Combating cybercrime: Responding to an online spear phishing attack with a company at stake
Website spoofing: When imitation isn’t flattery
One of our clients, a major player in the oil and gas industry, recently discovered a copycat of their company website online. This duplicate looked and functioned exactly the same as the legitimate site, down to the hyperlink. The only differences? The domain suffix (.org instead of .com) and the contact information. The company had fallen victim to a targeted spear phishing attack carried out by sophisticated bad actors. Such attacks expose a company to immense risk, especially if hackers have time to lock the company out for ransom. That meant the Patterson + Sheridan team had to act swiftly and decisively.
Our attorneys attacked on two fronts: A Uniform Domain-Name Dispute-Resolution Policy (UDRP) complaint was filed to have the spoof website taken down as quickly as possible. They also filed suit in federal district court for trademark infringement, copyright infringement, interfering with business operations, unfair competition, dilution of trademark and cyberpiracy. (We ultimately secured a resolution from the district court in this case, but our firm has experience pursuing resolutions both through litigation and through ICANN.)
An efficient, effective and experienced approach for a growing problem
The Patterson + Sheridan team worked efficiently, deploying an experienced team to take on the matter and communicating with the client often enough to keep them informed while not inundating them with incidental details. Our attorneys sought permanent injunctive relief, and the court ultimately rendered a default judgment in our client’s favor granting all relief sought. The spoof site was removed and the company was able to restore and improve its online security.
Our firm is increasingly assisting clients with spear phishing schemes, filing more UDRP complaints recently than we have in previous years — and we anticipate it will continue as cybercrimes proliferate. While it’s difficult to prevent such attacks, we frequently advise clients on strategies to mitigate their online risk. Our tech-savvy attorneys and IT partners participate in annual training sessions and run simulations of online attacks to prepare for real ones. We pride ourselves on our ability to help clients navigate the legal process of these schemes while also providing complementary business and technical advice.