These challenging times bring out the best in people, and unfortunately, the worst in some. The worst can be seen more and more in the increase of phishing attempts during Coronavirus (COVID-19) pandemic.
For attorneys and law firms alike, the impact of phishing is often devastating, causing not just unprecedented business interruptions, but also potentially exposing sensitive data, including confidential client information, business secrets, privileged documents and the like to theft and loss.
And the potential for accidental exposure is all the higher with many legal professionals now working from home, accessing confidential information remotely, with so many more emails filling their inboxes, and complicated further by the randomness of juggling family, work and community obligations simultaneously. Law firms have always been a rich source for malicious hackers, and so, especially in the current pandemic, lawyers and law firms need to be even more diligent with their security practices.
The SANS Institute, one of the most well-respected information security organizations, released great tips on how to message internally in your organization about the heightened security threats during these trying times.
Lawyers will be best suited to heed the advice of their internal IT Security departments related to phishing attempts during this Coronavirus pandemic, and take into consideration the following tips with respect to emails:
- Be super aware and extra diligent about emails you receive and take another minute to ensure that the email looks legitimate.
- Look at the links in the email (but do not click them until you are sure) – you can hover over a link to see where it actually points.
- Look at the sender’s name and address and read every character carefully – many times malicious actors will sneak in an extra character to an email address or URL.
- Just because an email comes from someone you know, it may have been from someone that was hacked so please keep that in mind as well.
The more aware lawyers are of the heightened phishing and other malicious attempts during the Coronavirus outbreak, the better off they will be for preventing inadvertent damage to their systems and to their clients’ data.