Phishing and other forms of identity theft involve the unauthorized or fraudulent use of the identities of businesses or individuals to create communications that appear legitimate, for the purpose of obtaining sensitive information (such as passwords, bank details or personal information) or securing fraudulent financial benefits. These practices can be carried out through emails, SMS or on instant messaging apps (such as WhatsApp), phone calls, or by creating false websites or profiles on social media making fraudulent use of the corporate brand or identity of a business or individuals, etc.
To contribute to preventing the unauthorized or fraudulent use of the Garrigues brand and/or of the identity of its professionals, we want to bring your attention to the following official identification elements:
- Garrigues and its professionals only make contact through emails that include the official domain @garrigues.com (and @g-advisory.com in the case of our consulting subsidiary). Garrigues does not have alternative email addresses and we do not make contact on WhatsApp or other messaging apps.
- The firm's official websites only use the domains garrigues.com and g-advisory.com.
- The only official Garrigues channels on social media are:
Garrigues performs strict monitoring of its various platforms to identify possible cases of fraud and identity theft and regularly reviews the measures in place to contribute to preventing them. This monitoring is performed separately from the steps they may need to be carried out by potentially affected third parties or the competent authorities. However, in the event of suspicion of a theft of the identity of Garrigues or of its professionals, please send us the available information to the following contact address: [email protected].
To provide you with a sample, below is a list of examples of communications or actions that could involve phishing and/or identity theft:
- Communications that fraudulently use the image or name of Garrigues or of its professionals to inform about purported legal proceedings of any type (copyright infringements, fraud, inheritance, investments or fictitious legal procedures).
- The sending of false invoices or requests for payment into bank accounts that do not belong to Garrigues.
- Communications requesting a change of bank details (IBAN) attributing it falsely to Garrigues or its professionals.
- Links to websites or false profiles on social media (LinkedIn, Instagram, TikTok or Facebook, among others) which make fraudulent use of the identity and image of Garrigues or of its professionals.
- Fraudulent impersonation of Garrigues professionals on WhatsApp or other instant messaging platforms.
- Communications purportedly from managers, trusted professionals (such as a lawyer) or third parties connected to a corporate transaction, requesting transfers of funds or other urgent steps with the appearance of confidentiality (CEO fraud).
- Calls impersonating lawyers or professionals from Garrigues to support the apparent legitimacy of earlier false communications.
- The sending of false links that appear to come from platforms in regular use (DocuSign, Workday, Salesforce, Adobe or others).
- Publication of false job offers attributed to Garrigues.
The included list of examples is not definitive and is provided simply to show possible cases of phishing or identity theft attacks.
This information is provided solely for information purposes and does not constitute legal advice or a legal assessment in relation to specific circumstances.