A lawyer’s guide to surviving a website attack

Burges Salmon having seen its site cloned by a bogus firm – Owen & Harvey Solicitors – using the names, images and details of a number of genuine solicitors and other content owned by the firm. As such, we’re well placed to explain some key actions businesses can take.

What was different about this attack? 

Website cloning is becoming increasingly common and it is an issue we find ourselves assisting clients with more and more. The Owen & Harvey scam was different to the types of scam we usually see because the bogus firm not only used our website content almost in its entirety, but used our registration number, SRA number and VAT number in an attempt to hold itself out as a genuine, regulated firm.  

Owen & Harvey also used the photographs and profiles of a number of our solicitors. In some cases, the solicitor’s real name was changed to a fake one, but all other details about them remained the same. 

Read more on cyber crime:

Facing a website attack? Top tips to help you shut down a bogus site

(1) If you are a regulated body and your registration details have been used, notify the regulator (e.g. the SRA or FSA). Similarly, notify Companies House and HMRC if your company number and VAT number are being used. The SRA and FSA should respond quickly and will usually publish a scam alert on their websites.

(2) Post a scam alert on your own website. This doesn’t have to be searchable on your business’s website if preferred, but it should be searchable in Google or other search engines. 

(3) Ensure both the SRA’s and your own scam alerts rank at the top of Google search results so they appear above the bogus website.

(4) Conduct a free “WHOIS” search to identify the owner of the domain name that the scam website is operating from (although do not be surprised if the domain owner has anonymised their details using a privacy protection service – it is common for scammers to do this).

(5) If details are available, send a “cease and desist” letter to the scammer using the contact email address provided on the website, and also the contact email address provided for the website’s domain name. The chances of receiving a response are slim, but sometimes it does prompt the scammer to take down the website of their own accord.

(6) Whether you write to the scammer directly or not, lodge a complaint or “takedown” request with the website’s internet service provider (ISP) as this is usually the most effective way to get the website taken down.

a – In order to identify the ISP, review the WHOIS search results for the domain name – he ISP might not be named, but the IP address should be (look for a multiple-digit number, for example 155.94.65.142). 

b – Enter the IP address into www.arin.net or another similar tool and this should reveal the identity of the ISP that is hosting the website on its server, as well as their contact details. 

c – Most ISPs have a dedicated email address and procedure for lodging IP complaints so it is worth looking on the ISP’s own website to check this.

The risks of not following these steps are clear. We dealt with its website attack quickly to mitigate the risk of confusion and more importantly, any potential long-term reputational damage. If not dealt with quickly scammers are likely to use bogus firms or entities as vehicles to commit fraud, which could result in members of the public being misled into trying to deal with the bogus entity (believing it to be genuine). This could in turn lead to the scammers trying to steal personal information from them. Businesses should remain vigilant and have a procedure in place to deal with attacks.

Jeremy Dickerson is partner at Burges Salmon.

With government research having unveiled that two-thirds of big UK businesses have been hit by a cyber attack in the past year, we took a look at some of the most recent and famous cases – and why they were thought to have happened.

Share this story

Close
Menu
Send this to a friend