Forming a legally binding contract by an exchange of correspondence, by phone or through an electronic platform is not conceptually unusual in English law. However, such dealings introduce an additional complication: who exactly are you negotiating with when your dealings are not face-to-face?
The recent High Court decision in Logix Aero Ireland Limited v Siam Aero Repair Company Limited [2025] EWHC 1283 (KB) underscores the critical importance of ascertaining a counterparty’s true identity when agreeing contracts, and serves as a salutary reminder of the ever-evolving technological landscape which bad actors can exploit to commit fraud.
Background
Logix and Siam Aero agreed a letter of intent regarding the sale and purchase of two aircraft engines. They intended to more formally document their agreement in sale and purchase agreements (SPAs).
After the SPAs had been signed, invoices were issued and Logix had transferred almost US$825,000, a fraud was discovered: despite being provided with a “proof of payment”, Siam Aero did not in fact receive any payment. The bank account details in Logix’s countersigned copy of the SPAs only and on the invoices Logix had relied upon were not Siam Aero’s genuine bank account details, but those of a fraudster.
The fraudster being unidentifiable, Logix then undertook various steps to seek to recover its losses from Siam Aero, including by attempting to obtain possession of the aircraft engines (which were being held by Siam Aero’s agent in France).
Overview of the fraud
The SPAs were primarily negotiated by email. During the negotiations, a fraudster was able to interject themselves into the parties’ emails, ultimately leading to a position where both Logix and Siam Aero were, rather than emailing each other, actually sending emails directly to the fraudster, who would intercept and if necessary amend the contents of the legitimate emails before then sending the email contents to their intended recipients. Neither party knew they were not actually dealing with the other.
While how precisely the fraudster obtained access to the emails Logix and Siam Aero were sending each other was unknown, the parties’ technical investigations discovered that:
- fake domains were set up by the fraudster during the negotiations of the SPAs; and
- email addresses from those fake domains were used to send emails (and were also being copied in the cc: field in emails) in order to create the Logix < > Fraudster < > Siam Aero flow of emails.
For both Logix and Siam Aero, this involved their genuine email addresses with a “.com” top-level domain being substituted with a “.co” top-level domain. The email addresses utilising the .co domain were all controlled by the fraudster.
A harsh result?
Logix issued a claim seeking declarations, damages and/or delivery up of the engines. Siam Aero sought a strike out or, in the alternative, reverse summary judgment in its favour. The court found that no binding contract was formed between Logix and Siam Aero on the terms of the SPAs; Logix’s claims which relied upon the SPAs being an enforceable contract as against Siam Aero therefore failed. Logix’s additional claim based upon a breach of the confidentiality clause contained within the original letter of intent (which was not tainted by fraud) also failed, because any breach of the confidentiality clause (even if established) was not the cause of Logix’s losses – such losses being due to the actions of the fraudster. As a result, Logix’s claim was successfully struck out by Siam Aero, with Logix being ordered to pay Siam Aero’s costs on an indemnity basis.
Key takeaways: red flags and lessons learned
There are a number of factors which in aggregate contributed to the parties falling victim to a fraudulent scheme, and which are especially relevant for those negotiating contracts:
- The fraudster’s fake email addresses were not identified by any of the parties involved at any stage of negotiations of the SPAs. Knowing your counterparty sufficiently well to identify the subtle change from a “.com” to a “.co” email address might have assisted in identifying or preventing the fraud.
- Neither Logix nor Siam Aero themselves identified that their own domain had been cloned by a fraudster utilising a .co address. Regular monitoring of new internet domain registrations might have assisted in identifying or preventing the fraud.
- Negotiations were almost exclusively by email. In addition to enabling the fraudster’s interception of email correspondence to create the opportunity for the fraud, it also enabled Logix to receive a doctored copy of the SPAs and doctored invoices containing the fraudster’s bank account details. Signing the SPAs in person or using a secure third-party e-signature service with identity verification features would have led to both parties executing the same or at least an identical document.
- The bank account substituted by the fraudster was in Vietnam. Logix was based in Ireland, Siam Aero was based in Thailand, and the engines were physically in France. The payment to a country unconnected with the transaction ought to have merited further due diligence and inquiry.
- A phone call to a known phone number was not made to confirm bank account details prior to payment. This would have exposed that the bank account details on the Logix SPA and invoices sent to Logix were not Siam Aero’s correct bank account details, but those of the fraudster. Indeed, it was only when Siam Aero contacted Logix by phone to say that the transferred funds had not been received that the fraud was uncovered.
Comment
While the size and nature of the fraud will guide any response to a loss occasioned by fraud, in our experience early instruction of commercial disputes and civil fraud specialists can be highly advantageous in seeking to minimise dissipation of assets by a successful fraudster, in guiding the scope of any forensic/technical investigations to establish potential causes of action against third parties, advising on whether any insurance policies held by the victim may alternatively respond to any losses, and to address any potential reputational issues flowing from being a victim of fraud.
In this case, the money Logix paid to the fraudster’s account in Vietnam had already disappeared by the time the fraud was discovered. In such scenarios, while it should be possible, with the assistance of local counsel, to trace those proceeds and start recovery proceedings internationally once the proceeds of the fraud have been identified, doing so is often not a fast process and can become cost-prohibitive for small amounts. Acting quickly is essential, especially if it may involve obtaining injunctions and asset freezing orders against connected parties.
However, prevention is always better than cure, and companies should ensure that they have robust signing protocols in place to ensure the integrity of the process.
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our Privacy Notice.