Solicitor firms are being targeted by scammers who want to infiltrate IT systems.
Firms have been sent emails saying their services are required. After the firms respond, the scammers send attachments or links to websites.
These attachments and links might contain malware, which allows the scammers to control or undermine IT systems. Some of the emails relate to the sale of a property or the purchase of a business.
The emails seen by the SRA have been sent from “Margaret” and “Mary Smollins”, from the email address, “firstname.lastname@example.org”.
While genuine potential clients might indeed send information in this way, law firms should be wary of the risks of malware infecting their IT systems, and take action appropriate to their business. Nearly 500 firms have been contacted this way.
The SRA has warned about this in its Risk Outlook and associated papers. and cybercrime remains a priority risk for law firms.
Further information, including on malware, is available here: