TALLAHASSEE – Attorneys in Florida have become victims of spam emails with malicious malware incorporated. The spam emails were meant to look like they came from The Florida Bar, which the attorneys are members, using the @flabar.org email address.
The spam emails claimed that the receiving attorneys had a complaint filed against them and were signed by the president-elect from The Florida Bar or they were telling the member that they were past due in their membership fees.
The Florida Bar is warning members to be on the lookout for these suspicious emails and to not open them. Francine Andia Walker, director of public information and bar services at The Florida Bar told the Florida Record, “We believe that our website was scrapped because all our members and their profiles are on The Florida Bar webpage.” Or, Walker added, “someone could have requested the information as public record.”
“When this started happening, we started seeing these emails that were reported to us by our members. I checked to see how many public requests for had been made for membership data and about the third week of May there were already 53. Individuals that request public information records from us do not have to tell us how they are going to use it.”
“We’re certain that our servers weren’t compromised,” said Walker. “It didn’t go through The Florida Bar. No one hacked into our email system and sent it. They just made up email addresses and made it look like it was coming from The Florida Bar. There’s absolutely nothing we could do but inform our members and give them alerts to watch out.”
The Florida Bar has taken action by setting up an abuse email address at firstname.lastname@example.org for attorneys that have received spam emails from the association. It has also sent alerts to its members about each fraudulent email.
Steps to prevent being attacked by the malware in these emails have also been circulated by The Florida Bar, containing warnings about opening emails that contain generic salutations, are from a suspicious email address, contain suspicious attachments or links, have grammatical errors or create a sense of urgency.
“Individuals can prevent it by putting malware software on their systems and taking precautions about opening things,” said Walker. “The very large law firms that are national and international probably have very good malware installed. But, perhaps some of the solo practices don’t because it’s just something they (didn't) realize they needed.”
Of the 103,000 members of The Florida Bar, Walker said, about three dozen reports of spam emails have been made. The spam emails are also occurring in California and Georgia as reported by the American Bar Association. The emails have been reported to the FBI for investigation.
“The Florida Bar, unfortunately, can’t do anything for the lawyers that receive the malware,” said Walker. “They have to take care of it via their own system. It’s frustrating for us. All we can do is educate.”