A recent phishing campaign appears to be specifically targeting clients associated with legal technology consulting and development firms.
The fraudulent email, which falsely claims to originate from the California-based company Legal Soft Solutions, informs recipients that a payment failed to process and requires them to update their payment method immediately.
Several characteristics indicate the email is a scam. A significant red flag is the email’s reference to an order placed through Amazon, a highly improbable scenario for the purchase of legal technology consulting services.
The scam is sophisticated in that the email address used appears to spoof a legitimate marketing email address utilized by Legal Soft Solutions. This technique is commonly employed in phishing schemes to establish a false sense of credibility.
Upon initial investigation, attempting to follow the link in the email, labeled “Update your payment method,” triggers a standard web browser security warning. For instance, the Chrome browser blocked the page from loading, issuing an alert that the site was deceptive and could attempt to trick the user into divulging personal information.
Should a user elect to bypass the security warning, they are taken to a fraudulent login page requesting an email address and password. After inputting dummy credentials, the user is redirected to a spoofed Amazon page with a Uniform Resource Locator (URL) entirely unrelated to either Legal Soft Solutions or Amazon. This page then typically displays a pop-up prompt demanding the user update their personal information, often threatening account access restrictions until the update is complete.
Legal Soft Solutions has confirmed its awareness of the scam, noting the high volume of calls and emails received from concerned parties. The company has publicly stated that it has no connection to the fraudulent emails and that no breach of its internal mailing list has occurred. Furthermore, Legal Soft Solutions has taken steps to notify law enforcement authorities regarding the malicious activity.
Key Takeaways for Recipients:
Users must exercise caution whenever an email contains suspicious elements or requests urgent action. It is essential to closely inspect the sender’s address and the overall appearance of the message. Furthermore, recipients should scrutinize the full URL of any link provided. Sophisticated scammers often create deceptive URLs by altering only one or two characters from a genuine address.
