Colorado Supreme Court

Office of Attorney Regulation Counsel

Promoting Professionalism. Protecting the Public.

Links That Lie
Clicking on suspicious hyperlinks in emails can have disastrous results for attorneys. Here's how to prevent that.

Summer 2016

Cyber infections targeting lawyers are always changing, but the preferred vehicle for those infections has remained the same: The hyperlink.

A hyperlink is a highlighted piece of text that when clicked, takes a user to an outside webpage or website. You probably clicked on a hyperlink to get to this article, for example. Most are perfectly legitimate. However, as a recent email scam illustrates, it's smart to exercise caution.

This summer, attorneys in numerous states including Colorado received suspicious emails telling them they are the subject of an ethics complaint. A link inside the email purported to direct them to a copy of the complaint. Instead, the link contained ransomware, a malicious software that locks a user's hard drive and demands a digital payment to return control to the owner. There are numerous reports of law firms suffering a hostile takeover like this.

So, how do you protect yourself?

Type it out
Links can lie.

Even a URL that is spelled out in the body of an email can't be trusted. A legitimate website's URL -- for instance, -- could be used to hide a more sinister destination like ransomware. (Or, if you clicked on that link, a totally different website, like the Colorado Bar Association.) If the typed address is one you recognize, the best course of action is to manually type it into a browser window.

But what about a traditional hyperlink with only text, such as "click here"?

Don't trust; Verify
Before you ever click on a hyperlink, you should attempt to verify its destination.

One way to do this is by hovering your cursor over the hyperlink. Somewhere on the page -- maybe in a small popup window, maybe in the lower portion of your screen -- you'll see the website URL. Do you recognize the website? Does it look legitimate? Scams often originate overseas, so looking for foreign country codes is one prevention tactic. (For example, ".ru" is from Russia and ".uk" from the United Kingdom.) But even that's not foolproof. Many scams still use a ".com" domain extension.

Pick up the phone
If you're still curious or think the email might be from a legitimate source, then reach out to the source. A phone call to the company or the person who purportedly sent it should clear it up. Or email someone at that company. Just be sure to find the contact information independent of what is listed in the suspicious email.

Use your head
Simple common sense can go a long way. If you didn't ask for this correspondence, you don't know who the sender is, and the whole thing raises suspicion, then don't take any chances. Delete the email immediately.

Back it up
Hopefully, you'll never be the victim of a malicious email hyperlink. But if you are, your problems will be mitigated if you regularly back up your hard drive.

Brett Corporon is the Director of Technology for the Office of Attorney Regulation Counsel. James Carlson is the Information Resources Coordinator for the Office of Attorney Regulation Counsel.