Having received a very genuine-looking email apparently from another Law firm this week, I decided to check the firm’s phone number online and give them a call. Sadly the firm’s email address had been spoofed.
You’ve probably had this happen too? If you’ve received mail and wonder if it is genuine, you may be able to hover your mouse over the email address and see that the purported sender is not the one who really sent it. Another way to check authenticity when the email is supposed to come from a firm of solicitors, is a handy list of Scam Alerts on the SRA website. If it’s not there, you might want to give the firm a call (getting the number from the internet, not from within the email!) to let them know.
It’s tricky to prevent your address being spoofed. The first you may know about it is a number of bounced emails in your inbox or a call from a friendly solicitor with less-than-ideal news. In which case, if you tell the SRA about the issue, they can add your firm to the list and this will at least help with damage limitation.
4 thoughts on “Scam emails – has a lawyer’s address been spoofed?”
Thanks for this, Karen. By coincidence, I am just reviewing file opening processes and what to say to clients about emails and bank details. When you say, the first you may know is bounced emails in your inbox, can you explain what you meant? Regards David
As I understand it, the spoofed email inbox receives lots of “this mail is undeliverable” messages. This happens even when your email account has not been hacked, as the spoofer makes the “return to sender” address your email address that they are spoofing. So, when a message goes out to loads of addresses, some will bounce back as undeliverable and those “undelivered receipts” pop up in your mailbox, alerting you to the issue.
The key difference being;
– has my account been hacked, with emails actually being sent from my account and I need to change my password and look at a security issue or
– is my address just being spoofed and I am getting the return mail diverted to my account?
This site explains it better than I do! https://itservices.uchicago.edu/news/why-am-i-receiving-email-bounce-back-messages
Interesting; I have not come across that before. Thank you.
LikeLiked by 1 person
A new scam has been reported in the Gazette “The SRA said some of the emails relate to a property sale and are sent from a ‘Margaret’ or ‘Mary Smollins’. The email firstname.lastname@example.org has been used to send rogue messages.”