email address,informing the lawfirm that they would be using their personal email instead going forward. These emails CCed to the client email would be automatically deleted so the client would be none the wiser.

The only reason this was caught was the Banking Details the assailants had sent for the final payment to be received differed from the one used in previous sales,so the legal secretary phoned the client to confirm whether it was correct as the payment had already been loaded on their banking system and only needed 2nd approval. Thankfully she called. We're talking just over 20 mill
This was a sophisticated process,long-term monitoring and learning the client's word-usage and patterns. But the payout would be astounding

I collected all the digital forensics available,including the domain registration details,FNB account that was set to receive the payout etc. Swept for malware and reset every credential under the sun and they handed it to the bank fraud division and police
 
EFT R100,00 first to test the banking details.
I always transfer R5 to any new beneficiary. I then make sure that they have received it before paying any real money...
 
So in simple terms, mailboxes get compromised and as luck would have it, sometimes there are emails about large transactions which is then manipulated.

Since this money gets transferred into accounts that exist in banks, what is the bank to do?
Bingo. They monitor thousands of mailboxes for months for specific keywords,and do exploratory searches to gauge the net-worth of the individuals

Sometimes it's the lawyer,sometimes it's the client
 
Standard bank said they verified the name and address of the fraudster so they should just get the money from the fraudster as they have his details. If they can't, then they didn't verify anything and they (standard bank) are at fault.
 
You make a joke,but let me regale you a client of mine's personal experience

Background: Client was busy with the sale of a fairly large hotel
They contacted me because their lawfirm had notified them something was wrong with their(the client's) emails. Upon investigation I determined that the client's mailbox had been tampered with at the mail provider,online rules were added to forward and redirect mails from certain entities (banks,investment firms,the lawyers). These rules had been added months prior. I could relatively determine this because the items in the online Trash folder were ONLY these rulebased ones,since the client used Outlook and POP3 to access it

The assailants had registered a web-domain like the client's Surname (to look like a personal email address).
At a critical point during the sale process they interjected themselves by Emailing the lawfirm and CCing in the client's Business Email address,informing the lawfirm that they would be using their personal email instead going forward. These emails CCed to the client email would be automatically deleted so the client would be none the wiser.

The only reason this was caught was the Banking Details the assailants had sent for the final payment to be received differed from the one used in previous sales,so the legal secretary phoned the client to confirm whether it was correct as the payment had already been loaded on their banking system and only needed 2nd approval. Thankfully she called. We're talking just over 20 mill
This was a sophisticated process,long-term monitoring and learning the client's word-usage and patterns. But the payout would be astounding

I collected all the digital forensics available,including the domain registration details,FNB account that was set to receive the payout etc. Swept for malware and reset every credential under the sun and they handed it to the bank fraud division and police

Is the fix using IMAP in this case?

Yes fine I agree dodgy stuff like that can happen, in my case they also wrote the email somewhat like I would have with some mannerisms / word use etc.

Scammers should be drawn and quartered on TV I think as a deterrent.
 
Is the fix using IMAP in this case?

Yes fine I agree dodgy stuff like that can happen, in my case they also wrote the email somewhat like I would have with some mannerisms / word use etc.

Scammers should be drawn and quartered on TV I think as a deterrent.
For this specific situation IMAP would exhibit some odd behaviour and show the deleted content so it might have helped,not the rules unfortunately
 
Top
Sign up to the MyBroadband newsletter