Technologist - The FindLaw Legal Technology Blog

Scammers Are Phishing for Lawyers Nationwide

How many fake emails does it take to fool a lawyer? And no, this is not a lawyer joke.

Apparently, it takes more than seven states' worth of email because scammers have targeted lawyers across the country and they are not letting up. Attorneys from New York, California, Texas, Florida, Georgia, Nevada, and Alabama have recently received email with phony threats of lawsuits and disciplinary actions against them. The phishing scam is designed to entice lawyers to click on a link that results in their computers being taken hostage by ransomware.

"Attorneys are receiving email claiming that their business was subject of a complaint for which they have 10 days to respond," New York Attorney General Eric T. Schneiderman said in a press release. "The email includes a hyperlink to the 'complaint' but in reality it links to a website that installs malicious software on the person's computer."

Ransomware Is More Sophisticated Than Ever

Ransomware, aptly named because it's like kidnapping for money, holds a computer system hostage until the user pays for it to be released. Such malware has been around for decades, but ransomware attacks have become more sophisticated and have spiked in recent years.

In 2014, Dell, Inc. reported, CryptoWall infected more than 625,000 computers worldwide, including a quarter million in the United States. Between April 2014 and June 2015, the FBI reported, victims claimed losses of more than $18 million. According to Symantec, there was a 250% increase in new ransomware available to hackers on the black market in the past three years.

Hackers typically demand payments of $300 to $500 to restore their victims' computers. Lawyers, who usually can afford the ransom but cannot afford to lose their computer data, are easy targets.

Do Not Go in There!

Unlike malware that downloads automatically when users visits some websites, the ransomware is activated when the email recipient clicks on a link. In the recent lawyer phishing expedition, the email reads like this:

Dear Bar Member:

A complaint has been filed against your Business. Enclosed is a copy of the complaint, which requires your response. You have 10 days to file a rebuttal if you so desire. You may view the complaint at the link below.

complaint88947.pdf

Safeguard Your Computer

If you clicked on the link, it is probably too late for you. The newest malware is practically impossible to eradicate.

But the good news is that you can take steps to safeguard your computer system in the meantime. Here's how to protect yourself: 1) Be careful when opening email. 2) Do not open suspicious attachments. 3) Update anti-virus software. 4) Back up your system. 5) Report ransonware attacks.

For the latest legal news, subscribe to FindLaw's Legal Grounds Newsletter.

Related Resources: