The Police Service of Northern Ireland Cyber Crime Centre have alerted the Law Society of Northern Ireland to the continued use of compromised email accounts and mail forwarding as a means of potentially exploiting local firms and their clients.
COMPROMISED EMAIL ACCOUNTS
This type of attack typically involves an email user compromising their account by entering a password to view a supposed secure document or invoice thus granting the 3rd party access to their email account.
Quite often this initial request can come in the form of an email from a previously compromised account holder in your contact list making it a genuine email for the purposes of many email filtering tools.
Once compromised, the 3rd party may spam your internal and external contact lists but the Cyber Crime Centre have advised the creation of a mail forwarding rule is being seen as a means of ensuring access to all incoming emails is maintained even after a password change is made.
Depending on the content of any incoming emails received by the compromised account and thus forwarded to the 3rd party, members or their clients may find themselves subject to attempted frauds, malware attacks or data losses, incidents which may result in a requirement to report to the Information Commissioners Office.
While the nature of this attack may change, key to protecting any firm or client is the existence of internal procedures covering the transfer of funds.
RECOMMENDED ACTIONS
The PSNI would strongly recommend members/Solicitor firms do the following:
- Ensure clients and all staff are aware that they will never send or accept a change of bank account details by way of email.
- Any such email received should be notified in person or by way of a phone number previously disclosed.
- Reasonable steps such as placing disclaimers on contracts, websites or letters should also be considered.
- Users should also take steps to regularly check no unauthorised mail forwarding rules have been established on their accounts.
As always if in doubt contact your IT service provider for advice and guidance