Examining Phishing in Law Firms: Tips for Attorneys to Combat Cybersecurity Attacks (Update)

Cybercrime is a real and constant threat to any business, and news of cybersecurity incidents has become commonplace. Cybercriminals view law firms as particularly attractive targets, as they are typically at the center of most complex business deals and financial transactions and can also host vast amounts of personal information. For this reason, among many others, lawyers must establish safeguards sufficient to secure client and employee information consistent with their ethical obligations.  

Perhaps the most widespread threat comes from phishing attacks and scams. These attacks can come in many forms, including through emails, texts, or over the phone - and because they typically masquerade as coming from a legitimate source, they can be difficult to detect. The goal of any phishing attack is the same: get the target to click on a link or attachment or give away confidential information.  

Our goal for this course is to discuss the importance of cybersecurity in the practice of law along with the ethical obligations presented and to raise awareness of the threats posed to law firms from phishing attacks.

Learning Objectives:

1. Discuss why cybersecurity is important to the practice of law and examine a lawyer's ethical obligations associated with cybersecurity

2. Examine the anatomy of phishing and business e-mail compromise attacks

3. Gain helpful tips on how to spot phishing attempts