Bank details scam warning
The Solicitors Regulation Authority (SRA) is warning firms to be wary of scammers trying to trick them into disclosing bank security information over the telephone.
The SRA state that at least four firms have been targeted this way recently, and collectively they have had £2 million taken from their accounts.
The scammers gain the confidence of those they call – known as social engineering – to obtain important information and access account funds. Specifically, they ask for “challenge and response” codes, which are used to authenticate payments and in some cases digital banking log on and password credentials.
All firms should remember that banks will never ask for passwords or response codes over the telephone, so any attempt to obtain these is likely to be scam and should be reported to the SRA as soon as possible.
Banks suggest that firms independently validate callers by contacting somebody they already know at the bank, preferably using a separate telephone line, for example a mobile line, as there have been examples of scammers keeping the line open to intercept any follow-on call to check.