The National Cyber Security Centre (NCSC) has revealed they’ve stopped 140,000 phishing attacks and taken down 190,000 fraudulent websites, in its annual report.
One case they highlighted, saw holiday makers targeted via bogus emails, supposedly sent from a UK airport. The failed attempt saw 200,000 emails asking members of the public to pay a small fee in return for a larger refund.
The scam, using a fake gov.uk address, was thwarted meaning it never reached it’s intended recipients.
Phishing attacks can target any sector. Just last week, it was reported that a first-time buyer was conned out of £67,000 by a fraudster pretending to be his solicitor.
Research conducted by Sophos entitled: ‘The Impossible Puzzle of Cyber Security‘, showed that phishing is still the most common cyber attack, with 53% of UK respondents falling foul to them last year.
Preventing phishing attacks is possible, but requires cyber defences being toughened by introducing the Domain-based Message Authentication, Reporting & Conformance (DMARC) protocol.
“The DMARC protocol prevents a criminal from impersonating an organisations email address. On this occasion the criminal has sent an email purporting to be from the airline. Too many businesses especially law firms are leaving themselves exposed to the criminals exploiting this gap. Criminals can see whether a firm or any organisation has DMARC implemented. The fact that the NCSC managed to stop 140,000 phishing emails shows how effective DMARC can be.”
Email/impersonation fraud is a law firm’s biggest risk and has been a lucrative business for cyber criminals in recent years.
To safeguard yourself from email modification/impersonation fraud you should install Lawyer Checker’s DMARC’s service. This sophisticated web-based system effectively secures your firm’s email by actively blocking phishing attacks and preventing 3rd parties from impersonating your email domain to any recipient such as your clients and employees.
With the SRA confirming that everybody is now 20 times more likely to be a victim of cyber crime than a victim of in-person crime and the NCSC identifying the legal sector as a top target for cyber criminals – it’s crucial to implement a positive cyber culture in the workplace that cascades from the top down.
We'd like to demonstrate how easy it is for someone to send an email purporting to be you from your domain.
To request your free spoofing test please leave your details and a member of the team will be in touch.
REQUEST YOUR FREE SPOOFING TEST
