Don't click! Lawyers get fake emails about a complaint; hyperlink installs malicious software
Lawyers who receive emails about a complaint filed against their business may have a problem—but it’s not because of an angry client.
Officials in multiple states are warning that the emails invite the lawyers to click on a hyperlink to view the complaint. Clicking on the link will open a website that installs malicious software or ransomware on the lawyer’s computer. Ransomware blocks computer access until the computer user pays money to get it unlocked.
Officials in New York, Texas, Pennsylvania, Maryland and Florida are among those warning about the scam. Lawyers who received such an email should delete it immediately and should not click on the link, according to a press release by New York Attorney General Eric Schneiderman.
Schneiderman’s press release and the Texas Bar Blog provide an example of one of the phishing emails. The “from” header lists “The Office of the State Attorney at firstname.lastname@example.org.” The subject lists “The Office of the State Attorney Complaint.”
“Dear bar member,” the email begins. “A complaint has been filed against your business. Enclosed is a copy of the complaint which requires your response. You have 10 days to file a rebuttal if you so desire. You may view the complaint at the link below.”
Another email says “see you in court” in the subject line, with a link to what is described as an encrypted document, according to a Maryland State Bar press release. This email could appear to be from a lawyer who is known to the recipient whose email account has been hacked. The encrypted document is actually a computer virus.
Lawyers from several states received similar warnings in June.