Last week a law firm in Texas experienced an unprecedented phishing attack — an email from the firm was sent to all of their clients containing a harmful virus. This incident was not considered to be an inside job.
A cybercriminal managed to successfully infiltrate the law firm’s network and send an infected phishing email to people all over the world. The email was sent from a valid email address and if opened would deploy a harmful virus to the unsuspecting recipient. This malware was engineered to steal banking information and other sensitive data from its victims.
If you have been following our blog you may already know the basics of how to spot common spoofing emails, such as the CFO scam. Spoofing emails will frequently impersonate an email address of a high ranking executive or an employee that has access to sensitive data. These emails have very similar addresses with only one or two letters changed, so that if the recipient is not paying careful attention it will appear that the email was sent from ab employee inside their company. Spoofed emails often request sensitive employee information, documents, or requests for money transfers. Unfortunately, the unlucky individuals that have fallen victim to these spoofs, have cost companies hundreds of thousands of dollars, and in some cases have been left with tarnished reputations.
Being vigilant in paying attention to who and where and email is coming from is extremely important, but what happens if you receive an email requesting sensitive information from a well-known sender? You've checked and are absolutely certain the email address is correct, but there is an unexpected attachment. What should you do?
Pick up the phone and call the sender immediately to verify that the request is legitimate.
The Texas law firm that was attacked and infected had to completely shut down their email and notify their clients of the hack, causing countless billable hours of downtime and a tarnished reputation. Read more about the attack, here. Unfortunately, law firms are increasingly becoming the target of cybercriminals. We always suggest that law firms conduct regular Network Security Assessments, as well as perform continuous training to avoid costly situations like this one.