Being on the wrong end of a successful cyber attack can be a disaster for any professional service firm. It hurts both finances and reputation, so you must do all you can to guard against it.

One of the most common techniques used by hackers is to compromise a firm’s cyber security through email. According to a recent email security report by Mimecast – a leading cybersecurity provider – 91% of firms experienced an email attack in 2019. And the threat is growing – the report showed a 67% increase in impersonation/compromise (spoofing) attacks and a 54% increase in phishing emails.

In the legal sector alone, The Law Society reports that 52% of firms have recently detected an attack, with the most common types being phishing emails, spoofing and malware attacks.

But how exactly do email attacks manifest themselves – and how can you prevent them?

Here’s an explanation of the three main ways that cyber criminals use emails – and advice on how you can protect your firm:



Phishing is defined as the fraudulent practise of sending emails supposed to be from a trusted party. The intention is usually to persuade the recipient to reveal valuable information – e.g. usernames, passwords and financial details.

And it is incredibly common. According to a report from the National Cyber Security Centre, phishing is the most common cyber attack affecting the legal sector. Of course, it’s not just law firms – every person with an email address has dealt with a phishing attempt at some point or another. It takes little skill or technical expertise to attempt this type of fraud, which is evident in the amateurism of most phishing emails. But although most phishing emails are easily spotted, some can be very sophisticated and convincing and lead to large losses when they are mistaken for genuine emails.

The biggest factor in regards to stopping phishing attacks is proper staff training. It’s vital that all your employees are trained on the risk of phishing, know how to spot suspicious emails and what to say and not say in reply to a message.



Spoofing is where a cyber criminal attempts to obtain confidential information from others – e.g. your clients or suppliers - by impersonating your firm. This is often done through sending fake emails, purporting to be from your account and that can even use your domain name. This can obviously have severe implications for your clients and your firm if people respond to a message that, to all intents and purposes, appears to be from your company.

According to 2019 cyber security stats for the UK legal sector, published by The Gazette, 91% of firms are exposed to having their addresses spoofed and then used to send fraudulent emails.

You can counter spoofing by using DMARC technology, which stands for Domain-based Message Authentication, Reporting, and Conformance. This, in basic terms, is technology that detects and flags up any spoof emails that are being sent from your domain, so you can quickly rectify the problem. Without DMARC, it could carry on without your knowledge. Also, cyber criminals are far more likely to target domain names that lack DMARC protection.



Simply put, malware (short for ‘malicious software’) is a programme designed to spy on, or cause damage to, computer systems.

One of the most common ways for malware to enter your system is through staff members opening email attachments. Word, Excel and PDF documents are all used by hackers as a route to embed malicious code within a system, which can then be exploited later. For example, embedded code can be used to copy financial details as they are typed. But the most common type of malware is ransomware, which is when hackers use an embedded programme to encrypt files and data in your system, making it impossible to regain access. Access is only granted after a ransom has been paid.

There are some sensible precautions you can take to guard against malware attacks. The most obvious step is to ensure staff don’t open any email attachments unless they are 100% sure they’re safe. You should also keep your firewalls, anti-malware software and operating system fully updated to prevent cyber criminals from exploiting any vulnerabilities.


In summary

Email remains integral to any business, but its use in crime is an ever-present threat to professional services firms. Phishing, spoofing and malware attacks are among these common threats.

Prevention is the best form of defence, so with a bit of thought and organisation, it is possible to protect yourself from cyber criminals who target you through email. This normally means a combination of tech updates and staff education, which will help keep your firm, your data and your clients safe from the hackers.

For more information on cyber crime risks - and how employees can play an integral role in safeguarding your firm – watch the Oosha webinar on social engineering.

Wayne Barber
Wayne Barber
Managing Director, Oosha

The Legal Tech Virtual Forum: What we learnt

At the beginning of the month, we played host to the Birmingham Law Society’s very first Legal Tech Virtual Forum. Delivered as part of the President’s technology initiative, the event featured over 17 sessions...

Case study: Clarkson Wright & Jakes Solicitors

Law firms face daily pressures in dealing with detailed documentation that must not only be in the correct formats, but that also must be fully secured due to the sensitive data they contain. For the past two y...

Oosha named as one of the top 100 IT Managed Service Provide...

On July 28th, the 2020 annual Channel Futures MSP 501 rankings placed us in the top 100 IT Managed Service Providers (MSPs) globally. When placed in a ranking system which considered revenue figures of provider...


Like what you see?

Join our mailing list to receive the latest insights on legal and accounting technology