New Orleans IT ServicesCall: (504) 233-7046

Is Your Law Firm Safe From Phishing?

Law firms are being targeted at an increasing rate by cybercriminals. Do you have the cybersecurity defenses necessary to stay safe?

How To Protect Your Law Firm From Phishing

You probably think you’re secure. There’s a popular assumption among law firms that they are safe from most cybersecurity threats – 80% of legal organizations consider their cybersecurity to be sufficient.

But is that really the case?

Just ask Jenner & Block. A law.com investigation found that they exposed the information of nearly 900 people (employees and clients) when they gave a hacker W-2 tax forms as the result of a phishing scam.

Here’s the worst part – Jenner & Block actually maintains a data privacy and cybersecurity practice, offering “counseling and litigation services to ensure the privacy and integrity of their sensitive information.”

If Jenner & Block was confident enough in their cybersecurity capabilities to actually offer it as a service, but still got fooled by a cybercriminal, what does that say about your cybersecurity?

The State Of Law Firm Cybersecurity

  • Proskauer Rose: Despite calling themselves a “recognized leader in privacy and cybersecurity law,” this firm was also a victim of tax document phishing.
  • DLA Piper: In 2017, this firm was successfully infected with ransomware. Despite a firm spokesman reporting that no client data was affected, the fact is that the malware still penetrated their defenses.
  • Harris Beach: This firm was penetrated when a hacker broke into their email system, and possibly downloaded all information stored there.

2 Simple Ways To Enhance Your Law Firm’s Cybersecurity

  1. Learn To Recognize Phishing
    • Watch For Overly Generic Content And Greetings: Cybercriminals will send a large batch of emails. Look for examples like “Dear valued customer.”
    • Examine The Entire From Email Address: The first part of the email address may be legitimate, but the last part might be off by a letter or may include a number in the usual domain.
    • Look For Urgency Or Demanding Actions: “You’ve won! Click here to redeem a prize,” or “We have your browser history pay now or we are telling your boss.”
    • Carefully Check All Links: Mouse over the link and see if the link’s destination matches where the email implies you will be taken.
    • Notice Misspellings, Incorrect Grammar, & Odd Phrasing: This might be a deliberate attempt to try and bypass spam filters.
    • Don’t Click On Attachments Right Away: Virus containing attachments might have an intriguing message encouraging you to open them such as “Here is the Schedule I promised.”
  2. Data Backup
    • Back up data on a regular basis (at least daily).
    • Inspect your backups to verify that they maintain their integrity.
    • Secure your backups and keep them independent from your main system.

Like this article? Check out the following blogs to learn more:

Why Local Companies Need To Hire A Local Cybersecurity Specialist

Are You Part Of The 55% That Fails To Offer Security Training To Staff Members?

3 Easy Steps To Secure Word Documents With A Password

Latest Tweets

contact info