Vishing – Fraud warning for law firms

Banks are warning legal firms to stay alert of vishing (voice-phishing) scams across the sector after fraudsters specifically target client accounts.


The scam starts when a fraudster telephones you pretending to be from your bank or your banks fraud prevention department, reporting that there is a problem with your bank account.


Prior to making the call, the fraudster has often gained crucial intelligence about your business activities so that they sound credible throughout discussions and adopt urgent language to persuade you that immediate action should be taken.


To convince you that the call is legitimate the fraudsters ask you to call them back on the telephone number printed on the back of your card or any other trusted number you may have for your bank.


Then, even though you have hung up your phone, the fraudster leave their end of the line open so that when you re-dial, the fraudster can intercept your call and pretend to be your bank.


They will then go through various security questions with you, gaining access to your bank account and authorising fraudulent withdrawals.


What you and your firm need to do:

  • Be suspicious of any telephone calls requesting details of PINs or passwords for your firms bank accounts
  • End any call which you perceive to be of this nature immediately
  • Remind all your staff that they should never under any circumstances give out passwords or PIN numbers, and that real banks never ask for this detail
  • Report the incident to your bank but use a different telephone line so the fraudster can’t intercept your call.
  • Report the incident to Action Fraud, the UK’s national reporting centre for fraud and internet crime on 0300 123 2040.