Lawyers’ Insurance Programme: Loss Prevention Tip #50 – Avoiding Cyber-Crime Incidents
Beware – law firms are often targets of email hackers and they could be reading your emails right now!
In one case, a firm’s email system was compromised and a hacker was reading their emails. The firm didn’t become aware until the hacker demanded a ransom. While no ransom was paid, other firms or their clients may not be as lucky.
In another example, a hacker advised a client of a change to the lawyer’s banking instructions and directed the client to send funds to a new account or do an e-transfer. The client did so, believing the hacker was the lawyer.
The typical entry point for the hacker is when someone in the firm opens an attachment from a spam email that installs a code which enables the hacker to access that account. The hacker can then communicate with clients. Communication often occurs when the client has to send significant funds to the lawyer.
Hackers are sophisticated and can add protocols to an email account which prevent you from seeing correspondence coming to and from your account. Sometimes the hacker creates an alternative inbox hidden from plain view, and your client will have what appear to be emails from you, but you will have no record of sending them.
To avoid becoming a victim of one of these scenarios, please follow these loss prevention tips: