Last spring, a Long Beach law firm received an e-mail from a Hong Kong businessman seeking help collecting debts from American customers. An attorney with the firm saw it as a great opportunity to reel in more business during the economic downturn and agreed to help.

After a month of signing paperwork and exchanging telephone calls with his client, the attorney received word from one debtor who sent a $200,000 cashier's check to pay off his balance. The attorney deposited it in his firm's account, subtracted his $10,000 fee and wired the remaining amount to his Hong Kong client.

An hour-and-a-half later, the attorney's bank called and told him the check bounced. Fortunately, the bank was able to prevent the wire transfer from reaching its destination. He almost had been duped out of $190,000.

"They send me a nice, big, worthless check," said the attorney, who asked to remain anonymous. "Needless to say that was not a fun day. They were the hardest 24 hours of my life."

MBA BY THE BAY: See how an MBA could change your life with SFGATE's interactive directory of Bay Area programs.

The case is illustrative of the cyberthreats law firms face today and for them the threat is double-barreled.

Cyber-criminals see law firms as particularly lucrative targets that can earn them hundreds of thousands of dollars per heist. Cyberspies also attack attorney firms to steal client data that can be sold or used to learn the details of future litigation.

One day before Google revealed in January that it had been hit by an elaborate attack on its data and the Gmail accounts of Chinese human rights activists, several partners at Los Angeles law firm Gipson Hoffman & Pancione, which had just begun a copyright infringement lawsuit against China, were hit by similar attempts to infiltrate their systems.

Although there is no firm data on cyberattacks on law firms, the FBI issued an alert in late January warning law firms about scammers purporting to need help collecting delinquent payments or divorce settlement money. The State Bar of California issued a similar warning in May.

Officials with City National Bank in Los Angeles, which serves more than 2,400 legal clients in California, Nevada and New York and helped the Long Beach attorney recover his money, said that in the past two years the institution has prevented the loss of about $2 million in counterfeit check schemes.

"The economy being down has increased the volume and level of sophistication" of these scams, said Joe Flueckiger, head of corporate security for the bank.

More scams

Attorneys say they are receiving these scams with increasing frequency.

"Six months ago I hadn't seen any of them," said Brian Hoffman, a San Francisco intellectual property attorney at the Mountain View firm Fenwick & West LLP. "A couple of months ago I started seeing them once a week. Now I see them once or twice a day."

Cyber-espionage is perhaps a more widespread and pressing concern that continues to fly largely undetected under the public radar, said Scott Blackmer, founding partner of high-tech law firm Information Law Group.

Expanding focus

A recent report by information security company Mandiant said that during the past five years criminals have expanded their focus from government and military targets to researchers, manufacturers, nonprofit agencies and law firms.

Security experts said criminals gain access into law firms' networks using highly tailored schemes to trick attorneys into downloading customized malware into their computers. It is not uncommon for them to remain undetected for long periods of time and come and go as they please, they said.

Losing private data

Stephen Surdu, Mandiant's vice president of professional services, said hacking, in addition to damaging a law firm's reputation, can result in the loss of confidential information belonging to corporate clients - trade secrets, intellectual property, source data, details on new patents and products - and have serious repercussions across industries.

"In those cases (criminals) are not trying to defraud the law firm; they're trying to get information from them so they can gain the market," Blackmer said.

Government backing

Experts say attacks are often orchestrated by overseas competitors with the support or endorsement of their governments. Scott Borg, director and chief economist at the nonprofit U.S. Cyber Consequences Unit, said criminals have been known to even sell information stolen by cyber exploits in the form of research to litigants.

"There have been cases where companies or countries that certain corporations were negotiating with were clearly handed confidential information," he said.

Attorneys at Los Angeles law firm Gipson Hoffman & Pancione were aware of a possible attack before it happened for similar reasons.

A week before they were attacked, the firm filed a $2.2 billion lawsuit against the Chinese government and several computer manufacturers on behalf of CYBERsitter, a Santa Barbara software-maker, claiming that China helped distribute copies of Green Dam, an Internet-censoring program with code allegedly stolen from the company.

Higher risk

The FBI is investigating the attack on the firm and it is still uncertain whether it was connected to the Google attack. But Alex Stamos, a founding partner at iSEC Partners, a San Francisco security consulting firm that recently published research identifying about 100 organizations hit by the attack, said that law firms are on the list of organizations most at risk of being targets in the future.

"Most law firms are going to be in trouble if this is the level of adversary they're going to deal with," he said. "It's impossible even for the largest law firms to have a dedicated security team that can hold their own against these people."