Real estate purchase: when fake notaries embezzle tens of thousands of euros

Contrary to what she believed, the RIB that Corinne sent to her banker in mid-January did not come from her notary's assistant, despite the header and signature, but from hackers who had had access to her box. mail.

By becoming aware of all the exchanges related to this real estate transaction, namely the purchase of a second home, the scammers were able to perfect their identity theft and made it more credible.

“When you check the email on your phone, you only see the name of the person”, and not the address, justifies Corinne, an executive in a CAC 40 company and who says she is “rather suspicious” in general.

"If I get something I'm not expecting, I don't click," she says.

Except that this time, she was waiting for an email from her notary...

Corinne managed to recover around 100,000 euros, but she is now "mad with rage", especially towards her bank, with whom she is in a pre-litigation situation.

She also filed a complaint against X.

According to her, her banker did not carry out adequate checks: in addition to the suspicious sender's address, which appeared in black and white in the transferred email, the adviser did not realize that the recipient of the transfer n was not registered with the Caisse des dépôts et consignations (CDC), as was however indicated on the false RIB.

“Financial advisors really need to be trained, because a notary will never have an account” anywhere other than the CDC, explains a notary from Hauts-de-Seine wishing to preserve her anonymity.

According to her, "at the slightest doubt, the bank will have to make a counter-call (verification call), a process used by the notaries themselves with customers".

In an email sent to her bank, Corinne denounces the attitude of the latter: "I am forced by the bank to go through the branch advisor for my most sensitive transfers while the level of authentication and control of the recipient is lower than when I make a transfer myself as usual via the web interface".

Connections... from Ivory Coast

For Sébastien Dupond, boss of Cyber4U, a cybersecurity company that supports small and medium-sized businesses and who has decided to assist Corinne on a voluntary basis, the responsibilities are shared between several actors.

In addition to the bank which apparently did not carry out the minimum checks before transferring more than 160,000 euros, the expert accuses the messaging operator of never having informed Corinne of suspicious connections to her account from Côte d'Ivoire.

The victim did not realize this until after the scam, when he went to check his connection history himself.

Finally, the last person responsible, according to Mr. Dupond, is the notarial office, which sends bank details directly to customers, without going through a secure system.

"The recommendations of the profession are indeed to send bank details via a secure platform, make counter-calls, alert customers", explains a notary.

It is difficult to know precisely the number of victims affected by this type of scam, but according to an estimate obtained by AFP in the notarial community, this could represent a few dozen people since last summer.

In some cases, it would be the notary who had his mailbox hacked, the scammers using it to request the funds, by attaching a false RIB.

In an alert published at the end of 2021 on its website, the consumer association UFC-Que Choisir cites the case of an individual who lost 50,000 euros and that of a couple who had 30,000 euros stolen.

“Of all the acts, this represents almost nothing, but these are situations which are most of the time problematic for clients”, recognizes the Higher Council of Notaries.

Dematerialization and cybersecurity

While the first confinement considerably slowed down activity in the real estate sector, the catch-up that followed, combined with the persistence of health constraints, increased the risk of fraud.

“Clients and professionals from all sectors, in the context of accelerated dematerialization which is a corollary of the health crisis, are exposed to growing cybersecurity risks”, notes the Higher Council of Notaries, which has noted an upsurge in recent month.

“We regularly receive emails from our professional bodies inviting us to be even more vigilant than we have been”, confirms a notary practicing in Seine-Saint-Denis and who explains that with the health crisis, the RIBs which were previously delivered by hand are now sent by email.

If the phenomenon is not new, France is not the only country affected either: in 2018, AFP already mentioned many victims of such scams recorded in the United States.

At the Banque de France, "establishments are asked to carry out regular information campaigns for their professional customers, and that goes for notaries, in order to recall all the issues associated with the security of identifiers", explains Julien Lasalle, manager of the cashless resources monitoring service at the Banque de France.

"A change of bank identity of a beneficiary is not a trivial operation", he adds.

Faced with the increasing number of scams, Crédit Agricole's Ile-de-France fund has decided to alert its customers, by email or SMS, and claims to have put in place "a procedure to secure transfers greater than 100,000 euros requested remotely".

Among the recommended measures: the counter-call.

Even in the case of an email and RIB which seem to be in conformity, it is more than advisable to contact the notarial office directly before proceeding with the transfer.

© 2022 AFP