What is social phishing and do you know how to protect your law firm from it?

Posted by Sharon Bowles on May 21, 2018 8:46:00 AM

In legal marketing, personal injury

Social phishing is becoming more frequent. Do you know what it is and how to protect your law firm, your followers and your clients from this potentially devastating scamming method? In this article we will talk about what it is and how you can protect your businesses.

What is phishing?

Phishing is an illegal internet activity where scammers target users and businesses in an attempt to fraudulently acquire sensitive information through impersonation. For businesses, attackers will copy their logo; create a similar URL; or do something else that will make a visitor to a site think they are legitimate.

Social phishing is when attackers perform the same activities on social media sites. It’s becoming more frequent because 81% of people in the U.S. use one or more social media platforms. A 2017 phishing report by RiskIQ revealed a 100% increase in phishing via social media from the third to the fourth quarter of the year.

How to protect your followers, clients, brand and your social media platforms

The importance of protecting the identity and other sensitive information of your clients, followers and your brand identity cannot be overstated. The following are ways you can protect all of the above from unscrupulous hackers.

  • Monitor your brand through Google Alerts. Google Alerts is a great tool for tracking a word or phrase online. It is free and very easy to set up. Once you input what you want to be alerted to, Google will send you an email pertaining to the information showing the mentions. You can then see who is talking about you and in what context. You can see if the mention pertains to a follower, a review or a phisher

Mention and Hootsuite are two tools that specifically monitor social media platforms for a fee.

  • Use HTTPS for privacy: When you see HTTPS in the browser bar, it means that traffic to and from a site is encrypted. This means that only people who are associated with that website can read it. Enabling HTTPS will add a layer of security for you and your visitors by keeping all communication and browsing activity private.

What to do if you discover a phisher?

It’s important to know what to do if you discover a phisher. Should you find a phisher impersonating your law firm or brand, there are ways to protect your clients, followers and business.

  • Remember, phishing is illegal and considered fraudulent. Contact the FBI Internet Crime Complaint Center if you discover or suspect you are a victim of phishing.
  • In addition to contacting the authorities, you should also contact any social media platform personnel. All of the major platforms offer support for closing accounts that are impersonating your brand or business. Here are the support links for the most popular social media platforms.








You will need to be vigilant about checking your website and social media platforms for phishing. This means setting aside time each week to do this. You should also educate your staff about how to recognize social phishing and have a firm-wide protocol as to what should be done in the event phishing is discovered.

If you have any questions or concerns about phishing, give us a call. We know a fake when we see one and can help you protect your reputation, your clients and your law firm from unscrupulous attacks.

Group Matrix Blog – May 21, 2018 – by Sharon Bowles