It’s not news that phishing attacks are the spearpoint of most breaches. It is alarming, however, to consider the implications for law firms, legal services firms, and professional services companies.
According to one study, 40% of law firms are unaware when breaches happen.1 Another report showed that 62% of the top 100 global law firms have subpar email authentication, the outer layer of phishing defense.2
The most dramatic attack to date is the Panama Papers hack. Starting with a phishing email, hackers penetrated the Panama-based law firm of Mossack Fonseca. While the attack is famous for exposing unsavory offshore accounts, it’s a legitimate reminder that lax security comes at a price. Some 11.5 million confidential documents were leaked.3
In a more recent phishing attack, a multinational law firm lost access to its data thanks to a ransomware strike.4 When hackers break in, they can misuse data in countless ways, for example, misdirecting money from trusts or settlement funds or impersonating firms and sending fake invoices to clients. When breaches make the news, they hurt business reputations and incite clients to flee.5
Cofense delivers solutions that train employees at all levels to spot and report phishing so security teams can stop it in its tracks.