 |
| The COVD-19 Virus |
I love it when a ready-made blog topic drops right into my lap. Not that I’m lacking for ideas. My Evernote “Blogs” note currently has 41 topic subjects of varying complexity awaiting my attention. But stuck at home the last two weeks in my COVID-19 bunker, I have been seeking inspiration for a novel. A novel coronavirus legal ethics topic, that is. And Friday, it arrived, directly to my in-box. An e-mail message from Alejandro Hernandez, the Managing Director of Jorhe Technologies Group, Inc.:
From: Alejandro Hernandez [mailto:a.hernandez@jorhetechnologies.com]
Sent: Friday, March 27, 2020 12:09 PM
To: Charles Luce
Subject: Attorney Required
Good day Charles,
My name is Alejandro Hernandez, Managing Director of Jorhe Technologies Group.
I want to find out if your firm handles Copyright Infringement Cases. A long time business associate of ours has violated our copyright agreement and we need a
lawyer to handle this matter urgently.please stay safe out there in this hard times.
We are prepared to pay your retainer fees and we will also send you other important and
I want to find out if your firm handles Copyright Infringement Cases. A long time business associate of ours has violated our copyright agreement and we need a
lawyer to handle this matter urgently.please stay safe out there in this hard times.
We are prepared to pay your retainer fees and we will also send you other important and
sensitive documents.
Best Regards,
Alejandro Hernandez
Managing Director
Jorhe Technologies Group, Inc.
Tel: +52 (15) 5457 23323
Direct Tel: +52 66 7690 3628
Email: a.hernandez@jorhetechnologies.com
Of course it was a scam, and a really old one. I first lectured about this variety of lawyer
scam – the “dear counselor” con – at CLE International’s 14th Annual Ethics Conference, on Pearl Harbor Day 2009, and it was
old even then. This e-mail had all the
classic hallmarks:
1.
It came out of the blue;
2.
It was from a company I, and no one else, has
ever heard of;
3.
It suggested, but did not outright state, it was
from a foreign country (the +52 country code is Mexico, if the sender’s nom de scam wasn’t blatant enough);
4.
It used the word “urgently”; and
5.
It offered, without prompting, to pay my “retainer
fees and to “send [me] other important and sensitive documents.”
In a particularly nice and timely touch, the opening
paragraph had added to the end of the undoubtedly cribbed copy from which it
was derived an oblique reference to the ongoing pandemic: “please stay safe out
there in this hard times.” “Alejandro” had even taken the time to research at
my credentials and learn that I practice copyright law.
Of course I was not going to respond. But I do have a soft spot for such phishermen,
particularly ones that demonstrate some initiative in dusting off and updating really,
really old lawyer trust account
scams. So I studied the message a bit.
There were no obvious errors, apart from the fact that the
only sentence which had been added to this oldie-goldie lacked even a single space
before it and contained a grammatical flub: “in this hard times,”
instead of “in these hard times.”
But I was not going to be a grammar-slammer or deduct more than a couple
of points for a minor error.
I moused-over the e-mail header and the hypertext link,
looking for a redirect to another website.
I found none. Also there were no
subtle letter transpositions or other tricks of the phishing trade, such as
substituting “0” for “O.” Ten Points to
Slytherin!
 |
| Jorhe Technologies' "Recent Enagements" Page |
Next, I Googled “Jorhe Technologies Group,” which usually
leads to the website of a real company with which the scammer is definitely not
associated. I found an impressive one. Well, sort of. The animated graphics on the home page and the
typeface used in the “Services” menu are vintage –1970s or early 1980s ,
reminiscent of the dated computer graphics and fonts you see in movies of the period,
like War Games (1983) and Colossus: The Forbin Project (1970). 
But there was depth to this website. The list of “Recent Engagements” and"Tech Partnerships" was impressive: Microsoft
Azure. Amazon Web Services. Google Cloud Platform. At the bottom of this page there was a photo
of a smiling “Amanda, Sales Representative,” waiting to “Schedule a call now.” Who could resist that invitation? True,
Amanda looked a shade too pale to be living under the Mexican sun. But the photo is small, and she does seem to have
a nice tan. Amanda might be an ex-pat,
or working remotely up north.
