The Risk Manager, Fall 2012

Now that virtually every law practice has a website, the alert we provided in our Summer 2011 newsletter about fake law firm websites is even more pertinent. The scam described in that article concerned copycat websites “in which the scammers use photos from a firm’s website along with most of the rest of the website to set up a website for a seemingly reputable law firm. One way the plagiarized website is used is to entice lawyers into believing that a counterfeit certified check that the fake firm has sent them for assistance with closing a real estate deal for a foreign client is valid. The deal, of course, falls through and the fake firm then requests a refund. If the lawyer pays the refund before realizing that the certified check is counterfeit, he has been scammed with no recourse.”

In New York the Gioconda Law Group discovered that a scammer gained access to firm e-mail using a typosquatter website with the domain name of – close enough to the firm’s website address to lure typographical error contacts meant for Gioconda. The scam was discovered by the firm’s risk management procedure of routinely reviewing its domain name for encroachment. The firm determined that something was amiss by sending registered e-mail using the typosqautter address to people at Gioconda that was not returned as undeliverable. Gioconda has since filed suit against the typosquatter.

With copycat and typosquatter websites along with hackers threatening law firm cyber security, it is vital that law firms have risk management programs for protecting firm websites and data. The program should also include a procedure for complying with the computer related technical requirements of the increasing number of government regulations covering such issues as unauthorized practice, advertising, lobbying, and money laundering.

Source: ABA Journal, Legal Technology, 6/25/2012, “Law Firm Sues Over Doppelganger Domain Name, Says Infringing Website is Intercepting Attorney Email.”