With a number of cyber threats challenging the legal sector, it is increasingly important that everyone from clients, to partners, to receptionists and admin staff understand how to protect themselves and the firms’ interests from cyber criminals.
Fortunately, in a lot of cases, it can be enough for everyone faced with a fraudulent situation to just #takefive and think about whether the communication is genuine.
This is the key message of Take Five, a new awareness campaign led by FFA UK and its members with partners Cifas and City of London Police.
In support of their latest awareness campaign #takefiveday, we’ve republished their 5 key messages to help better protect everyone:
• Never disclose security details, such as your PIN or full banking password
• Don’t assume an email request, text or phone call is genuine
• Don’t be rushed – a genuine organisation won’t mind waiting
• Listen to your instincts – you know if something doesn’t feel right
• Stay in control – don’t panic and make a decision you’ll regret
You can also share these key messages with your clients to help proactively inform them of how they can be more alert to criminal activity.
‘Take Five’ messages can help law firms better tackle the current threats
While these 5 things may seem like common sense, they can help to protect against key industry threats including:
Chief Executive Fraud (or President Fraud)
The term ‘Chief Executive Fraud’ (or President Fraud) refers to a targeted phishing attack, where an individual in the firm is sent a fake email which looks as though it has come from a Managing Partner: “I thought I asked you to do this last week, but Michael has just phoned to say he hasn’t received the money? Please take care of this.”
#takefive : Stay in control – don’t panic and make a decision you’ll regret
Ransomware Attacks
A “ransomware attack” is when a cyber-criminal infects a computer system with a piece of malware, which places a digital blocker on the system so that the victim firm can’t raise an invoice or continue business as usual. This can happen as a result of just one member of staff clicking a link in a rogue email.
#takefive : Don’t assume an email request, text or phone call is genuine
Friday Afternoon Fraud
‘Friday Afternoon’ fraud describes a cyber attack where clients are targeted with phishing emails imitating their solicitor and asking them to transfer their deposit to an alternative bank account. When successful, victim clients are left with no funds to finalise their property transaction.
#takefive : Listen to your instincts – you know if something doesn’t feel right
Top Tip : To help further reduce the risk, you should also make sure your clients are informed of the type of communications and requests you will and won’t make, so they are better positioned to recognise a rogue or unusual request.
Additional Resources
For more information on how to protect your law firm from cyber crime and fraud, visit the Take Five website
You can also read some of our recent blog posts for more on cyber crime:
Have you told 5 people about #takefiveday?
