Only 6% of Law Firms Have DMARC Implemented To Protect Themselves From Email Spoofing

Law firms are failing in their efforts to tackle the rising risk of cyber crime.

Even with £millions continuing to be fraudulently redirected, with the associated reputational impact and knock on effect on professional indemnity insurance premiums, most law firms have not implemented even the most basic cyber security measures.

The research has been undertaken by a leading provider of risk management tools to the legal sector, Lawyer Checker.

In a series of articles we’ll review how firms are failing to implement simple cyber strategies that will protect their business, protect client funds, and communicate a cyber journey to PI insurers.

Our first consideration was the implementation of the Government endorsed Cyber Essentials accreditation which, according to research, has been adopted by less than 10% of the sector.

In our second article we consider the risks associated with email modification and cloning.

Email modification fraud accounts for 72% of all cyber crime reports to the SRA. It is a real threat for all law firms.

In email modification fraud, a criminal will often change the email address in some subtle way and mimic the look and style of the correspondent to elicit a response.

Email spoofing is the cloning of an email address in its entirety. This is a very effective phishing method. The email does not appear in any sent box, the only time the owner of the email will be aware of anything untoward will be if the recipient responds directly.

In both cases, firms can be vigilant to mitigate their risk; it is advisable to introduce both technical and cultural competencies

Cultural competency might be training; making staff aware of the risks from fraudsters and to be vigilant to potential phishing emails.

Technical competencies might be the introduction of specialist software to help mitigate risk.

DMARC is a protocol recommended by the National Cyber Security Centre and prevents cyber criminal spoofing your email addresses and imitating a member of staff.

In a survey undertaken by leading cyber risk specialists Lawyer Checker, just 6% of firms had the DMARC protocol implemented leaving the majority firms at risk.

Find out if your firm is at risk… request a free spoof test from Lawyer Checker and find out more about OnDMARC, Lawyer Checker’s expert implementation of the protocol.

Start your cyber journey with Lawyer Checker today. OnDMARC can be implemented quickly and cost effectively in your business with a monthly subscription. Speak to us about our packages which provide a range of cyber security options.

For more information about our cyber risk products and services please contact us on 0800 133 7127.

This article was submitted to be published by Lawyer Checker as part of their advertising agreement with Today’s Legal Cyber Risk. The views expressed in this article are those of the submitter and not those of Today’s Legal Cyber Risk.

X