Huge rise in number of criminals using bogus law firms


Cyber crime: increased risks for solicitors

The number of reported attempts trying to defraud the public by using bogus law firms soared by 57% last year, the Solicitors Regulation Authority (SRA) revealed yesterday.

The news came with the publication of an SRA guide to combating cybercrime, which the regulator brought forward in light of the scam this week targeted at solicitors through an e-mail that appears to be from the SRA itself.

According to Spiders in the Web, the SRA received 549 reports of fake firms in 2013, many of which advertise online and operate by stealing the identity of an existing, real law firm.

This can be used as a method of stealing money from clients that are tricked into thinking they are dealing with a genuine law firm.

As well as bogus firms, the SRA said the use of harmful software has also been of increasing concern. Other potential risks include hacking and online activism – the guide recounted how in 2012 the ‘Anti-sec’ online activist group hacked into the servers of a Washington law firm that was acting for a US soldier convicted of war crimes in Iraq.

They obtained tens of thousands of e-mails and posted them online, including confidential information from unrelated cases.

A spokesman for the group said that they may attack others “if law firms stick their necks out in defence of notoriously corrupt corporations”.

Other real-life instances highlighted in the guide included a Canadian law firm working on a proposed acquisition of a Chinese company that was targeted by data thieves. Lawyers working on the deal received e-mails that appeared to be from a partner in the firm who was involved in the transaction.

The e-mails were actually a targeted phishing operation, and contained an attachment which installed a computer program on to the firm’s IT systems. This recorded data and information, and allowed the third party to access it. The attack was eventually traced to computers in China, with commercial espionage the presumed motive.

The SRA said that it did not intend to cause alarm. “There are simple steps that law firms can take to help protect themselves from criminals. These help to turn businesses from soft to hard targets.”

For example, it said commercial identity theft can be guarded against with many of the same concepts as used against personal identity theft, such as ensuring the secure destruction of documents that carry sensitive information about the firm.

The SRA also advised that firms should also at least occasionally monitor references to themselves online and on sites such as ‘Find a Solicitor’, which may help detect fake branches.

Andrew Garbutt, SRA director of risk, said the SRA e-mail scam “shows that the risks we are identifying are very real with genuine consequences, and that all firms should make themselves aware of the issues, assess how they could affect them and take steps to mitigate against them”.

The guide can be found here and a 2012 SRA warning notice on bogus law firms and identity theft here.

Tags:




Leave a Comment

By clicking Submit you consent to Legal Futures storing your personal data and confirm you have read our Privacy Policy and section 5 of our Terms & Conditions which deals with user-generated content. All comments will be moderated before posting.

Required fields are marked *
Email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog


The lonely role of a COFA: sharing the burden of risk management

Compliance officers for finance and administration in law firms can often find themselves walking a solitary path. But what if we could create a collaborative culture of shared accountability?


Mind the (justice) gap: Why are RTAs going up but claims still down?

The gap between the number of road traffic accident injuries and the number of motor injury claims continues to widen, according to the latest government data.


Five key issues to consider when adopting an AI-based legal tech

As generative AI starts to play a bigger role in our working lives, there are some key issues that your law firm needs to consider when adopting an AI-based legal tech.


Loading animation