NOTICE: This is an archived press release. Information contained on this page may be outdated. Please refer to our latest press releases for up-to-date information.

Post date: November 30 2016

A.G. Schneiderman Issues Alert On Phishing Scam Targeting New York Attorneys

News from Attorney General Eric T. Schneiderman

November 30, 2016

New York City Press Office / 212-416-8060
Albany Press Office / 518-473-5525
Twitter: @AGSchneiderman  


NEW YORK — Attorney General Eric T. Schneiderman today issued a consumer alert following recent reports that hackers are targeting attorneys in New York pretending to be representatives of his office.  Attorneys are receiving email claiming that their business was subject of a complaint for which they have 10 days to respond.  The email includes a hyperlink to the “complaint” but in reality it links to a website that installs malicious software on the person’s computer.

An example of the email is below. If you receive this email, do not click on the link and delete it immediately.    

---------- Forwarded message ----------

From: The Office of The State Attorney <>
Date: Wed, Nov 30, 2016 at 10:37 AM
Subject: The Office of The State Attorney Complaint
To: Bar Member

Dear Bar Member:

A complaint has been filed against your Business.

Enclosed is a copy of the complaint which requires your response. You have 10 days to file a rebuttal if you so desire.

You may view the complaint at the link below.


Rebuttals should not exceed 15 pages and may refer to any additional documents or exhibits that are available on request.

The Office of The State Attorney cannot render legal advice nor can The Office of The State Attorney represent individuals or intervene on their behalf in any civil or criminal matter.

Please review the enclosed complaint. If filing a rebuttal please do so during the specified time frame.


The Office of The State Attorney

Attorney General Schneiderman issues the following additional tips when handling suspicious email:   

  1. Use Caution When Opening Email: It is better to err on the side of caution and not open any email, and in particular clicking on a hyperlink in the email, that you do not recognize. Unless you are confident that a particular message is legitimate, assume it is not. You should never provide personal information via email to anyone and you should not reply directly to the email in question.
  1. Call the Sender: Instead of opening the suspicious email, you may simply delete the email and call the sender. Call the purported senders customer service number and explain what the email stated to verify its authenticity.
  1. Use the latest Anti-Virus software: You should have the latest anti-virus software updated with the latest virus definitions running on your computer at all times. Additionally, the latest generation web browsers have additional protections including against phishing attacks. These browsers will analyze web sites and compare them against known or suspected phishing sites and warn you if the site you are visiting may be malicious or illegitimate. 
  1. Report Suspicious Activity: If you receive emails that are part of a phishing scam or even seem suspicious you should report them. Report suspicious e-mails to your ISP, well-known spam filters and the Federal Trade Commission (FTC) at