Beware: Scams Target Law Firms, Clients

Here is a compilition of recent news items carried in TBA publications regarding scams or other cyber threats to attorneys and their clients.


Is Your Client Information Safe?

Data Security Is Your Responsibility Even if You Don’t Understand How it Works

(December 2016 Tennessee Bar Journal Cover Story)


Lawyers Targeted with Fake Email Complaint

(December 5, 2016) Officials in multiple states are warning lawyers against opening and clicking on links in emails that may contain fake complaints, the ABA Journal reports. The emails contain a hyperlink to view the complaint but when clicked on installs malicious software or ransomware on the computer. Ransomware typically blocks computer access until the computer user pays money to get it unlocked. Officials in New York, Texas, Pennsylvania, Maryland and Florida are among those warning about the scam. Lawyers who receive such an email should delete it immediately and should not click on the link, they advise. The emails have been from “The Office of the State Attorney” with a subject line of “The Office of the State Attorney Complaint” or “see you in court.”


Police Bust IRS Scam Center in India

(October 13, 2016) Indian police said three nondescript office buildings on the edge of a Mumbai suburb were packed with hundreds of people posing as Internal Revenue Service officials in a scam that has vexed Americans for years. According to CNN Money, the scammers posed as IRS officials and threatened Americans with jail time if they did not pay money that allegedly was owed. Among the 70 people arrested were those who alleged that 700 people in nine call centers made thousands of calls a day to try to trick Americans into sending money.


Tennessee Lawyers Advised of Email Scams

(July 12, 2016) Tennessee lawyers are being advised by the Board of Professional Responsibility to be aware of an email scam that is specifically targeting attorneys, Knoxnews reports. The scam entails a “phishing email” that is disguised to look like a professional message but contains links that allow the scammer to install malicious software on the computer. Lawyers are also being advised to be wary of emails that appear to be from the board itself. Officials say that if anyone receives an email from the board that contains a link, hover over the link to see if it displays the domain “tbpr.org.” Those who receive a suspicious email containing a link or attachment are advised to contact the board at 800-486-5714 to verify its legitimacy.


Beware: Lawyer Clicks Away $289,000 in Scam

(March 13, 2015) Be careful what you click, attorney David Peel warns in an opinion piece in the Millington Star. Peel recounts stories of lawyers across the country who have been duped by internet scam artists. One attorney in San Diego had almost $300,000 taken out of his bank account after opening an attachment from an email appearing to be from usps.gov. The IRS also issued a list of scams people should watch out for.


New Scams Target Lawyers with Emails, Fake Caller IDs

(February 25, 2016) Tennessee lawyers are receiving warnings from their professional liability insurers about new scams targeting law firms. A message from Gallagher Law Firm Solutions offered this article on fake emails that target lawyers who process client funds from attorney trust accounts. The Gallagher notice also called attention to cases in Arizona, where scammers have spoofed caller IDs to make clients think they were being called by their attorneys. They were then directed to make payments to the scammers. The State Bar of Arizona put out information about the cases, and Arizona Attorney magazine editor Tim Eigo offered more resources in his AZ Attorney blog.


Scammers Using BigLaw Names in Phishing Expeditions

(January 13, 2015) Scammers have been using the names of some of the country’s biggest and best-known law firms in recent efforts to trick email recipients into clicking on links that will put malware on their computers, Crain’s Chicago Business reports. Firm names that have been misused include Baker & McKenzie, Sidley Austin and Skadden Arps Slate Meagher & Flom. The spoof reportedly involves an email falsely purporting to be from a firm containing a notice to appear in court. Internet security experts remind users not to open suspicious emails or attachments, or respond in any way.