Phishing scam warning from LexisNexis
Description of Potential Fraud:
We are forwarding a warning from LexisNexis regarding a phishing attempt aimed at their customers. The fake email can be found below (click to enlarge it), and is a good example of how real phishing messages can look, especially if they appear to be from someone you know and deal with. There is good advice here on recognizing these scams and not getting taken in by them.
Ensuring information security is a top priority for us at LexisNexis, so I wanted to take a moment to address a recent situation that you may have heard about or perhaps even experienced.
On Friday, June 21, 2013, a large number of individuals, some of them LexisNexis customers, received fraudulent emails claiming to be from LexisNexis and containing what appear to be invoices. These emails and the invoices are not legitimate, did not come from LexisNexis and originated from outside our systems. In fact, LexisNexis systems and customer data remain secure and unaffected.
If you received such a message, I wanted to provide recommendations from our team:
- Disregard the message and attachment, and delete them. They are not from LexisNexis.
- If you have opened the phishing email, do not click on any links in the email and delete the message and any attachments from your computer right away.
- If you receive the same email again or any questionable message appearing to come from LexisNexis, do not open it. Delete it from your computer.
- If you have opened one of these phishing emails and clicked on either a link or attachment:
- If you have an IT department in your organization, connect with them right away for further guidance.
- If you don’t have an IT department, verify that your anti-virus software is up to date, update it if needed and run a scan of your machine to ensure it is secure.
- Contact the LexisNexis Customer Support team at 1-800-387-0899 to get your Quicklaw® ID cancelled and a new ID issued.
This incident reminds all of us about the reality of online scams and the need to be on the lookout for “phishing” schemes. Phishing involves the use of email messages that appear to come from a trusted source or institution, vendor or company, but are actually from third-party impostors. These emails typically request payments or include malicious software to obtain personal information, such as user names and passwords, and then exploit that information.
Communications from LexisNexis will never ask for your user name and password via email or by phone. And our systems are protected with state-of-the-art technology to ensure your account information is safe, is secure and cannot be compromised. For you, our customers, best practices to secure your account include:
1. Never share user IDs or passwords with anybody, including LexisNexis.
2. Do not write down your user ID and password anywhere.
3. Install and use current anti-virus software.
Following these guidelines and practices, together we can greatly minimize security risks. If you have any questions or concerns about data security generally or the phishing email recently, please do not hesitate to reach out to your LexisNexis representative or contact our Customer Support team at 1-800-668-6481.
Vice President, Sales and Customer Care
LexisNexis Canada Inc.
905 King Street West, Suite 400