Family Law Articles & Resources | Shulman & Partners

How to Avoid a Family Phishing Tragedy

Written by Axis Geffen | Oct 18, 2022 5:05:39 PM

We've all heard of "hackers" and the "dark net." But while we are familiar with the Nigerian Prince that lost his wallet and just needs a little help to restore his kingdom, we often overlook the less obvious scammers: hackers and online predators. These are the scammers that are hiding in plain sight. They are counting on us to not notice details such as an error in a website or email address.

Cybercrimes such as phishing can happen anywhere, including in your family law matter. So, how can you avoid a family phishing tragedy? Keep reading to find out.

What is Phishing?

Phishing is a cyber-security term that relates to a financial crime. It is when an unsuspecting person receives an email from someone that, at first glance, they think they know. By pretending to be a person or a company that you trust, the scammer attempts to get protected information from you. They may impersonate a friend, a family member, or they may even pretend to be your law firm.

Phishing comes in many forms and can be really obvious or extremely hard to detect. Often these scams target groups of people and are generic. However, occasionally they are designed specifically for you and can be very convincing.

The Government of Canada has an informative post that you can refer to for definitions of Phishing, similar attacks, and general information on how to avoid them.

Phishing & Family Law:

First of all, NEVER respond to emails that you don't expect to receive. When you reach out to a law firm, they will collect important information. They will then tell you to expect a confirmation email, or else a link to their cloud-based network. Therefore, there are no surprise emails.

If you receive an email from your legal team that you aren't expecting, don't respond! WHEN IN DOUBT, CALL YOUR LEGAL TEAM TO CONFIRM. I can't stress this enough, email is convenient until it isn't. Take a minute to call your legal team and make sure that you are sending your information to the correct parties.

Practicing Email Security:

Practice the following tips when you receive an email from your legal team.

Look closely at the email without clicking any links, opening any attachments, or replying.

  • Does the return email address say it's coming from the correct company?
    This can be tricky because a criminal can be sneaky. They may change just one letter or number in the website or person's name to redirect the email away from the intended party.
  • Does the name structure match the other emails you receive from his company?
    For example, bob.jones@lawfirm.ca versus bobjones@lawfirm.ca versus bob@lawfirm.ca versus xxxxx@lawf1rm.ca are all different variations. Companies tend to be very uniform in their structure - make sure the address makes sense!
  • Are there any weird characters or letters in the Subject Line or email address?
    I get a kick out of emails that don't look like everything else in my mailbox, but I get them almost every day and they are all fake. They tend to look like this, "Happy News For You Today." Yes, seriously I get these all the time and I instantly delete them - you should too!

Next, look closely at the subject line and then the body of the message.

  • Are there spelling mistakes?
    Okay, everybody is entitled to an off day and I get that, on occasion, your lawyer might forget the "t" in "the." But generally speaking, you're paying this professional person to represent you in your matter. They know how to spell. Too many errors might be a red flag.
  • Is the grammar logical?
    Again, the world isn't created equal. Some legal professionals will have a syntax that is not perfect English. English may be a second or even third language to them. But if the message doesn't look right - ask questions (by phone or in person! - Not by replying to the email!!)
  • Is the thing you're being asked for, something you have talked with your lawyer about and you are expecting them to ask for?
    Lawyers and legal teams ask for a variety of information and this can be simple or very complex. But if you are doubting that the request is legitimate, CALL YOUR LEGAL TEAM AND ASK THEM!!

Now, look at the Signature Area of the email.

  • Is the Signature a professional-looking sign-off that matches what you usually get from your legal team?
    Most people don't bother to look at the signature panel of the message, but it can be the fastest indicator that an email is fraudulent. Do the logos make sense? Are there indications of awards? Do the award notices look crisp and clean, or fuzzy like they were copied poorly? These are all red flags that matter.
  • How is the person signing off?
    Does your lawyer normally say, "Thanks for your business" or maybe "Expressly yours,"? It makes a difference. Legal firms tend to create a standard signature, and while it can change, pay attention to if the tone or emotion behind it changes.

If the email has passed all of those tests, now, let's look at any links in the email.

  • Does the link look legitimate for what the person is telling you?
    It can be really hard to decipher some of the links that people send us. But if your legal team says we've sent you a Google Drive link and the link doesn't say Google Drive, you might want to call your and confirm the link is correct before uploading the last 10 years of legal documents and pictures of all of your property and family.

At the end of the day, all the common sense in the world can still be fooled by the right combination of a convincing email or website. The best advice is to frequently practice looking for the triggers above, read the article in the link, and please, CALL IF YOU AREN'T SURE!