As first revealed by ATG in the spring, fraudsters hacked email accounts to intercept invoices and doctor them with new bank details.
Insurers believe that some galleries were tricked into paying out up to £1m.
Kurt Rothmann, senior partner at insurance broker JLT Specialty, said: “This type of loss is often branded as ‘cyber’, but is actually fraud. It is usually perpetrated by individuals with good knowledge of the workings of the target companies and will use impersonation via email communication as a means to extract payments.”
The scam means that the invoices appear perfectly genuine and clients have little reason to believe they did not come from expected source.
As reported by ATG earlier this year, the art and antiques trade associations, including the Society of London Art Dealers, the British Antiques Dealers’ Association (BADA) and LAPADA, warned members to be extra-vigilant and double-check details with clients before making payments from emailed invoices.
Email invoice scam: What to do
- Double-check a beneficiary’s sort-code and account number with a verified contact directly by phone.
- Send over a small instalment first, before sending a major payment, to ensure the payee’s details are correct and that the funds have been received.
- Consider using ‘Paym’, which requires additional verification of a recipient’s name and account name.
Advice from Sandy Rich, a director at Richard Thompson Insurance Brokers.