Law Firm / Legal Notice Impersonation Scam

Scammers pretend to be a law firm or legal team representing a known company. They email small businesses saying there are “issues” with the website (logos, reviews, privacy notice, or ads). The message sounds friendly and “cooperative,” and often includes a Word document (.docx) with “details” they want you to review. The aim is to make you open the attachment or contact them so they can push you to share information, install software, or pay a “resolution” fee.

I encountered this scam Learn common red flags
Primary example

How this scam works

  1. 1

    Step 1: You get an email that looks like it’s from a law firm about your website content.

  2. 2

    Step 2: They say it’s only for ‘information and coordination’ and not a legal claim, which lowers your guard.

  3. 3

    Step 3: They attach a .docx file with ‘evidence’ and ‘recommendations’ and urge you to open it.

  4. 4

    Step 4: If you open the file, it may ask you to ‘enable content’ or send you to contact the scammers.

  5. 5

    Step 5: If you reply or call, they may pressure you to share logins, install remote tools, or pay to ‘settle’ the issue.

✓ Do this

  • Verify the law firm independently: look up their official website yourself and call a number listed there.
  • Ask for specific page links and a simple PDF summary instead of an editable Word document.
  • Have a trusted IT person or security tool check any unexpected attachments before opening.
  • Keep a copy of the email and report it as phishing to your email provider.
  • If you’re concerned, consult your own lawyer or the real brand through official channels.

✗ Avoid this

  • Do not open or download unexpected Word documents, especially if asked to ‘enable content.’
  • Do not reply using the contact details in the email until you verify independently.
  • Do not share website logins, personal data, or install any software at a stranger’s request.
  • Do not send money or pay ‘settlement’ or ‘processing’ fees without independent confirmation.

Quick tip: Verify independently

Don’t call numbers or click links in unexpected messages. Go directly to the company’s official site or app and contact support from there.

See common red flags