« Back to All Posts

Top Three Email Tricks Law Firms Should Watch Out For

December 13, 2020

Top Three Email Tricks Law Firms Should Watch Out For

More and more of our support tickets from our law firm clients come in regarding email credibility. Thankfully, employees have become more vigilant in looking over emails before opening links or responding to calls to action (i.e. wire transfer, sending of funds or gift cards).

Even with employee education developing many more critical eyes, we still see clients lose money or compromise sensitive data and assets because of spoof emails, which look legitimate but aren’t.

Trick #1: Spoof Emails

Hackers are well-versed in writing emails that look legitimate. Typically the spelling of companies or contacts are close to correct and domain names seem accurate. The goal — of course — is to lure employees into believing their email messages are real and must be responded to.

In our personal lives, these emails often impersonate trusted brands like Disney, Apple or Amazon. In our professional environments, they may emulate payroll companies, HR messages concerning time off and delivery notices.

According to Forbes Magazine, more than 3 billion spoof emails are sent every single day. That’s a tremendous amount of scanning and legitimizing for each of us to do. Don’t rely on the display name of the email address. If you question the email’s origin, double click the contact name at the top of the email and confirm the address for legitimacy (i.e. the right name, the right domain name spelling). A fraudulent email may be close to the original address or not close at all. This quick tip may save you in the long run.

Trick #2: Phishing Attempts

Cybersecurity incidents have skyrocketed since the onset of COVID-19, when many employees shifted their workspaces and network perimeters instantly grew exponentially.

Hackers have taken notice and have stepped up their attempts to lure in employees through fake emails and links, also known as phishing. In the second quarter of 2020, nearly 150,000 unique phishing sites were detected. Although that number is trending down slightly, the sheer volume of compromising sites is astounding.

In a new twist, cybercriminals are employing new keywords like “coronavirus,” “COVID-19” and “stimulus” to get the attention of potential victims.

Trick #3: Relying Solely on Technology

One of the best tools to protect your law firm is to migrate your email to Microsoft 365, which includes a suite of services that are cloud-based and wildly popular for business.

For our clients, we ensure 365 options are set to the highest levels of email oversight, while still protecting productivity and efficiency. But — like all technology — it’s not perfect.

As much as we want technology to quick-fix every issue in our businesses, we have to steel ourselves to protect against human oversight as well. Technology is only as strong as its users.

Staff education for lawyers, paralegals and support staff is critical and can even be offered remotely on-demand to accommodate today’s work-from-home and hybrid workspaces. Educating your employees annually or biannually has been proven to protect against attacks, lowering all risk factors.

Law firms especially should take employee training seriously, as the data you store is confidential and sensitive. And if you work in corporate law in any way, the compliance requirements of your clients could become your own.

Specialists in Law Firm IT Security

Contact us to discuss how to start training your employees to protect your data and assets.  We specialize in offering a comprehensive suite of IT services exclusively for lawyers and their companies.

Give us a call today at 800-554-4166 or send us a secure message on our website. We look forward to the discussion.