Whatever. I certainly didn’t want
the scammer to think I was a racist or xenophobe.
The Google search results for “Jorhe Technologies Group” demonstrated impressive SEO: Top of page one! Of course it was also the only “Jorhe Technologies Group,” which wasn’t surprising.
 |
| Goolge Search Result for "Jorhe Technologies Group, Inc." |
Next stop: a WHOIS search forjorhetechnologiesgroup.com. My favorite
resource for domain name look-ups is the mother ship: the domain name search engine for ICANN. ICANN is the acronym for the Internet
Corporation for Assigned Names and Numbers, a U.S.-based organization
responsible for coordinating domain names on the Internet. All domain name registration data leads back to
ICANN’s WHOIS engine. My search there revealed
that jorhetechnologiesgroup.com had been “Created: 2020-02-14 14:04:36 UTC” and was hosted by
“DNS1.NAMECHEAPHOSTING.COM.” Really. You can’t make this stuff up. No identifying ownership information was
available – another tell, as if more was need.
 |
| ICANN WHOIS Domain Registration Record |
I was impressed! A
technology company, listing, or at least suggesting, affiliations with the
titans of the hi-tech industry, and whose website boasts and details numerous
complex projects and accomplishments, so busy that it could not get around to
building its own website until Valentine’s Day 2020. This company is going places. The heck with your legal work! Where can I buy your company’s stock, Alejandro?!
However, as I surfed Jorhe Technologies’ site a bit more,
some curious mouse-overs kept appearing – for “Icalia Labs,” which appears to
be a real technology company located in Austin, Texas. Even sweet, smiling Amanda was revealed by a mouse-over to be an “Icalia Labs Contact.”
All became clear when I found and reviewed the Icalia Labs site. Rather than point to a real company’s
website, the usual play for this scam, “Alejandro” had built his bogus website by
copying and revising Icalia Labs’ website’s source code. All of it.
Alas for Alejandro, the source
code on his Jorhe website revealed he had missed changing the metadata, which
was still rife with “Icalia Labs” references in the alternative text used for
mouse-overs.
 |
| If you're going to rip off HTML code, don't forget to change the metadata! |
It was then I realized that, like me, Poor Alejandro was
probably stuck somewhere under a “shelter in place” order, too, and had way too
much time on his hands. Indeed, even in
the processing of drafting this blog, the Jorhe Technologies Group “About” page,
which I initially captured as a 404
error page, was updated. Actually it was created. The one
page not pirated from Icalia Labs, whose website has no “About” page. (However, virtually all of the text was
ripped off from Tiempo
Development’s AWS profile page.) I
imagined the scammer’s wife yelling at him, “Alejandro! The ‘About Page’ is broken. Fix it.
Now!” And he did. Pobre
Alejandro!
 |
| "Jorhe Technologies" Cloned Contact Page with Icalia Labs Alternative Mouse-Over Text |
 |
| The Genuine Icalia Labs Contact Page (also with the Icalia Labs Alternative Mouse-Over Text) |
Law firms who have been scammed are a favorite
subject of Internet blogs. Schadenfreude
sells. This ground has been plowed so
many times there is really nothing new to write about it. The Texas Bar Blog cataloged dozens of similar ploys
just 6 days after Alejandro opened jorhetechnologies.com for business. The Illinois Bar
has described the elements of the “dear counselor we need a lawyer in your
jurisdiction” scam in detail. Hg.org
maintains a depository
of such scam e-mails, and there is an entire blog devoted solely to
collecting attorney e-mail scams.
As matter of legal ethics, the “dear counselor”
scam creates multiple issues for any Colorado lawyer or law firm that falls for
it and remits to the scammer real dollars from its trust account in exchange
for the phony wire transfer or bad check given as a “retainer” by the scammer. The “sting” occurs when the scammer advises the lawyer, as it
inevitably will, that it has resolved the dispute which the lawyer was engaged
to handle, and instructs the lawyer to keep a generous fee for herself, and to promptly
remit the balance of the scammer’s trust account by wire transfer.
