In today's litigious society, almost anyone could be sued, and that's what makes a pernicious malware scam so effective. In an email that appears to bear the logo of a law firm, victims are told that they're being summoned to court and that their failure to appear would cause the case to be heard without them -- possibly resulting in a default judgment.
The catch: To find out who is suing, as well as the date and time of the hearing, you're supposed to click on an attached "notice." If you do, you'll see what appears to be a court document -- which is phony -- on your screen. But what you won't see is that the "exe" file you just opened is also slipping some nasty malware onto your computer.
According to Snopes.com, the main virus included in this bogus court document will cause your computer to flash security warnings, urging you to download fake security software. Do that and you'll expose yourself to even worse malware, including one that ferrets out your online passwords and another that's designed to hide the virus from your real security software.
This particular scam has been around for more than a year and has hit victims in the United Kingdom, as well as in the U.S. The Better Business Bureau says it's now making another round, threatening new victims.
But how do you know the summons is fake? Courts don't send summons via email. (Knowing this should also help you avoid a similar email scam that purports to admonish you for not showing up for jury duty.)
If you're really being called to court, you''ll get a notice via the U.S. Postal Service or through a process server. Real court officials won't call you on the phone, either. So if you're being summoned by these suspicious means, you can be sure it's a scam.
You're still not certain? Try doing a Google search on the law firm in the notice and call them up. (Don't call any number appearing in the letter -- you're liable get a fraudster on the phone, who will use further scare tactics to get you to cave in.)
Its unlikely that you'd find such a firm with a phone number and address on the web because crooks don't want to have brick-and-mortar locations where the cops can find them. But if the scammers used the name of a real law office, you can call or write the firm to ask whether they have a lawsuit with your name on it. They won't. But in the one-in-a-million chance that you are involved in a suit, law firms will send it to you by mail.
It's worth mentioning that crooks hate sending stuff in the mail because the U.S. Postal Service has a very effective law enforcement agency in the Postal Inspectors Office. If you've got the address of someone who sent a fraudulent solicitation, you can call them and they're likely to quickly shut the operation down. The agency also has a handy online tool for finding your nearest local Postal Inspector's office.