top of page
Search

Beware of legal template websites installing malware

  • cypac1
  • Apr 4
  • 2 min read

law firm scam

Happy Friday

The bad guys are at it again. This time they're targeting attorneys or anyone looking for legal aid in the form of templates. Law firms are a popular with cyber criminals because of how much sensitive data they handle for potentially high profile clients. Attackers can leverage stolen data for ransom, use compromised passwords for identity theft or repeat their attacks onto another target.


Gootloader made headlines this week when a security researcher posted on X how their malicious process worked. For example, if you search Google for "nondisclosure agreement template," you could encounter an ad from lawliner[.]com, a malicious site. Click the link and you'll get a big button to "get the document." Next step is to enter your email address. Lastly, you'll get an email with an infected file in your inbox. Open that file and it's coffins for your computer.


The Takeaway Legal templates have been around a long time, which is why these scams are so successful it's familiar territory. If you're going to a website promising to email you a document, for starters - don't give them your real email address.


There are several disposable email providers you can use. What's a disposable email service? So glad you asked!

Disposable email services provide temporary email addresses that self-destruct after a short period or specific use. These services are useful for situations where you need to register for a website, access gated content, or complete a one-time transaction without exposing your personal or work email address to spam or unwanted communications. By using a disposable email, you can maintain privacy, reduce inbox clutter, and safeguard your primary email from being sold or misused by third parties.


Here are my top 3 picks:





Hope that helps keep your inbox from getting flooded with needless ads and messages from scammers.


Stay safe out there.

-Attila PS. f you want to hear more about scams and other IT security topics, all for free, check out our Cyber Secured Podcast series on Apple Podcasts, Spotify, YouTube Podcasts or any other place you listen to podcasts (we're on all of them).


 

New - the Positivity Box


Tired of hearing about negative, fearful and disturbing cybersecurity news? Me too. You may be surprised to learn that good things happen in IT security. Let's celebrate them!


Kidflix, one of the largest platforms used to host, share, and stream child sexual abuse material (CSAM) on the dark web, was shut down last month. Dubbed Operation Stream, since 2022 it has so far led to 79 arrests, 1,393 suspects identified, and over 3,000 electronic devices seized between March 10 and March 23, 2025. The joint operation involved Europol, the Bavarian police force and German law enforcement. It's good to hear that these criminals are being put behind bars.



 

And of course... the Friday Funnies!

 

Why don't sharks bite attorneys ?


Professional courtesy.


A lawyer gets arrested...


Lawyer: “I won’t say anything without my lawyer present.”


Officer: “But sir, you are the lawyer...”


Lawyer: “Exactly, where’s my present?”



 
 
 

Comments

bottom of page