New Orleans IT ServicesCall: (504) 849-0570

Is Your Law Firm Safe From Phishing?

How To Protect Your Law Firm From Phishing

You probably think you’re secure. There’s a popular assumption among law firms that they are safe from most cybersecurity threats – 80% of legal organizations consider their cybersecurity to be sufficient.

But is that really the case?

Just ask Jenner & Block. A law.com investigation found that they exposed the information of nearly 900 people (employees and clients) when they gave a hacker W-2 tax forms as the result of a phishing scam.

Here’s the worst part – Jenner & Block actually maintains a data privacy and cybersecurity practice, offering “counseling and litigation services to ensure the privacy and integrity of their sensitive information.”

If Jenner & Block was confident enough in their cybersecurity capabilities to actually offer it as a service, but still got fooled by a cybercriminal, what does that say about your cybersecurity?

The State Of Law Firm Cybersecurity

  • Proskauer Rose: Despite calling themselves a “recognized leader in privacy and cybersecurity law,” this firm was also a victim of tax document phishing.
  • DLA Piper: In 2017, this firm was successfully infected with ransomware. Despite a firm spokesman reporting that no client data was affected, the fact is that the malware still penetrated their defenses.
  • Harris Beach: This firm was penetrated when a hacker broke into their email system, and possibly downloaded all information stored there.

2 Simple Ways To Enhance Your Law Firm’s Cybersecurity

  1. Learn To Recognize Phishing
    • Watch For Overly Generic Content And Greetings: Cybercriminals will send a large batch of emails. Look for examples like “Dear valued customer.”
    • Examine The Entire From Email Address: The first part of the email address may be legitimate, but the last part might be off by a letter or may include a number in the usual domain.
    • Look For Urgency Or Demanding Actions: “You’ve won! Click here to redeem a prize,” or “We have your browser history pay now or we are telling your boss.”
    • Carefully Check All Links: Mouse over the link and see if the link’s destination matches where the email implies you will be taken.
    • Notice Misspellings, Incorrect Grammar, & Odd Phrasing: This might be a deliberate attempt to try and bypass spam filters.
    • Don’t Click On Attachments Right Away: Virus containing attachments might have an intriguing message encouraging you to open them such as “Here is the Schedule I promised.”
  2. Data Backup
    • Back up data on a regular basis (at least daily).
    • Inspect your backups to verify that they maintain their integrity.
    • Secure your backups and keep them independent from your main system.

Like this article? Check out the following blogs to learn more:

Why Local Companies Need To Hire A Local Cybersecurity Specialist

Are You Part Of The 55% That Fails To Offer Security Training To Staff Members?

3 Easy Steps To Secure Word Documents With A Password

contact info