In recent times, members have reported receiving emails from Counsel that included two attachments, one of which purported to be a draft set of proceedings while the other contained instructions on how to open that document with a code. Opening the “draft set of proceedings” file results in malware being installed on the recipient's computer.

The email appears to come from Counsel’s genuine email address, adding an appearance of authenticity to the email. What is unusual is that the Counsel’s telephone number is amended and also that the recipients were not expecting a set of proceedings from Counsel at that time.

Opening the attachment and the resultant installation of malware often allows the fraudster to gain access to the recipient solicitor’s email system. This method has then been used to send emails to the recipient solicitor’s clients requesting that funds be sent to fraudulent bank accounts. Other malware allows a ransomware attack to be perpetrated on the practice.

Be alert

If you receive an email that you were not expecting or appears unusual, requesting you to open an attachment, please contact the sender by a secure means to ensure its veracity prior to opening the attachment. For example, using a known phone number and not that contained in the email, or by post. Please also ensure that all members of staff are aware of the possibility of fraudulent attachments or links contained in emails, regardless of the sender.

If you have already opened an attachment of which you are now suspicious, contact your IT providers immediately and ensure they interrogate your system to ensure any malware installed is removed and the system cleaned. Also, ensure that no emails have been sent from your email address to others without your knowledge.

Be aware of impersonation

Many colleagues use social media as a marketing tool, or to build their own personal networks. Some of our most active colleagues on social media have reported seeing fraudulent accounts impersonating them online.

Whatever the impersonator’s intent, there are obvious risks posed when an unauthorised person (or even a potentially malicious stranger) assumes your identity online. I encourage you to be vigilant about this – search your firm’s name and your own name periodically for potential impersonators. You can even quickly scan for unauthorised use of your own image or your firm’s logo: Google has published a useful article on how to do this.

If you find an impersonator, no matter how trivial the content, you should act. Social media networks have established quick procedures to report impersonation, while several legal tools are available for protecting your intellectual property and taking down imposter websites.

We are here to help

If you are a victim of a cyberattack, please contact the Cybersecurity team at cybersecurity@LawSociety.ie and a member of staff will contact you to provide any assistance possible.