Is “phishing” running rampant throughout the legal community? A few weeks ago, Professor Charles Nesson of Harvard Law School fell victim to a phishing scam. As the HLS Help Desk helpfully explained at the time, “Phishing emails are fraudulent email messages claiming to be from a legitimate source that ask you to send confidential information such as username, password, date of birth, etc.”
The latest high-profile victim of a phishing attack is a leading law firm, WilmerHale. A mass email is going around, purportedly from “Brian Willmer” of “Willmer Hale,” regarding an alleged subpoena. The email is a fraud; as far as we know, there is no “Brian Willmer” of “Willmer Hale.” It contains a link that you definitely do not want to click on.
Let’s look at the fake email — and the very real response, from the managing partners of WilmerHale….
One recipient of the “Brian Willmer” email forwarded it to us, with this context:
Long-time reader, first-time tipper (ha, ha). Thought I’d pass on the below email which appears to be an attempt by someone to “phish” (or something like that) using WilmerHale as the foil. This may require a really slow news day to be interesting, but I thought maybe you could do something with it. I found the use of the name “Brian Willmer” – obviously the Firm founder – to be amusing.
Today is a little slow. (And we also want to write about this so that people will know there’s no need to keep sending additional copies of the email to us.)
Here’s the email. Although WilmerHale is misspelled as “Willmer Hale” at the end of the email, it’s spelled correctly elsewhere in the message. In addition, the sending address is disguised as a wilmerhale.com address.
There’s a link in the email. Note that we have NOT made that link an active link. You should not click on it, unless you want bad things to happen to your computer.
From: Brian Willmer – Wilmer Hale Law [mailto:firstname.lastname@example.org]
Sent: Wednesday, January 05, 2011 11:51 AM
Subject: Commercial Litigation Subpoena
Trough this document we hereby inform you of the Litigation process started by Browns Media Marketing LLC against the company you represent.
You are required to produce the originals of all documents and other items which are responsive, in whole or in part, to any description set forth in this “Subpoena Schedule,” regardless of where located, that are in your possession, custody, or control, or in the possession, custody or control of any of your partners, associates, employees, agents, representatives, accountants, or attorneys, along with all copies of any such document which differ from the original by virtue of any addition, deletion, alteration, notation, or inscription on any part of the document, including its back.
The complete list of the required documents can be found at:
as well as the number of the complaint against your company placed for copyright infringement on 12.21.2010 by the legal representative of Browns Media Marketing LLC. Failure to produce and present the requested documents can display in fines dictated by the court.
Willmer Hale Law
Most recipients probably didn’t fall for this. As another reader who forwarded the email to us asked: “People are fooled by Brian Wilmer?”
Still, not everyone out there is tech-savvy and aware of the dangers of “phishing” (apparently Professor Nesson wasn’t). So the two managing partners of the real WilmerHale, William Lee and William Perlstein, sent out the following message to clients and contacts of the firm:
January 5, 2011
Dear Clients and Contacts of the Firm,
We are aware that many Firm clients and contacts have received an email message purportedly sent from “Brian Willmer of Willmer Hale Law” with the subject line “Commercial Litigation Subpoena”. This email message does not originate from WilmerHale. It encourages individuals to click on a link to review requirements for responding to a subpoena. Please delete the message and avoid clicking on any links contained within the message. There is no one named “Brian Willmer” who works at our Firm. We are attempting to trace the origin of these messages and stop them if possible. We apologize for any inconvenience this may have caused.
So if you receive an email from “Willmer Hale” about documents responsive to a subpoena, please ignore it.
And if you receive an email from “WilmerHale” about documents responsive to a subpoena, maybe ignore it too — and then claim you thought it was a scam. Opposing counsel of WH, today may be your lucky day.