Apart from the deep professional embarrassment of
having been taken by a Nigerian prince, and the negative publicity which may
follow, looms the specter of having violated Colo.
RPC 1.1, which requires that a lawyer be and stay
technologically competent. Specifically, Comment [8] makes clear that Rule 1.1
includes within its mandate a duty “[t]o . . . keep abreast of changes in . . .
changes in communications and other relevant technologies.” Falling for con that is at least 11 years old
is not “keeping abreast.”
The “generous
fee” the lawyer is invited to retain by the con artist usually surpasses a reasonable
fee by any measure of computation, and thus may be deemed an “unreasonable fee”
for the services provided in violation of Colo.
RPC 1.5(a), though in truth, of course, it is no fee at
all. That raises an interesting
metaphysical question: is Rule 1.5 violated by attempting to collect an unreasonable fee when the fee is illusory
from the outset?
Remitting real dollars from one’s trust account in
exchange for the trickster’s ersatz retainer also violates Colo.
RPC 1.15A, which requires a lawyer to safeguard client
property. If take from the scam is large
enough to overdraw the lawyer’s trust account once the amount of the phony wire
or check is reversed by the lawyer’s bank, the Office of Attorney Regulation
Counsel will be contacted, and the chagrined lawyer will hear from OARC
swiftly thenafter. Cyber-fraud insurance
may provide coverage, but may not, or at least not without a fight. Such policies are tightly worded, and may be
conditioned upon recurring firm-wide cyber-security training, as
Dentons Canada discovered when it was duped out of $2.5 million in a far more
sophisticated e-mail scam in 2017.
There is one further, interesting ethics angle to bear
in mind should you be tempted to have some fun with a con artist like “Alejandro”
– a recognized sport known as “scam baiting,” a form of Internet vigilantism
in which the would-be victim turns the tables on the scammer, or at least
wastes his time and holds him up to public ridicule. As documented by 419Eater.com, an website entirely devoted
to this diversion, scam baiting can be great fun. There’s even a wildly
popular Ted Talk devoted to the subject. The problem is that lawyers are not allowed play
– at least not directly.
Colo. RPC 8.4(c) prohibits attorneys from engaging in “conduct involving
dishonesty, fraud, deceit or misrepresentation,” which scam baiting
requires. While I may ethically ask
Alejandro if he wouldn’t mind being interviewed for his perspective on the life
of a lawyer-scammer, Rule 8.4(c) forbids me from playing by Alejandro’s rules.
I may, however, “direct” another to do so, provided it is in
connection with a “lawful investigative activity.” This is permitted because Rule 8.4(c) was
amended in 2017 to allow a lawyer to “advise, direct, or supervise others,
including clients, law enforcement officers, or investigators, who participate
in lawful investigative activities.” See Colo.
Bar Ass’n Ethics Opinion 137, Advising,
Directing, and Supervising Others in Lawful Investigative Activities That
Involve Dishonesty, Fraud, Deceit, or Misrepresentation (May 2019).
I wonder how long Alejandro will work the Jorhe Technologies
Group scam, and how long it will take Icalia Labs to discover that someone has
pirated its website’s code. It can be lonely
in the COVID bunker. The combination of lawyers
working remotely, and business’ worldwide pulling in their legal budgets, may
create a dangerous alchemy in which attorneys worried about their next billable
hour will fall prey to the “dear counselor” scam, old as it is – a danger
greatly reduced when one works in an office with colleagues who can yank a would-be
lawyer-victim back from the precipice when he excitedly announces “I just got
this great new client through an e-mail!”
The novel coronavirus is enough to cope with without
Alejandro. Legal ethics and lawyer
scammers do not take COVID-19 holidays.
Working remotely still requires that conflicts be checked and cleared,
and that common sense and alertness not be checked at the COVID bunker door. Be careful out there everyone.
