Blog
In the press: Should law firms be worried about scam emails?
November 7th, 2015
The rise in targeted email attacks to businesses worldwide continues to dominate the news headlines. Attacks like these are dangerous by their very nature. Not only are they increasing in frequency, but they are also becoming smarter by the day.
At the moment, we’re seeing a rise in activity related to of the Business Email Compromise (BEC) scam. This is where a cybercriminal tricks an employee into believing that they need to make a bank transfer to a known external entity but ends up sending these funds to a criminal instead.
Targeted spoofing is one of the biggest risks that firms currently face. This is not the age-old problem of SPAM emails, but something much more threatening. SPAM email involves a single email, branded as a well-known company such as a bank, sent to millions of addresses.
This ‘hit and hope’ exercise depends on a number of factors in order to be successful. The recipient must actually be a customer with that bank; the SPAM or anti-virus systems must fail to identify the email as a risk, and the recipient doesn’t recognise it as a dangerous email. As a result, the sender may not even get one bite from sending out hundreds of thousands of these emails.
Targeted email attacks are much more sophisticated – and now involve much more than just email; they merge emails, calls and sometimes physical visits to a target firm’s office– this is truly hacking for the masses. A number of hacking tools are now available for anyone to download, along with all the information they need to manipulate employees into performing actions or divulging confidential information – a key hacking term known as ‘social engineering’.
The truth is that the security systems that are needed to protect the majority of firms from the majority of hacks are probably already in place.
What does this mean for the legal sector?
Read the article in full in Lawyer Issue
6 reasons your business continuity plan is weak – and how to fix it
Business continuity planning involves creating a strategy to prevent, reduce and recover from risks to an organisation. Many organisations still have business-impacting IT outages that should be avoidable, or quick to recover from. There are six key reasons why these types of IT outages continue to impact businesses. 1. Not understanding risk Most businesses would […]
How to protect yourself from malware and phishing attacks
Phishing is a form of online identity theft or the introduction of damaging viruses and other software into a business. The aim is to steal information or make IT systems unusable until the individual pays up. Phishing is certainly on the rise again, thanks in part to simple to download malware and virus toolkits – even for […]
Web browser vulnerability puts web users at risk of phishing attacks
Even the most careful Internet users could be at risk from a recently identified phishing attack, which a Chinese infosec researcher has described as “almost impossible to detect”. It has been warned that hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domains as legitimate websites, […]