Security Alert: Bogus Court Emails Carrying Nasty Viruses - Strategist
Strategist - The FindLaw Law Firm Business Blog

Security Alert: Bogus Court Emails Carrying Nasty Viruses

You don't have a previously unannounced hearing, it seems.

The Administrative Office of the U.S. Courts (AOUSC) just posted a security alert about an ongoing email spam scam (say that three times fast), alerting lawyers about an impeding court hearing. The attachments, of course, contain nasty malware. And the emails aren't just coming from faux federal courts -- some state courts are affected as well.

Plus, it gets worse. Some of the fake email messages appear to be coming from BigLaw email addresses.

Identifying the Bogus Emails

One great way to spot any fishy-looking emails or social media messages is to simply reply to the sender and ask if it is spam or a virus. It almost always is, and you'll alert the sender that their account has been compromised.

The dangerous thing about this particular virus is that it appears to be coming from multiple fake sources. AOUSC warns that some claim to be coming from federal court clerks, and advises lawyers to use the court locator to check with their local court if you receive any emails about unfamiliar cases.

The District of Columbia Courts warns that some emails regarding fake court dates are coming from @jonesday.com and @hoganlovells.com. The court notes that the case numbers, which begin with "NR," are easily identifiable as fake, as the court does not have "NR" case types.

Georgia's Administrative Office of the Courts posted an example of their local variant:

Warrant to appear,

Please be informed that you are expected in the Court of Georgia on February 2nd, 2014 at 9:30 a.m. where the hearing of your case of illegal software use will take place.

You may obtain protection of a lawyer, if necessary. Please bring your identity documents to the Court on the named day. Attendance is compulsory.

The detailed plaint note is attached to this letter, please download and read it thoroughly.

Court clerk,

BOLTON Vincent
Clerk to the Court

The Virus

According to the New York Daily News, the malware was identified as Kuluoz or Dofoil. Microsoft's profile on Kuluoz warns that it can steal passwords and download other malware to your PC, while Dofoil can turn your computer into a "botnet" machine that spreads viruses without your knowledge.

Cleanup

If you downloaded attachments from one of these emails, and your anti-malware software didn't catch it in time, your first step should be to update your antivirus definitions. Restart your computer in safe mode, then run your scanner. If that fails, the above links to Microsoft's website provide other removal tools.

If you don't have antivirus or anti-malware software, Microsoft Security Essentials is free (and a personal favorite).

Have any other variants of the faux court emails? Tweet us at @FindLawLP and we'll pass them along.

Related Resources: