Whale Phishing: Commercial Litigator Attacked in a Sophisticated Phishing Attack

For Business, For Legal Professionals | 20 Mar 2023

A case study on work that Notion Digital Forensics have completed.

Overview

A specialized commercial litigation firm received what appeared to be a court order via email. Recognizing the risks of targeted phishing, they engaged Notion Digital Forensics to verify authenticity and assess potential threats to their confidential materials and finances.

Objectives

The engagement focused on analyzing the suspicious email, identifying embedded malware, and delivering recommendations to mitigate risks from phishing campaigns targeting legal practices.

Methodology

The forensic team examined email metadata, PDF structure, and conducted specialized scanning for hidden malware or keystroke-logging software that could jeopardize firm security.

Key Findings

Analysis revealed the attached PDF contained a keylogger designed to capture and transmit keyboard activity, potentially exposing sensitive data. The court order mimicked legitimate documentation aligned with the firm’s current caseload. Notably, commercial antivirus platforms had not yet flagged this threat, demonstrating the attack’s sophistication.

Conclusion

The examination successfully uncovered a highly convincing phishing operation targeting the litigation firm. The forensic insights enabled appropriate defensive measures, underscoring why legal organizations handling substantial assets and confidential information must maintain continuous security vigilance and prevention strategies.