As the costs of email hacking continue to rise, the percentage of UK law firms' losses to cyber-fraud has jumped by 40 percent in the last year.
Hazelwoods, a specialist in legal professions,chartered accountants and business advisers says that the value of funds lost from November 2015 to April 2016 amounted to £2.53 million, up from £1.81 million during the same period a year earlier. There has been a sharp rise in the number of attempts by fraudsters to trick law firms into transferring funds to them by hacking email accounts of employees and clients of firms.
Once access to an individual's email account has been gained, usually via a phishing email, fraudsters can email an employee at the law firm asking them to transfer funds to a bank account. If the employee transfers this money, it is generally taken out from the fraudulent account almost immediately, resulting in the virtual impossibility of tracing or recovery.
While losses to cyber-fraud are still relatively modest, they can still amount to more than enough to force closure of some smaller law firms that have fallen victim to attack.
“Cyber-fraud is now a clear and present danger for every law firm. The consequences of losing client funds to email hacking can threaten a firm's existence. Every law firm needs to ensure that all its staff are trained to be vigilant, and treat with suspicion any request for a transfer of funds,” said Andy Harris, director at Hazelwoods.
“Some of these frauds involved the firms' own email accounts being hacked, so all employees need to follow some basic data security rules – don't use easily-guessed passwords, update your antivirus software on a regular basis, and don't log into your email account when you're on public wifi. All staff should also be given training on identifying suspected phishing emails,” Harris concluded.