Sophisticated trade mark scam emails impersonating SRA-regulated solicitors

Online impersonation is the most dominant form of online abuse, overtaking malware and other types of fraud. We recently reported on the malicious use of trade marks in "lookalike" domain names as part of a newly popularised form of online abuse (see our article here).

However, we are also seeing a rise in highly convincing scam emails targeting UK businesses and trade mark owners. These emails purport to come from Solicitors Regulation Authority (SRA)–regulated lawyers and reference genuine SRA and Law Society profile pages to create an air of legitimacy. They often claim that a third party is about to file, or has filed, a UKIPO trade mark application for a name identical or similar to your brand and invite you to “act now” to avoid losing your rights. In some cases, the emails direct recipients to slick but fraudulent websites or request disclosure of trade mark details that could be used for further malicious activity.

This is a form of impersonation fraud that relies on circular legitimacy. The email, the website and the purported professional profiles cross refer to one another to appear authentic. While such messages may borrow the names or SRA details of real lawyers, those individuals are not associated with the communication and are themselves victims of identity misuse.

How the scam typically presents

The message usually asserts an imminent UKIPO filing by a third party and urges you either to provide your existing registration number or to instruct the sender to file “immediately” on your behalf. It may cite the UK’s “first to file” system and list severe consequences if you do not respond, including rebranding, takedown from online platforms and infringement claims. The tone is time pressured and binary: either you have a registration and the matter closes, or you must authorise an urgent filing.

Critically, these emails often embed links to the SRA or Law Society websites and to a “process” page on a professional looking website. The external links are used to bolster trust, even though the sender, domain and the filing claims are fabricated. Some iterations may seek identity documents, power of attorney forms or payment details; others solicit trade mark specifications and intended goods/services, which can later be weaponised in phishing or invoice fraud.

Figure 1: An example email received posing as an SRA regulated lawyer by misappropriating legitimate details from the SRA website and requesting instructions to file a trade mark application.

Red flags to look for

While the email presentation may look polished, several indicators are common:

• unsolicited approach asserting a soon to be filed or pending UKIPO application by an unnamed “applicant” and urging immediate action;
• overstated consequences and exaggerated urgency;
• use of SRA / Law Society profile links or stating that such unsolicited approach is market practice;
• requests for trade mark details, identity documents or upfront fees without a proper engagement process or letter of engagement; and
• inconsistencies between the sender’s name, email domain, signature block and the firm supposedly represented.

What to do if you receive such an email

Do not reply, click any links or open attachments. You may be able to separately confirm whether the email is genuine by searching for the sender on LinkedIn to see if any profiles align with the email details or by cross-checking for law firm or business name on the Companies House registry.

If you need to confirm any suspicions, provide the email details to your trade mark advisors using a fresh message (not by replying or forwarding within the same thread). Where possible, capture the full email header information and take screenshots of any linked pages without interacting with forms or download prompts.

If you have an existing UK trade mark portfolio, your advisors can confirm your position immediately and review whether any genuine UKIPO filings have been made that concern your brand.

Reporting routes

We recommend reporting the incident promptly to the appropriate bodies so that indicators of compromise can be actioned:

• SRA: report impersonation of solicitors or misuse of SRA details at sra.org.uk
• UK Police: report fraud and cybercrime affecting UK businesses at reportfraud.police.uk
• National Cyber Security Centre: report suspicious emails to the Suspicious Email Reporting Service at ncsc.gov.uk
• UKIPO: if you receive misleading invoices you can forward them to the UKIPO at misleadinginvoices@ipo.gov.uk.

Practical steps to protect your brand

Consider whether any proactive measures are appropriate to materially reduce risk of fraudulent misappropriation of intellectual property, including impersonation of your business, and to improve options for responding if you find your business affected. We recommend the following:

• Maintain robust trade mark coverage. Ensure your key brands are protected in the UK and priority markets with specifications aligned to actual and planned use. Appropriate coverage supports swift enforcement and mitigates the risk of misappropriation.
• Monitor for abuse. Maintain an active trade mark monitoring regime for brand misuse and misappropriation across trade mark registries, domain registries and online use. Third party monitoring solutions such as those offered by Ashurst can augment internal checks and provide early warning.
• Establish an evidence protocol. When suspicious content is identified, record URLs, timestamps, screenshots and page sources where safe to do so. Early, comprehensive evidence materially improves the prospects of effective takedown and any subsequent action in certain circumstances.
• Block known bad domains and addresses. If you receive any emails or become aware of any domain names incorporating misappropriated trade marks, you should block those malicious domains and sender addresses within your internal systems to protect employees, who are frequently the targets of these schemes.
• Implement domain name defences. Register core and obvious variants of your principal domains across relevant top level domains and include common misspellings or homograph variations to limit opportunities for malicious third parties to create lookalike websites.

Ashurst Assistance

If you are unsure of the legitimacy of any trade mark emails that you have received, please feel free to reach out to your Ashurst contact who will be able to advise you accordingly.

Ashurst offers robust trade mark advice to clients, including to those affected by misappropriation of intellectual property rights, and routinely advises on steps to proactively manage risk to respond to an impersonation event. Please feel free to reach out if you require any assistance.