Examining Phishing in Law Firms: Tips for Attorneys to Combat Cybersecurity Attacks

Cybercrime is a real and constant threat for any business, and news of cybersecurity incidents has become almost commonplace. In this environment, cybercriminals view law firms as attractive targets, as they are typically at the center of most complex business deals and financial transactions and can also host vast amounts of personal information. Needless to say, lawyers must establish safeguards sufficient to secure client and employee information, consistent with their ethical obligations.  

Perhaps the most widespread threat comes from phishing attacks and scams. These attacks can come in many forms, including through emails, texts, or over the phone, and because they typically masquerade as coming from a legitimate source, they can be difficult to detect. The goal of any phishing attack is the same: get the target to click on a link or attachment or give away confidential information. The key to combatting phishing attacks is education and awareness. Having knowledge of the tactics employed by scammers will better prepare you to avoid falling victim to a scam.   

Our goal for this course is to discuss the importance of cybersecurity in the practice of law along with the ethical obligations presented and to raise awareness of the threats posed to law firms from phishing attacks.   


Learning Objectives: 

1. Discuss why cybersecurity is important to the practice of law and examine a lawyer's ethical obligations associated with cybersecurity
2. Examine the anatomy of phishing and business e-mail compromise attacks
3. Gain helpful tips on how to spot a phishing attempt