Login | February 19, 2019

ABA warning of more Internet scams

Technology for Lawyers

Published: June 29, 2018

Really, the folks at the American Bar Association are pretty on top of the tech world these days, and have been for quite some time. This week’s scary warnings from the ABA concern more scams that lawyers and their clients are falling for these days, this time in particular through social media.

Once again, lawyers are called on for special vigilance in preventing attacks against their systems because of the particular information that attorneys hold—both personal and business data.

Calling the scams “Nigerian Prince 2.0”, this updated warning is about social engineering cyberattacks. Social engineering attacks are those that require some kind of human reply to a message, usually an email. The attacks are designed to appeal to the responder’s greed or other form of confusion by replying to a phishing expedition.

A recent ABA article stated that, according to a 2018 Verizon computer security report, “companies are three times more likely to be breached via social attacks than technical failures. Almost all of these attacks will come via email, meaning it is important that attorneys and firm employees act more skeptically when trafficking sensitive information or when opening a particular file or link they see in their inbox.”

Phishing and pretexting, which is creating a false narrative to obtain information (“your bank account has been compromised—click here) are responsible for 98 percent of social engineering attacks.

And these attacks are only increasing in frequency.

Another report published this year by Wombat stated that malware infections via phishing were up 22 percent between 2016-2017. They are also getting more sophisticated, with criminal teams made up of language experts, designers, and other professionals to make the scams seem more and more realistic.

And more expensive. One particular set of frauds involving wire transfer companies netted $3 billion in illegal transfers in 2015 and one can only assume this amount has increased in the last couple of years.

Yeah, I know that we all keep warning you about these scams, but people keep falling for them, so we keep warning you. Email security training has to be a top priority for attorneys and staff. All new staff has to be trained as a basic part of starting the job, and everyone in the firm needs regular refresher courses. So do it.