Cyber-attacks are growing globally and it is now more important than ever to protect your firm from such threats. This is even more crucial for law firms and government institutions because they mainly deal with sensitive and confidential data. A recent study from 250ok shows that majority of global law firms are not prepared to protect themselves against cyber-attacks. Law firms need to do more to strengthen email security because 91% of cyber-attacks begin with a phishing email.
What is phishing?
Lax email security can lead to phishing emails in your inbox. Phishing is a form of fraud in which the attacker disguises himself as a reputable entity or person in electronic communication. The attacker will normally do this to gain access to sensitive information such as passwords, credit card details, money, identity information, etc. Typically the assailant will provide access to a fake website which may look identical to the legitimate one where the URL of the website is the only thing to differentiate the fake one from the original. Social websites, financial institutions, online payment processors or IT administrators are all examples of platforms that are used to exploit users. Based on the same study by 250ok, it is believed that only 3% of law firms have evaluated this risk and taken precautions to improve email security. Even though, most consumers are aware of this phenomena, almost 40% of them still fell victim to phishing attacks last year.
How can you improve email security?
You can protect your firm from phishing attacks by putting strong email authentication measures in place. The study from 250ok argues that DMARC (Domain-based Message Authentication, Reporting and Conformance) is the “gold standard” in email authentication. DMARC makes it easier for email users to identify whether or not a given message is legitimately from the sender and safeguards if it is from a fraudulent source. This process simplifies email authentication and protects your inbox from spam and phishing messages.
Some studies show that the annual worldwide impact of phishing emails could be as high as USD $5 billion. The U.S Department of Homeland Security has made DMARC protocol compulsory for all federal agencies within the United States of America.
A better alternative…
DMARC protocol will definitely help your firm improve email security if you don’t have any security measures in place but it may not be enough on its own. The best solution for complete protection is to combine DMARC with Mimecast’s Targeted Threat Protection – Impersonation Protect. This allows incoming messages to be analyzed to determine legitimacy before being delivered to your inbox. DMARC to Mimecast ‘s security portfolio helps users protect their domains as well as filter and flag any unauthenticated senders, which leads to improved security for all Mimecast customers.
For more information on cyber-attacks and phishing, click here. To get a quote on services for Mimecast or to simply learn more about the product, call us!
Faraz Mehmood is a Sales & Marketing Coordinator at Triella, a technology consulting company specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium sized firms. Faraz can be reached at 647.426.1004. For additional articles, go to www.triella.com/publications. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Kaspersky Reseller.
© 2018 by Triella Corp. All rights reserved. Reproduction with credit is permitted.