Skip to content

October 9, 2013

Don’t Be Caught By Recent IOLTA Account Phishing Scams

by contributor
Alert!
Learn more about a recent phishing scam targeting legal professionals and what to if you suspect you’re a victim.

Alert!The District of Columbia Bar intercepted and blocked emails to their bar members purporting to be from Citibank. These emails claimed that there were insufficient funds to cover a check written on their IOLTA accounts. There was an .zip file attachment that claimed to have more information and likely contained malware. The messages bearing forged service@citibank.com return addresses were sent from several different email servers internationally and it is probable this is part of a larger phishing attack targeted at legal professionals.

If you receive an email like this one, do not open any attachments. If you are not sure of the validity of the email, call the purported sender directly through an official channel (e.g. getting their phone number online) to verify the information. Tell them that you may have received a phishing scam using their information. Forward the message to the financial institution it is claiming to be. Then delete it.

Another version of this scam is to have a link embedded in the email and a reason you should be entering confidential information at the end of that link. Do not click on the link and delete the email.

Think before you comply with an emailed request or instruction. Does this make sense? Does something feel wrong? Ask before you click. If you do fall victim to a phishing scam like this one, contact your financial institution to start a claim immediately.

Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments