Scam alert - cloned emails

Our members must continue to be vigilant with reports of scammers continuing to target the profession.

What is the scam?

Cloning emails

A recent scam reported to us includes an ‘authorised push payment scam’ in relation to an executry. The scammers successfully hacked the email details of one of the executors, disrupted their email service and when the executor changed their email address it was cloned, leading to the theft of the payments made to them. The bank concluded that all necessary checks were made by the firm before making the payments and has therefore reimbursed in full the scammed sums.

While the firm itself wasn’t hacked by the scammers, it immediately responded to the incident and reviewed and tightened all of its systems to ensure its ongoing security.

What should I do?

If you suspect a fraud, or other internet crime, remember to report it on the Action Fraud website. Where a fraud or scam has taken place, it should be reported directly to Police Scotland.

We recommend that you read our cybersecurity guide which includes tips for individuals receiving emails and what to consider before clicking on links and attachments.

Check all the latest notifications on our website: fraud alerts