Byte of Prevention Blog

by Jay Reeves |

Does Your Spam Filter Have Fatal Holes?

Pin on Pinterest Share on Google+ Share on LinkedIn

If you’re relying solely on your email spam filter to ward off phishing attacks, you’re making a mistake.

That’s true even if your filter blocks the overwhelming majority of dangerous messages.

“It may seem acceptable that your spam filter stops 97 percent of the phishing attacks directed at your organization until you realize that thousands of pieces of spam are hitting your filter every day,” writes cybersafety expert Steven Freidkin for Technically. “A 97 percent success rate on 1,000 messages means that 30 potential viruses made it into your users’ mailboxes!”

The solution: train your staff on phishing prevention, and then back it up with advanced endpoint protection.

Emerging Threats, Excellent Solutions

You’ve heard it a hundred times: it’s not if your law office will experience a cyber-attack, it’s when. And increasingly, the bad guys are targeting solo and small firms, not only because they lack the defenses of larger practices, but also as a conduit to bigger targets.

Making matters worse, the attacks are intensifying.

“Organizations that would have seen one attack a year are now experiencing them on a weekly or monthly basis,” writes Friedkin. “As the threat landscape changes, businesses need to evolve quickly and aggressively to protect themselves and their clients.”

Here are five trends – and five solutions – Freidkin says you should know about:

  • Trend 1: Attackers are targeting small operations in order to get at their larger partners. “Two recent examples are LabCorp and Quest, both of whom had customer data compromised by hackers penetrating their smaller sub-contractors.” The solution: Use Multifactor Authentication (MFA) to verify a user’s identity before allowing access to online applications. Unfamiliar with MFA? It’s the system your bank uses when you re-set your password and a special code is sent to your phone. You have to enter the code before you can log in.
  • Trend 2: Phishing is getting more sophisticated. One wrong click can wipe out your entire system. The solution: regular in-house training. “Well-trained employees are your first line of defense. Phishing prevention training will provide your employees with monthly simulated phishes, teaching them how to recognize the little clues, which are sometimes very subtle, that can help identify an attack.”
  • Trend 3: Basic anti-virus software is not getting the job done. “The problem is that this software is simply not agile enough to stop many of the modern phishing or ransomware attacks.” The solution: don’t give employees local administrative rights on their computers. “Viruses rely on a user’s access privileges, so restricting your employees’ access to the bare minimum to do their work also restricts the harm that a virus can do.”
  • Trend 4: Ransomware and other viruses call for an extra layer of protection. The solution: advanced endpoint protection. “This will protect your end-user devices both inside and outside your firewall, including laptops and other mobile devices that remote and traveling employees use daily.”
  • Trend 5: The bar for “baseline protection” has been raised. MFA and phishing training are now minimum standards. The solution: stay up on best practices. “Organizations in regulated industries such as finance, government contracting, healthcare or law are advised to take a hard look at additional measures such as intrusion detection and advanced endpoint protection.”

 

A final tip: purchase cybersecurity insurance. Lawyers Insurance, the official agency of the NC Bar Association, can provide cyber liability coverage to suit your needs. Contact Lawyers Insurance online or at 1-800-662-8843.

About the Author

Jay Reeves

Jay Reeves practiced law in North Carolina and South Carolina. He was Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual. He is the author of The Most Powerful Attorney in the World, a collection of short stories from a law life well-lived, which as the seasons pass becomes less about law and liability and more about loss, love, longing, laughter and life's lasting luminescence.

Read More by Jay >

Related Posts

LM Portal Access your LM Portal for policy information and forms.
Need Insurance? See the difference service can make.
Payment Due? Make an online payment now.
Lawyers Mutual NC Logo

Get In Touch

Lawyers Mutual Insurance Company
1001 Winstead Drive, Suite 285

Cary, NC 27513

919.677.8900
 | 
1.800.662.8843

Fax: 919.677.9641

Latest Alerts

The Corporate Transparency Act: What North Carolina Law Firms Need to Know

Lawyers Mutual has published previous alerts regarding the new filing requirements under the Corporate Transparency Act (“CTA”) that went into effect January 1, 2024. After reviewing additional resources, we want to emphasize concerns that we have about the risks and increased potential liability for lawyers undertaking the reporting requirements. This is especially true for the continuing reporting requirements after entity formation and initial reporting.  

Learn More

eCourts Expansion Announced for 2024

The North Carolina Administrative Office of the Courts (NCAOC) recently announced additional go-live plans for counties transitioning from paper files to Enterprise Justice (Odyssey), which currently serves Harnett, Johnston, Lee, Mecklenburg and Wake counties. Twelve northeastern counties comprising Track 3, as previously announced, will go live on February 5, and 10 counties comprising Track 4 (Alamance, Chatham, Durham, Franklin, Granville, Guilford, Orange, Person, Vance and Warren) will go live on April 29.   

Learn More