I took a long walk through my neighborhood over the weekend. Many of my neighbors still have Halloween decorations on their lawns. I saw fake spider webs, witches, ghosts, tombstones and signs posted warning passersby of vampires, mummies and goblins.
Indeed, this time of year, we celebrate all things scary. It seems fitting, then, that I would have my own scary encounter at work last week.
My firm’s website allows people to inquire about our firm and services via email. I received an email from a gentleman who needed a local collections attorney.
My first reaction in reading his email was that the phrasing and word usage were odd. But I had received equally odd emails from clients whom I know well.
So I did a Google search of the company information provided. Google confirmed that the name, address and phone number all linked. Still not feeling quite at ease with the email, I called the phone number. It had been disconnected.
Two other attorneys received the same email and one was savvy enough to determine that the IP address derived from Africa. Someone out there in the cyber universe was on a scamming expedition, and it seemed Bodie, Dolina, Smith & Hobbs was on the potential target list.
As the three of us discussed the matter, I dismissed the email.
“What is he going to get, my phone number and address? He already has that,” I said. “I’m not stupid enough to fall for any scam.”
After all, I am an attorney!
Then one of my colleagues filled me in on just what could have happened, and I realized that I could have very easily fallen victim to such a scheme, particularly because I handle most of the firm’s collections matters.
The scam works like this: An individual contacts a lawyer and says that he is out-of-state and needs a collections attorney for a defendant in the local area. Unbeknownst to the lawyer, the defendant is fake and the contact information is fake.
The lawyer sends a demand letter to the fake defendant, who in turn contacts the lawyer and says they want to settle the case. The defendant sends the lawyer a check. The attorney deposits the check and sends the new client its share of the funds collected.
Thirty days later, the bank realizes it has a bad check and the “client” is nowhere to be found. Guess who is on the hook?
This scheme also works when a defendant or new client sends a check for too much money and the attorney then issues a refund, or when a new client retains the attorney, sends a check for the retainer fee, then promptly decides to drop the matter and asks for reimbursement for the balance of the retainer.
Even counterfeit cashier’s checks have become so sophisticated that the issuing bank may accept them at first.
While the schemes have become increasingly sophisticated, there are simple ways in which we can protect ourselves:
- Trust your gut. If something feels “off,” it probably is off. Look out for general phrases like, “in your local area,” “in your region,” and “in your city.” Scammers will likely use a general template and send it out all over the country.
- Look at the IP Address. An Internet search may reveal the origin. If the email originated elsewhere than what is written in the email, you may be dealing with a scammer.
- Do an Internet search of the information provided.
- Call the phone number on the email or as found in the Internet search. Try to speak to a live person about the matter.
- If you email or talk with a potential new client, try to get as much information as possible, ask for documents, ask for a signed retainer agreement and retainer fee, etc.
- Look out for potential clients who will not speak with you on the phone and who only sporadically return your emails.
My eyes were certainly opened through this experience, and it is scary to think about how easily we could be victims to a scam, particularly in this era of websites and Internet advertisements. It is fairly common for a lawyer to represent a client whom she has never met in person or an out-of-state company.
It seems a wise practice to make sure that everyone in your office is aware of the warning signs of a scam. You might also consider implementing office-wide policies that will help protect your business from fraud, particularly when the identity of the maker of a check and authenticity of the check itself have not yet been satisfactorily confirmed.