Staying ahead of payment diversion fraud: Protecting client funds in property transactions

Payment Diversion Fraud

Payment diversion or conveyancing fraud is one of the fastest-growing threats to the property sector. Criminals are intercepting legitimate communications to divert client funds into fraudulent accounts, leaving clients at risk of losing hundreds of thousands of pounds in a single click.

The City of London Police and Action Fraud recently highlighted a sharp rise in incidents targeting solicitors, conveyancers, and their clients during property transactions.

The reputational and financial consequences of a single breach can be severe, affecting not just clients but entire professional networks. For solicitors, conveyancers, and other professionals handling high-value property payments, awareness and vigilance are crucial.

How diversion fraud works

Most cases of payment diversion fraud begin with a compromised email account or intercepted correspondence. Fraudsters monitor the exchange between you and your client, waiting until a payment is due. Then, posing as a trusted party - often using an email address that differs by just a single character - they send convincing payment instructions containing altered bank details.

Because these messages appear to come from credible sources, with accurate language signatures, and branding, they can be difficult to detect. By the time an error is spotted, the funds are usually gone, transferred through a chain of accounts that makes recovery extremely difficult.

Recent alerts from law societies and local authorities suggest the problem is worsening, as criminals deploy AI-generated messages and domain spoofing to appear even more convincing.

Why legal and conveyancing professionals are prime targets

Property transactions provide a favourable environment for this type of fraud, as they involve multiple stakeholders, strict timelines, and large-value payments.

Every email, document, or instruction - whether between lawyer and client, or between agents and financial intermediaries - can become a potential weak link for criminals to exploit.

As a trusted intermediary, you hold the confidence of both buyer and seller. That trust, combined with the pressure to complete transactions efficiently, can make it easy for a fraudulent instruction to slip through. A single unverified request for new bank details can compromise not just the integrity of a deal, but also your firm’s reputation.

Balancing speed with caution is the challenge. Clients expect transactions to move quickly, but verifying payment instructions and maintaining secure channels can make the difference between a completed sale and a costly fraud.

Best practices to reduce risk

1. Verify every change in payment details

Never rely on email alone. Verification through a known phone number or a secure portal is recommended, especially when new or updated account information is provided.

2. Establish a clear communication protocol

At the outset of every transaction, inform clients about how and where payment instructions will be shared, and advise them not to act on last-minute changes. Setting expectations early can prevent confusion later.

3. Use secure, audited channels for fund transfers

Avoid sending or receiving bank information through unsecured email. Encrypted platforms or client portals, with clear audit trails, significantly reduce the risk of interception.

4. Keep systems and staff training up to date

Fraud methods evolve rapidly. Regular training, phishing simulations, and updates to cybersecurity policies help teams stay alert to new tactics and allows threats to be recognised early.

What to do if you suspect payment diversion fraud

If you believe you or your client may have fallen victim to payment diversion fraud, speed and transparency are crucial. Contact your bank or payment provider immediately and request that the transaction be stopped or recalled. Inform your client and any relevant counterparties without delay so that further transfers can be frozen.

Depending on where you operate, you should also report the incident to the appropriate law enforcement or financial crime authority. In the UK, this is Action Fraud - the national reporting centre for fraud and cybercrime - which can be reached through actionfraud.police.uk. In other jurisdictions, regulators or central banks typically maintain similar reporting frameworks for financial crime.

Preserve all records connected to the incident, including emails, transaction data, and system logs, as these may be vital for investigations or insurance claims. Finally, review internal processes to identify how the compromise occurred and what additional controls could prevent a recurrence. Even when losses are avoided, sharing intelligence and incidents can help inform and protect the wider property industry.

A shared responsibility

Preventing payment diversion fraud depends on collective vigilance. Every professional involved in the transaction chain - from lawyers and conveyancers to agents and financial partners - plays a role in protecting client funds.

The technology supporting property transactions is improving, but fraudsters are adapting just as quickly. Awareness, verification, and secure communication remain the most effective defences.

No single system can eliminate risk entirely, but structure, transparency, and shared standards make fraud significantly harder to execute.

Learn more about how Redpin and our brands are helping to safeguard users and clients from fraud, and if you ever have any security concerns or if something doesn’t seem quite right, speak to one of our experts, and we’ll be happy to help.

Insights

Explore expert perspectives and updates from the world of Redpin