Dealer Simon Lee and Simon Lee Gallery’s Ying Yue Li.

Wave of Cyber Crime Hits Art World

Hauser & Wirth, London-based dealers Simon Lee, Thomas Dane, Rosenfeld Porcini, and Laura Bartlett, and Tony Karman, the president of Expo Chicago, have all been targeted by hackers or had money stolen from them in the midst of transactions over artworks, according to a report in the Art Newspaper. The most common form of fraud so far consists of criminals hacking into an art dealer’s e-mail account and monitoring incoming and outgoing correspondence. When the gallery sends a PDF invoice to a client via e-mail following a sale, the conversation is then hijacked. Posing as the gallery, hackers then send a duplicate, fraudulent invoice from the same gallery e-mail address with an accompanying message instructing the client to disregard the first invoice and instead wire payment to the account listed in the fake document.

Once money has been transferred to the criminals’ account, the hackers move the money in such a way as to avoid detection and then they disappear. The same technique is apparently being used to intercept payments made by galleries to their artists and others. Since the hackers gain access to the gallery’s email contacts, the scam can spread quickly, with phony e-mails appearing to come from known sources.

The art market is particularly vulnerable to such schemes, as one anonymous American dealer quoted in the Art Newspaper’s article notes: “You can’t buy a $1 million condo without three weeks of paperwork and one hundred checks and balances, but art dealers and their clients will wire $1 million after a single conversation.” The same dealer, whose gallery nearly lost $500,000 when one of his clients wired money to a crook—the client was able to recover the funds after the bank questioned the transfer—says he knows of many more galleries targeted by hackers. Simon Lee’s experience of this type of crime included the following account: “Our accountant received an e-mail and invoice from someone within our company, with a message saying ‘please pay this.’” Though the sum lost by Lee’s gallery was small, he knows “people who have been taken for hundreds of thousands of pounds.” Lee now issues a standard warning about cyber fraud with every invoice and his accountant now “telephones and confirms banking instructions with clients over the phone.”

Last February, the Society of London Art Dealers issued a warning to its members about the dangers of e-mail fraud, and it sent out the warning again three months later. Last year in the US, the Art Dealers Association of America (ADAA) circulated its first warning on cyber-risks, including this specific type of e-mail fraud, which it refers to as a “man-in-the-middle” scam. Adam Sheffer of the gallery Cheim & Read, who is the president of the ADAA, says that he issued the alert after being approached by “high-profile American and European galleries” as well as artists who had been targeted by scammers.

Although cyber-insurance policies do exist, these generally have a relatively low cap on the losses that can be claimed. Additionally, if these policies are bought by galleries, only the galleries are protected, not their clients, who are most often the victims. The insurance industry is currently divided about the efficacy of such products. AXA Art, for instance, does not currently offer a policy that will protect against loss from this type of e-mail fraud, according to Chris Bentley, the director of underwriting at AXA Art Northern Europe, Middle East, and Asia Pacific. “This is a very rapidly evolving area for the insurance market,” he noted. “It’s moving so quickly that if you renewed your policy in April rather than October, you might have a different arrangement.” He thinks that it would be more effective for galleries to adopt “a change in practice to avoid this situation happening in the first place rather than buying what is going to be potentially quite expensive insurance. Even if an insurance solution is eventually offered, it is still likely to be both limited and expensive.”