"An Attorney near me" - Cape Town legal directory
lawyer@capetownlawyer.co.za or WhatsApp

Property Purchase Scam "Man in the Middle" | ENS vs Hawarden

The purchaser is the party most at risk of being scammed in a property transaction; the simple reason for which is that the purchaser is going to have to EFT a large amount of money into a bank account they're usually not familiar with; and the purchaser usually has less expertise than the conveyancers.

ENS vs Hawarden

And so it's not surprising that the purchaser of a property was the victim of the scam in the case of Edward Nathan Sonnenberg Inc v J. Hawarden. It goes without saying that it's a pretty sad state of affairs when you have to fight your conveyancing attorneys in court. PGP representing the sellers were using ENS, but they are still also representing the purchasers. Although the offer to purchase would usually specify the converyancers; which the purchaser signs (note I'm speculating, I haven't had line of sight of the offer to purchase), so it is ultimately a choice made also by the purchaser, even if the seller/seller's agent was the party suggesting which conveyancers to use.

The players | ENS vs Hawarden

Property Purchaser: Judith Mary Hawarden, an elderly divorced pensioner
Property Seller: Davidge Pitts Family Trust
Estate Agent: Pam Golding Properties (PGP), appointed by the seller
Bank Account 1: PGP Trust Account
Property Lawyers: Edward Nathan Sonnenberg (ENS); PGP Trust's appointed conveyancers
Bank Account 2: ENS Trust Account
Man in the Middle: Unknown Cyber criminal
ENS's Bank: FNB
Cyber Criminal's Bank: FNB
Ms Hawarden's Bank: Standard Bank

Lady standing outside house with a sold sign and criminal driving away

Man in the middle scam

Judith Hawarden was a victim of the "man in the middle" scam. Fraudsters hacked her email and then pretended to be the conveyancing attorney in correspondence with her (they used an email address which was almost the same as the property attorneys' email, but misspelt the word "africa" as to "afirca"). The fraudsters gave Ms Hawarden fake bank details to deposit the purchase amount into, which she mistakenly believed were the banking details of ENS.

The case was initially hosted by the Gauteng High Court, and after its decision in favour of Ms Hawarden it was taken on appeal by ENS to the Appeal Court.

A blow by blow account of what unfolded

Note that this is a summary; I haven't included all details (there's a link to the full ruling at the bottom of this article, if you want more details).

The Davidge Pitts Family Trust appointed Pam Golding Properties (PGP) to sell a property on its behalf.
In May 2019 Ms Harden bought the property; and received an email from PGP at 09h15 on 23 May requesting Ms Hawarden to deposit R500k into PGP's trust account; and advising Ms Hawarden of the dangers of cybercrime, and to verify the banking details by phoning Mr Prince Lukhele of Pam Golding Properties.
At 09h15 on 23 May 2019 Ms Hawarden telephonically confirmed the PGP trust account's banking details with Mr Lukhele and EFT'd R500k into PGP trust's bank account later on the same day.
Edward Nathan Sonnenberg are PGP Trust’s appointed conveyancers.
The day after the deposit was made, PGP emailed Edward Nathan Sonnenberg, cc'ing Ms Hawarden, confirmed that the deposit had been received in the PGP Trust's account; and attached to the email a copy of the signed property sale agreement.
ENS replied to Pam Golding Properties (cc'ing Ms Hawarden) that a certain Ms Ambaram would prepare the documentation to be submitted to the deeds office; to allow for transfer of the property and registration in the purchaser's name (Ms Hawarden).
On 20 Aug 2019 a coneyancing secretary in the employ of Edward Nathan Sonnenberg, "Ms Eftyhia Maninakis", sent an email to Judith Hawarden; the email had an attachment containing the correct banking details of ENS, and guarantee requirements.

The email from Eftyhia Maninakis was intercepted by a criminal, the "man in the middle". A few days prior the criminal had gained access to (hacked into) Judith Hawarden's email account.
On 21 Aug 2019 the criminal sent Judith Hawarden an email in which the criminal pretended to be Eftyhia Maninakis; but included the criminal's banking details (instead of ENS) and also set out the guarantee requirements.
On the same day, Judith Hawarden received the email, she then phoned Eftyhia Maninakis, and asked whether she could decide to EFT the remainder of the purchase price directly to ENS, if her bank was unable to provide the necessary guarantees in time. Eftyhia Maninakis confirmed that Ms Hawarden could EFT directly to ENS, and undertook to email her ENS's FNB bank details and a letter to Standard Bank (Ms Hawarden's bank) containing the guarantee requirements; Ms Maninakis sent this email later the same day.
The email from Ms Maninakis was intercepted by the cyber criminal, and never received by Ms Hawarden. Instead, on the same day, Ms Hawarden received an email from the criminal again pretending to be Ms Maninakis; the email contained the criminal's banking details. Ms Hawarden failed to notice that the word "africa" in the email address had been misspelt as "afirca"
On 22 Aug 2019 Ms Hawarden was informed by Standard Bank that it would take 14 days to furnish a guarantee. Ms Hawarden spoke to a Mr Arshad Carrim of ENS who informed her that the interest she would earn in the ENS Trust Account was less than the interest she would earn at Standard Bank.
Subsequently, but on the same day, Judith Hawarden EFT'd R5.5m into the criminal's bank account (believing it was the ENS Trust's bank account). She did this while at Standard Bank using a bank employee's computer.
On 22 Aug 2019 Judith sent Ms Maninakis proof of payment. This email was intercepted by the criminal and altered, so that it looked like the ENS Trust's proper banking details had been used, and sent to Ms Maninakis; saying the amount should register in their bank account within 48 hours.
On 23 Aug 2019 Ms Maninakis sent Ms Hawarden an email thanking her for the deposit.
On 26 Aug 2019 the criminal sent an investment letter to Ms Hawarden.
The criminal had withdrawn the money from the FNB bank account which he was using, and FNB was not able to retrieve the stolen money.
On 29 Aug 2019 the fraud was discovered.

At the end of the day the Appeal court found in favour of ENS; their appeal was upheld (with costs). Waitress serving a house with a R5 million price

Unanswered questions

I haven't been following the case very closely, so these thoughts may have been addressed somewhere, but I'm left with the following loose ends I'm wondering about:

Did ENS have insurance against cybercrime and phishing? If there were insurers, what were their points of view?
It's clear that ENS warned about cybercrime and phishing risks; but did they specifically:
- insist that their bank account number should be confirmed telephonically before any payment was made to them?
- tell the client to watch out for any misspellngs of their email address?
With all the banking controls against money laundering and criminal activity; why was the R5.5m deposit with FNB not flagged as suspicious and frozen? Why can't the criminal be identified from ID documentation used to open the account?

Click here to read the ruling by the Appeal Court.

Property Buy/Sell/Transfer/Usufruct

Warning: readfile(https://www.capetownlawyer.co.za/live-content/includes/property/conveyancing-articles.php): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/capetlod/public_html/property/purchase/scam/property-purchase-scam.php on line 115