Protecting Yourself and Your Clients with Secure Email
You may have noticed receiving more “Risk Management Alerts” from Lawyers Mutual recently due to a renewed wave of email fraud attempts against lawyers. The two most prominent issues were wire instruction fraud and phishing scam pretending to be bar communications.
How does a lawyer protect themselves and their clients with so much malware out to get them? One of the easiest ways is to use a secure email service.
What is secure email?
Secure email essentially means that an email travels from sender to recipient without interruption, alteration, or interception. It allows the recipient to be sure of the sender’s identity and the validity of any attachments to the email.
Why Free Isn’t Enough
Generic email services don’t offer complete protection. Generic services, refers to free accounts, such as Gmail and Yahoo. Paid “Gmail for Work” and “Ymail” accounts have higher security measures in place to protect your confidential information.
Obviously the disparity in security is because these services want you to pay for their products. In the world of email security, you really do get what you pay for.
Always keep in mind that your password is part of your email security system. Many users of free email services have a weak password that could easily be discovered in a hacking attempt.
The Difference between Hacking and Spoofing
An email account can be spoofed or hacked. Spammers use both to send malware to unsuspecting recipients.
A spoofed email is not from who it claims to be. The email address is wrong, often one small change, but that may not be enough to catch in a quick glance. Spoofed emails are often detected by spam blockers because they include suspicious links and email domains.
A hacked email account is more dangerous because the email is coming from a known source. The owner of the account is no longer in control of it after a successful hacking attempt. If the email has been whitelisted, your spam blocker won’t even look at it to see if it has malware attached to it.
Both hacking and spoofing attempts have targeted law firms. In some instances, a spoofing attempt follows a successful email hacking, especially when they are trying to scam firms out of trust account funds using information obtained from hacked emails.
Safe Practices to Keep Data Secure
While there is no 100% guarantee that our data will be safe and secure forever if the world’s best hackers want it, we can do our part to make sure the disgruntled guy in a coffee shop can’t get his hands on it without making a serious effort. In most cases, the disgruntled guy will just look for another target.
- Keep your virus scan and spam filters up-to-date. Have these set to automatically update if possible. It’s better for your computer to be slow in the morning than your virus definitions to be behind and miss a dangerous bug.
- Invest in a more secure document delivery system. This could be upgrading to a more expensive email or system or adding a document sharing service like ShareFile. If you choose DropBox, use a paid version as it includes more security measures.
- Train staff on safe email procedures. Your email is only as secure as the users let it be. Anyone in the office can click a link or open an attachment that compromises the entire system. Teach staff to identify suspect emails and consider limiting access to confidential information if at all possible.
For more information regarding additional encryption related topics (laptops, flash drives, smartphones, etc.) check out Encryption Made Simple for Lawyers written by Ries, Nelson, and Simek from the Lawyers Mutual lending library.
About the Author
Samantha Cruff
Samantha Cruff is the Marketing Communications Coordinator at Lawyers Mutual. Contact Samantha for information regarding our available risk management publications at 800.662.8843 or samantha@lawyersmutualnc.com.
Read More by Samantha >