Law firm scam emails can be surprisingly sophisticated, often exploiting the trust and formality associated with legal professionals. Here are the most common types.
Fake Email Scams
What it looks like:
A “client” reaches out to the law firm via their websites contact form, direct email or other social media platform claiming they need legal representation for:
1. sales agreement prepared and closing handled please get back to me for more details.
2. enforcing the terms of a severance agreement with my former employer.
3. I have a breach of contract issue and would like you to represent me. Please confirm you handle such cases.
EXAMPLE
From: John ****** gmail.com>
Phone: 551*******
Message Body:
- I’d like a sales agreement prepared and closing handled please get back to me for more details.
- Message Body: I have a business law matter I need assistance with, I was recommended to your firm by the bar association. Kindly confirm if you are available to handle such matters. Thank you,
These are classic scam email templates often used to bait law firms into engagement, usually as part of a fraudulent check scam or phishing attempt.
Below are examples that match your three cases, with breakdowns of the red flags you should watch out for:
________________________________________
Phishing Emails Posing as Law Firms
What it looks like:
You receive an email that appears to be from a legitimate law firm threatening legal action or offering partnership.
Red flags:
• Suspicious sender address (e.g., “gmail.com” instead of a firm domain)
• Vague threats of lawsuits or court appearances
• Attachments or links (often containing malware)
Goal: Steal sensitive information or install malware via attachments or links.
________________________________________
Sales Agreement & Closing – Real Estate or Business Sale Scam
Subject: Legal Assistance Needed for Sales Agreement
Email Example:
Dear Counsel,
I am seeking legal assistance with a sales agreement I recently executed with a buyer in your area. The sales agreement has been prepared, and closing is being handled.
Kindly confirm your availability to represent me in this matter and I will provide all necessary documentation.
Regards,
Daniel Ko
[sometimes a generic name or fake company]
Red Flags:
• Vague reference to “sales agreement” or “closing” with no details.
• Often from a free email domain (e.g., @outlook.com or @gmail.com)
• The scam usually escalates by sending a forged check for “closing funds” that bounce later.
________________________________________
Severance Agreement Enforcement – Fake Employment Dispute
Subject: Enforcement of Severance Terms – Urgent Assistance Needed
Email Example:
Hello,
I am writing to inquire whether your firm can assist me with enforcing the terms of a severance agreement signed with my former employer. They have failed to meet the agreed financial obligations.
If you handle employment matters, I would appreciate your help. I can forward the severance agreement and other supporting documents.
Thank you in advance.
Best regards,
Michelle Kwong
Red Flags:
• No employer name, location, or dates provided.
• Next step usually involves a forged payment from the “employer” to be deposited and disbursed.
• Often sent to multiple firms at once (mass targeting)
________________________________________
Breach of Contract Request – Generic Legal Inquiry Scam
Subject: Legal Representation for Breach of Contract
Email Example:
Dear Attorney,
I have a breach of contract issue and would like you to represent me in this matter. The other party has failed to meet their contractual obligations, and I seek legal redress.
Please confirm if you handle such cases so I can send you more details.
Sincerely,
Steven Yamamoto
(Fake company name, sometimes a vague reference to “Canada” or “Japan”)
Red Flags:
• No mention of specific contract, parties, or location
• Designed to sound credible but lacks verifiable details.
• Follow-up typically involves a forged payment to “settle” the matter.
________________________________________
How to Spot These Scams Instantly
• Search exact email phrases in Google — many of these are reused across scams
• Hover over email addresses to catch mismatches (e.g., display name looks legit, but address isn’t)
• Ask specific follow-up questions — scammers will dodge or give generic answers
• Never deposit third-party checks on behalf of new “clients” without full verification
Red flags:
• Overly urgent tone
• Use of foreign names or companies
• Request for the firm to receive and disburse large sums of money
Goal: Trick the firm into wiring funds from a fraudulent check before the check bounces.
________________________________________
Fake Invoice Scams
What it looks like:
A law firm (real or fake) sends an invoice claiming unpaid fees for services you never received.
Red flags:
• You’ve never engaged with the firm
• No clear description of services
• Pressure to pay quickly
Goal: Trick you into paying a fake bill.
________________________________________
Spoofed Law Firm Emails
What it looks like:
An email looks like it came from a real attorney you know, often including their name, logo, or email signature.
Red flags:
• Slight misspelling in email address (e.g., “@lawfirmm.com”)
• Unusual requests (e.g., wire transfer, login to a shared doc)
• Poor grammar despite a professional look
Goal: Social engineering — to gain access to systems or funds.
________________________________________
Compromised Trust Account Scams
What it looks like:
Hackers who’ve breached a law firm’s email system send messages asking clients to wire funds to new “trust account” details.
Red flags:
• Sudden change in payment instructions
• Vague or impersonal language
• Time pressure
Goal: Divert real payments into scammer accounts.
________________________________________
Tips to Stay Safe:
• Verify email addresses and domains carefully
• Call to confirm payment requests or legal threats
• Use multi-factor authentication for your firm’s systems
• Educate your team regularly on phishing tactics
________________________________________
How and where to report all types of email scams, spoofing or other.
Anti-Phishing & Cybercrime Reporting Centers
FBI Internet Crime Complaint Center (IC3)
• Website: ic3.gov
• Purpose: For any internet-related fraud, including phishing, spoofed emails, and business email compromise (BEC).
• Law firms should file here if financial loss occurred or sensitive data was compromised.
________________________________________
Federal Trade Commission (FTC)
• Website: ReportFraud.ftc.gov
• Purpose: General fraud and scam email reporting, especially if the scam targets U.S. consumers or businesses.
________________________________________
Anti-Phishing Working Group (APWG)
• Email: reportphishing@apwg.org
• Purpose: Report phishing emails by forwarding them directly. APWG compiles phishing data for cybersecurity firms and law enforcement.
________________________________________
Email Provider-Specific Reporting
If the scam email came from a free email service, report it to the provider directly:
Provider Reporting Email
Gmail / Google phishing@google.com
Outlook / Hotmail report_spam@hotmail.com or use “Report Phishing” in webmail
Yahoo phishing@cc.yahoo-inc.com
________________________________________
Legal Industry-Specific
ABA Cybersecurity Legal Task Force
• Website: americanbar.org/groups/cybersecurity/
• Purpose: While not for direct reporting, they offer resources, alerts, and best practices specific to law firms.
Your State or Country’s Bar Association
• Many state bar associations have ethics hotlines or cybersecurity task forces. Reporting there can also help alert local attorneys.
________________________________________
Domain Spoofing or Impersonation
If someone is spoofing your law firm’s domain (e.g., fake email from “@yourfirm.com”):
• Contact your domain registrar to add or strengthen SPF, DKIM, and DMARC records
• Use abuse reporting tools like AbuseIPDB if you find the IP origin of spoofed emails
Responsive Web Design & Mobile Friendly FAQs