The Legal Society urged lawyers to ensure preventive measures are taken to combat cybercrime after a successful cyber attack led to some clients of a lawyer making money transfers to a fraudster’s bank account.
In response to the attack, the community said: “No company is immune to any cyber attack, but preventative measures can and should be taken to protect IT systems.”
Lawyers have been specifically targeted by cybercriminals because they often keep large amounts of money in their clients’ bank accounts as well as sensitive personal data.
The law association said Monday that it recently learned of an attack started by a lawyer who clicked on a link in an unexpected email received from a fraudster.
The association said on its website that, like previous attacks, the lawyer was unaware of the hack. This means that the hacker was able to stalk the inbox and create rules to automatically divert emails from specific clients. The hacker also created a new email address very similar to the lawyer’s email address, which enabled the hacker to contact the customer directly.
By reviewing the emails, the scammer was able to identify several transactions that were about to take place and emailed the concerned customers looking to transfer funds to an out-of-state bank account.
The clients then made the transfers to the hacker’s bank account.
In response to the attack, the association told The Irish Times: « We know our members are vigilant about the importance of cybersecurity measures and regularly engage in our training and guidance on this issue. »
She added that as business methods continue to evolve, many law firms are investing and upgrading their IT systems to ensure continued service to clients.
The association recommended that attorneys and their support staff be suspicious of any unsolicited or unexpected emails and should treat any attachments in such emails with suspicion and confirm their validity with the sender before opening them.
It also recommends that attorneys inform their clients that bank account details will never be provided by email, and if they are, they should be assumed to be fraudulent.
Clients must be informed that the attorney is prohibited from maintaining a client’s bank account outside the country and must inform the attorney immediately of any request to send money abroad and not act upon it.
According to the annual survey of Irish law firms published last November by professional services and wealth management firm Smith & Williamson, most of the 20 largest law firms here reported cyber attacks on their systems in 2021.
About 62 percent of smaller Dublin firms, and 74 percent of regional firms, have not reported any such activity.
Among those surveyed, 27 percent considered cyber risks as one of their biggest challenges over the next three years.
According to a recent report by Grant Thornton, the economic cost of cybercrime in Ireland in 2020 was around €9.6 billion.
« Spécialiste de la télévision sans vergogne. Pionnier des zombies inconditionnels. Résolveur de problèmes d’une humilité exaspérante. »