Leading British law firms are being targeted by cyber criminals who set up fake email accounts and pose as top lawyers to try to con people and companies out of millions.
Fraudsters from around the world have mimicked company names by making subtle changes to website and email addresses in the hope of tricking people into making payments huge payments or sending sensitive personal information.
According to recent rulings made at the World Intellectual Property Organisation (WIPO), con artists apparently from Russian, Nigeria, China, America and France have been targeting UK companies.
The Solicitors Regulation Authority (SRA), the regulatory body for solicitors, has issued a series of warnings about legal firms both large and small reporting bogus internet accounts being set up.
A few months ago it highlighted how Linklaters, a multinational company based in London, had reported various subtle misspellings of its name being used in email addresses.
In one instance, the SRA warned that “emails sent from a genuine solicitor at a genuine firm appear to have been intercepted, with a subsequent email being sent from an email address ending @liinklaters.com.”
The criminals asked for payment to a new bank account hoping no-one would spot the extra ‘i’ in the name.
Other amendments have included @linkiakers.com and @linklalers.com instead of @linklaters.com. In a separate incident this year, Linklaters was awarded control of the domain name linklaters-lawfirm.com after they proved it was set up along with an email address to try to defraud three companies, one email demanding a payment of nearly $1 million.
Linklaters issued an alert about “fraudulent emails … attempting to misuse the name of the firm” warning that it had not changed its bank details.
Lewis Silkin recently closed down a website and emails where its name had been misspelt to read “lewissllkin.com”.
A WIPO, a United Nations agency which protects intellectual property, found the bogus account had been used for “phishing” – conning people into releasing sensitive information such as passwords – and fraud, including “an attempt to divert funds meant for Lewis Silkin to a third party bank account”.
A Linklaters spokesman said: “Like the whole industry, we have seen an increase in firms, clients and consumers being targeted by scammers and we are working closely with the SRA to make sure that people are as aware and as vigilant as possible for any communication that bears the hallmarks of a scam or phishing attempt.”
Steven Jennings, trade marks counsel at Lewis Silkin, said: “Domain name ‘scammers’ understand law firms are a trustworthy source that will have had to go through a number of checks. As a result, most people won’t expect them to fall victim to this kind of fraud.”
Undoubtedly, our firm is not the first and will not be the last to be targeted in this way. “However, this is not just a problem for law firms. All businesses should monitor what domain names they use and to ensure greater security, it is advisable to get clients to check with whom they are corresponding, such as through secure portals.”