The Rules of Professional Conduct are clear: “A lawyer shall not reveal information relating to the representation of a client…”When lawyers fail to protect themselves from computer security breaches, they also fail to protect their client. But other than using antivirus software, many lawyers don’t know what they should be on the lookout for.
Phishing scams are one of the most common email based attacks. These fraudulent emails appear to be from a legitimate website – Google, Yahoo!, Amazon, or even your bank – and ask you to provide personal information such as your username, password, or bank account info. To protect yourself from these scams, you should never respond to requests for your password via email. Also, avoid using links included in suspicious emails. Links may appear to take you to a trusted site, but really direct you to another. Instead of following the link, simply type the name of the site in a new window. Click here to read more helpful tips for spotting a phishing email.
Other steps you should take to protect yourself from cyber security threats may seem a little obvious, but not following these strategies has gotten many users (lawyers included) into a lot of trouble. Some common sense tips from the DHS:
- Set secure passwords and do not share them with anyone. For help crafting a strong password, read these tips or simply use the Strong Password Generator.
- Update your operating system, browser, and anti-virus software.
- Be cautious when opening attachments. Retailers do not typically send emails with attachments. If you have any doubt, contact the retailer directly and ask if they sent the email attachment.
Reporting these scams will help stop their spread. Most email providers, including Gmail and Yahoo! have forms that allow you to report suspected phishing scams.