In the past 24 months, law firms in Australia are seeing an increase in the number of cyber events impacting on their businesses. In recent times, we have listed three major threats to every law firm which could lead to the compromise of data and the interruption of their information systems. These can be categorised as phishing emails, ransom and malware attacks and email hijacking.

As we start 2020, email account hijacking is becoming a major threat every law firm in Australia – especially those that have moved to cloud-based data storage solutions.

In this article we look at what email hijacking is, what the impact can be for your firm and what simple steps you can take to protect your firm, whether you think you have been targeted or not.

What is Email Hijacking?

In its simplest form, email hijacking is when cybercriminals access emails to clients or third parties and change information within the email. This is done by a hacker being able to gain access to your email accounts using your own (stolen) log-in details and password.

Once they have access to  an email account, it is usual for them to monitor emails for some time before they become active – either by sending emails making them look like they were sent by a legitimate party or by searching for an opportunity to commit a crime by changing payment details or bank account details to syphon funds off to an illegitimate account.

The fast and irreversible diversion of money into a cybercriminal’s own bank account is currently the biggest source of cyber claims for lawyers and law firms in Australia.

Why are law firms particularly vulnerable to an email hijacking attack?

There are a number of reasons law firms are particularly targeted by cybercriminals in email hijacking scams.

Obviously, every law firm holds market sensitive and privileged data and information. Often this is corporate financial information and includes details of bank accounts and payment information.

Law firms also have the reputation for having a poor culture of cybersecurity.  Whilst this is improving, and most firms now realise that cybersecurity measures are a necessity, the implementation of best practice cyber standards is slow. This is particularly true of password management – an easy source of hacking by cyber threat actors.

The existence of multiple bank accounts at every law office  – including trust accounts – makes law firms even more susceptible to cyberattack.

In addition, lawyers are often involved in the transfer (either payment or receipt) of huge sums of money on behalf of their clients. This could be a distribution of funds, a litigation  settlement or judgment amount, a personal injury award or an insurance payout to name a few. Cyber criminals monitor the law firms emails for large payments and then alter the bank details or settlement details for those payments end divert the money into their own bank accounts. Within minutes of being received, these amounts are then transferred offshore by the criminals and in most cases can never be recovered.

What steps can you take to avoid email hijacking?

1.  Cybersecurity awareness training: The majority of cyberattacks occur because of the actions of people within your organisation. The most important, and first step, in. avoiding these attacks is cyber security awareness and education training for all members of staff.

2. Boost network security: Ensure you have effective firewalls and anti-virus software in place. Configure your email systems to be defensive and also limit the number of administrators. Provide email and systems access at levels on a “needs only” basis.

3. Dual factor Authentication: Use best practice password management and use strong multi factor authentication to log in to networks and information systems and email.

4. Slow Down: Take time to read emails carefully.   Be suspicious and look out for poor grammar, unusual wordings or ambiguities.

5. Check facts and confirm information requests: Check payment details and confirm account numbers before making any payments.

6. Reject unsolicited offers of help: No one ever rings and offers network and systems help without being asked. Never provide email details and passwords to any unconfirmed source.

7. Check website security: Many internet websites store your passwords and these can be used to guess work email logins and passwords. Change your passwords to unique and difficult to guess symbols, letters and numbers.

8. Review email alerts and forwarding rules. Also check these on your mail app.

9. Be wary of links in emails; Never open or click a link that is unknown or uncertain in its legitimacy

10.  Don’t assume an email sender is legitimate: Be suspicious and look out for red flags. Be particularly cautious if a senior partner emails you unexpectedly.

11.   Keep confidential information and data secure: This is your professional obligation. Take care at all times to ensure your client’s data is safe and secure.

---

Gillian Collins

Founder and CEO Cybersafe Legal

About Cybersafe Legal

At Cybersafe Legal, we are known for our professional, honest and easy approach to cyber education and risk management. As lawyers ourselves, we speak your language and offer solutions that take the worry out of the complex cyber security process and also acknowledge the specific cyber issues which exist in the legal industry.

cybersafelegal.com.au

1800 717 510

info@cybersafelegal.com.au