It seems that hackers are on the prowl for sensitive information that your law firm has. The AP reports that the FBI has sent out an advisory that warns law firms and PR companies that there is a complex emailing scheme going on that steals their data. The FBI has said that this scheme is just part of a larger growing trend.
The compromises in cyber security typically comes from what is known as "spear phishing". According to the FBI's official website, this is defined as a virtual trap set up by hackers who send out offical looking emails in order to lure you to fake websites in the hopes that you will reveal your personal information. Spear phishing specifically targets a group that has something in common. For example, a group of employees from the same company, bank at the same bank, or attended the same alma mater.
Apparently the hackers are focusing on law firms because they have confidential information on companies that are working on major international deals. These deals can range from opening a new factory to patent applications on new technology. Law firms that represent these companies are vulnerable to hackers who want this information. The hackers want to know the company's play by play. The best way to do that is to target the law firm's documents.
This new scheme illustrates a shift in the hacker world. The FBI has indicated that these new spear phishing attacks have been part of transnational rings versus lone hackers. The FBI has urged law firms to take appropriate steps to protect their clients' confidential data.
The spear phishing emails may not necessarily be able to hack into an operating system, but they do contain dangerous links or attachments that do. The attachments or links can be as innocuous as a photo attachment.
The FBI writes: "Spear phishing can also trick you into downloading malicious codes or malware after you click on a link embedded in the e-mail...an especially useful tool in crimes like economic espionage where sensitive internal communications can be accessed and trade secrets stolen."
How Does Your Law Firm Stay Safe?
Some recommendations from the FBI in order to keep your computer safe from spear phishing are:
- Keep Your Firewall Turned On
- Install or Update Your Antivirus Software
- Install or Update Your Antispyware Technology
- Keep You Operating System Up to Date
- Be Careful What Download
- Turn Off Your Computer
If you want to learn more about this topic, please visit our Related Resources links.
- How can I protect my password(s)? (Findlaw)
- Microsoft's Malvertising Lawsuits Try to Find Hackers (Findlaw's Courtside Blog)
- Online Protection for Your Company's Confidential Information (Findlaw's Free Enterprise Blog)
- DOJ: Hacker Stole 130 Million Credit Card Numbers (Findlaw's Blotter Blog