Hackers are stealing large sums of money from art galleries and their clients using a straightforward email deception. The Art Newspaper has so far identified nine galleries or individuals targeted by this scam. They include Hauser & Wirth, the London-based dealers Simon Lee, Thomas Dane, Rosenfeld Porcini and Laura Bartlett and, in the US, Tony Karman, the president of Expo Chicago.
“We know a number of galleries that have been affected. The sums lost by them or their clients range from £10,000 to £1m,” says the insurance broker Adam Prideaux of Hallett Independent. “I suspect the problem is a lot worse than we imagine.”
How it works
The fraud is relatively simple. Criminals hack into an art dealer’s email account and monitor incoming and outgoing correspondence. When the gallery sends a PDF invoice to a client via email following a sale, the conversation is hijacked. Posing as the gallery, hackers send a duplicate, fraudulent invoice from the same gallery email address, with an accompanying message instructing the client to disregard the first invoice and instead wire payment to the account listed in the fraudulent document.