A group of fraudsters that hacked people’s email accounts as part of £10m conveyancing scam have been gaoled.

The five individuals, who have each been sentenced to between five and seven years, used Malware to steal log-in details that belonged to both businesses and private individuals and then diverted payments to one of 100 “mule” bank accounts.

The Metropolitan Police’s specialist crime team said it had found evidence of 235 separate frauds the gang had committed between 2014 and 2019.

The criminals’ method was to monitor the compromised email accounts for high-value financial transactions, then intercept conversations and send fake emails so that victims mistakenly passed funds to one of the fraudsters’ own accounts.

Officers added that some of the victims were UK property buyers who thought they were paying money to their conveyancing solicitor.

Detective Constable Chris Collins, from the North West Economic Crime Unit, said: “A common feature in this case was the use of mule bank accounts. I advise anyone conducting financial business by email to verify the bank account they are sending their money to by contacting the intended recipient by means other than email.”

The Law Society Gazette reports that the Solicitors Regulation Authority (SRA) has identified email modification fraud – where criminals intercept and falsify emails between a client and their firm – as one of the most common types of cyber-crime affecting the profession.

So prevalent is the issue that the SRA has advised firms to ask themseleves “when, not if” they will be targeted by online criminals.

To combat the threat, the authority recommends that systems should be regularly replaced and updated. In addition it suggests the use of antivirus software, two-factor authentication for email and log-ins, and the use of non-predictable passwords.