The claimant was a first-time purchaser of a property in London. He was also a cash buyer, using savings he had accumulated over a number of years. Despite these obvious vulnerabilities, his conveyancing solicitors (the defendant in this case) did not take the time to find out how much he knew about the conveyancing process or talk him through it. He never met his solicitor in person and had few phone calls; the majority of the transaction was conducted by email.
Unbeknown to the claimant, the defendant’s computer system had been hacked. A fraudster was intercepting emails and impersonating the defendant and its clients in communications with each other. The fraudster had set up email addresses which at first blush looked the same as the genuine email addresses of the claimant and the solicitor firm. However on closer inspection they were very slightly different with two letters having been swapped around.
The defendant was on notice that this had happened to two clients already, however they failed to alert their other clients and tell them to be vigilant. Instead, the defendant (having failed to double-check the recipient’s email address) sent an email about where the purchase money should be sent to the fraudster who was impersonating the claimant. The fraudster then emailed the claimant pretending to be the defendant and persuaded him to pay the purchase money of in excess of £400,000 to a bank account in Hong Kong which was controlled by the fraudster. This money was never recovered.
The claimant brought a claim for professional negligence, alleging that the defendant had failed to exercise reasonable vigilance for detecting fraud, failed to provide advice about the conveyancing process and where money should be paid to, failed to provide any advice about cyber fraud and how it might materialise in a property transaction, and failed to warn the claimant that there was a fraudster at large. The defendant similarly blamed the claimant for failing to exercise vigilance for fraud and also blamed its own IT contractors who had advised the defendant solicitor firm incorrectly that it was several of the defendants’ clients who had been hacked and not the defendant itself – a conclusion that the defendant should have challenged given the enormous coincidence.
We were confident that our client would succeed at trial, albeit it was likely that the court would make a deduction from his damages to reflect the extent to which he was the author of his own misfortune in not, for example, picking up the phone to the defendant before transferring the purchase money to Hong Kong. The claim was resolved in a confidential settlement with our client receiving a substantial amount of money.