In the press: Should law firms be worried about scam emails?
November 7th, 2015
The rise in targeted email attacks to businesses worldwide continues to dominate the news headlines. Attacks like these are dangerous by their very nature. Not only are they increasing in frequency, but they are also becoming smarter by the day.
At the moment, we’re seeing a rise in activity related to of the Business Email Compromise (BEC) scam. This is where a cybercriminal tricks an employee into believing that they need to make a bank transfer to a known external entity but ends up sending these funds to a criminal instead.
Targeted spoofing is one of the biggest risks that firms currently face. This is not the age-old problem of SPAM emails, but something much more threatening. SPAM email involves a single email, branded as a well-known company such as a bank, sent to millions of addresses.
This ‘hit and hope’ exercise depends on a number of factors in order to be successful. The recipient must actually be a customer with that bank; the SPAM or anti-virus systems must fail to identify the email as a risk, and the recipient doesn’t recognise it as a dangerous email. As a result, the sender may not even get one bite from sending out hundreds of thousands of these emails.
Targeted email attacks are much more sophisticated – and now involve much more than just email; they merge emails, calls and sometimes physical visits to a target firm’s office– this is truly hacking for the masses. A number of hacking tools are now available for anyone to download, along with all the information they need to manipulate employees into performing actions or divulging confidential information – a key hacking term known as ‘social engineering’.
The truth is that the security systems that are needed to protect the majority of firms from the majority of hacks are probably already in place.
What does this mean for the legal sector?
How to protect data in end-of-life equipment
Any device where data is downloaded or stored is at risk of being accessed by a third party once it is no longer in your possession. Devices at risk range from the obvious hard disks, right through to printers. The basic principle is: if data is written it can be retrieved unless it’s encrypted. Therefore, […]
7 tips to help you select the right software for your growing business
Software selection can be a daunting task. It’s a process that all businesses go through, and likely more than once. Having been involved in the software selection process as project lead, I can understand the weight of responsibility you may feel if you are picking up the reins for the first time. Making the wrong […]
How to prioritise IT projects in a growing business
In a growing business, it often feels like every IT project is the number one priority, but with limited resources available it’s simply not possible – or practical – to tackle them all at once. But when everyone is clamouring for attention, how do you decide which project comes first? One of the problems many […]