Hackers use a simple but very effective email scam scheme.

Photo: wikimedia.org

Both galleries and collectors who conducted transactions were hit. At least nine galleries are known to have been targeted. Among the victims are Hauser & Wirth, London-based dealers Simon Lee, Thomas Dane, Rosenfeld Porcini and Laura Bartlett, as well as American Tony Karman, the president of Expo Chicago.

“The sums lost by them or their clients range from £10,000 to £1m, insurance broker Adam Prideaux Hallett Independent told the Art Newspaper. “I suspect the problem is a lot worse than we imagine.”

The scheme is simple: criminals hack into an art dealer’s email account and monitor incoming and outgoing correspondence. When the gallery sends an invoice to a client, the conversation is hijacked. Hackers then send a duplicate, fraudulent invoice from the same gallery email address, asking wire payment to the account listed in the fake document. They then transfer the money to other accounts and disappear.

As criminals have access to a victim’s email contacts, the fraud is spreading quickly. Insurance companies recommend to scan computers for viruses, monitor incoming and outgoing emails, change passwords if necessary, be careful and encrypt invoices.

Subscribe to our mailing list: