Home » News » Agencies & People » Are your company emails safe? London agency’s clients scammed after ‘security breach’
Agencies & People

Are your company emails safe? London agency’s clients scammed after ‘security breach’

Young couple lose their rental deposit and rent for their dream flat after being duped by fraudsters, although they and agency dispute who is to blame.

Nigel Lewis

lettings agency

An lettings estate agency in London has become embroiled in a financial tussle with a young couple after they were swindled out of their rental deposit and first month’s rent by an email fraudster.

Renter Jessica Redman and her partner had saved up enough money to move into an apartment together in Canonbury, North London and found a property via Islington lettings agency Alwyne Estates and had their offer accepted.

What happened next is contested by both the agency and the couple, but is a salutary lesson in why estate agencies need to ensure staff and IT systems cannot be breached by fraudsters.

Redman claims that the email account of a property manager who they were dealing with at the firm was compromised by hackers who then set up a fake email account to dupe Redman and her partner into transferring £1,385 into the fraudster’s bank account.

Fake email

The couple were told via the fake email account that the landlord wanted the cash before he would sign the contract.

Alwyne Estates has told local newspaper The Islington Gazette that it is not willing to reimburse the couple because it contests that its internal email system was compromised, and that the couple were defrauded by an email account outside of its control.

“One of our staff inadvertently revealed his email login credentials – an entirely different situation,” director Kevin O’Grady told the paper, claiming this amounted to a security breach and not a hack.

“While we cannot take responsibility for Jessica’s decision to act on an email that was not sent from an Alwyne Estates email account, we have endeavoured to help Jessica and her partner as much as is within our power.”

The agency says the breach has been reported to the Information Commissioner’s Office and logged with Action Fraud, and that it has put its staff through additional training and its IT systems have been upgraded.

Read more about security breaches.

January 29, 2020

What's your opinion?

Please note: This is a site for professional discussion. Comments will carry your full name and company.

This site uses Akismet to reduce spam. Learn how your comment data is processed.