Being on the wrong end of a successful cyber attack can be a disaster for any professional service firm. It hurts both finances and reputation, so you must do all you can to guard against it.

One of the most common techniques used by hackers is to compromise a firm’s cyber security through email. According to a recent email security report by Mimecast – a leading cybersecurity provider – 91% of firms experienced an email attack in 2019. And the threat is growing – the report showed a 67% increase in impersonation/compromise (spoofing) attacks and a 54% increase in phishing emails.

In the legal sector alone, The Law Society reports that 52% of firms have recently detected an attack, with the most common types being phishing emails, spoofing and malware attacks.

But how exactly do email attacks manifest themselves – and how can you prevent them?

Here’s an explanation of the three main ways that cyber criminals use emails – and advice on how you can protect your firm:



Phishing is defined as the fraudulent practise of sending emails supposed to be from a trusted party. The intention is usually to persuade the recipient to reveal valuable information – e.g. usernames, passwords and financial details.

And it is incredibly common. According to a report from the National Cyber Security Centre, phishing is the most common cyber attack affecting the legal sector. Of course, it’s not just law firms – every person with an email address has dealt with a phishing attempt at some point or another. It takes little skill or technical expertise to attempt this type of fraud, which is evident in the amateurism of most phishing emails. But although most phishing emails are easily spotted, some can be very sophisticated and convincing and lead to large losses when they are mistaken for genuine emails.

The biggest factor in regards to stopping phishing attacks is proper staff training. It’s vital that all your employees are trained on the risk of phishing, know how to spot suspicious emails and what to say and not say in reply to a message.



Spoofing is where a cyber criminal attempts to obtain confidential information from others – e.g. your clients or suppliers - by impersonating your firm. This is often done through sending fake emails, purporting to be from your account and that can even use your domain name. This can obviously have severe implications for your clients and your firm if people respond to a message that, to all intents and purposes, appears to be from your company.

According to 2019 cyber security stats for the UK legal sector, published by The Gazette, 91% of firms are exposed to having their addresses spoofed and then used to send fraudulent emails.

You can counter spoofing by using DMARC technology, which stands for Domain-based Message Authentication, Reporting, and Conformance. This, in basic terms, is technology that detects and flags up any spoof emails that are being sent from your domain, so you can quickly rectify the problem. Without DMARC, it could carry on without your knowledge. Also, cyber criminals are far more likely to target domain names that lack DMARC protection.



Simply put, malware (short for ‘malicious software’) is a programme designed to spy on, or cause damage to, computer systems.

One of the most common ways for malware to enter your system is through staff members opening email attachments. Word, Excel and PDF documents are all used by hackers as a route to embed malicious code within a system, which can then be exploited later. For example, embedded code can be used to copy financial details as they are typed. But the most common type of malware is ransomware, which is when hackers use an embedded programme to encrypt files and data in your system, making it impossible to regain access. Access is only granted after a ransom has been paid.

There are some sensible precautions you can take to guard against malware attacks. The most obvious step is to ensure staff don’t open any email attachments unless they are 100% sure they’re safe. You should also keep your firewalls, anti-malware software and operating system fully updated to prevent cyber criminals from exploiting any vulnerabilities.


In summary

Email remains integral to any business, but its use in crime is an ever-present threat to professional services firms. Phishing, spoofing and malware attacks are among these common threats.

Prevention is the best form of defence, so with a bit of thought and organisation, it is possible to protect yourself from cyber criminals who target you through email. This normally means a combination of tech updates and staff education, which will help keep your firm, your data and your clients safe from the hackers.

For more information on cyber crime risks - and how employees can play an integral role in safeguarding your firm – watch the Oosha webinar on social engineering.

Wayne Barber
Wayne Barber
Managing Director, Oosha

Why the Cloud is the saviour of business continuity

Every business in virtually every industry you can think of has had its world turned upside down by the Covid-19 pandemic. And as the lockdown has progressed, it’s become increasingly clear that things won’t be...

Remote working for risk-averse law firms

Legal practices are relaxing their traditional caution to take advantage of the numerous benefits of remote working. Benefits that can easily be undone by inadequate security. In this blog, we look at the advan...

How law firms can benefit from Office 365

In the past, there has been some resistance within law firms to using cloud IT solutions. But that is now eroding as more and more firms realise the potential offered by cloud-based platforms like Office 365. L...


Like what you see?

Join our mailing list to receive the latest insights on legal and accounting technology