Cyber security

Unfortunately, lawyers and clients are a target for cyber criminals. Here are some things you can do to help protect yourself from cyber security and fraud:

  • Use two factor authentication for all online accounts where possible. This means that along with your username or email address and password, you will also need another type of "key" to gain access to your account. Sometimes this is a physical token that you plug into your computer, or one that provides you with an ever-changing passcode. It could also be in the form of an app on your phone, an SMS text message, or backup codes you can print out and keep in a safe place. Even a website that asks you to answer a secret question in addition to providing your password is better than nothing.

  • If you need to pay something or someone and you receive payment instructions by email or other electronic means, call the person you are supposed to be paying (on a phone number you can independently verify, not a phone number provided in the same email as the payment details) and verbally confirm the details of the account you are to pay funds into. This includes if you need to pay me and I haven't given you payment instructions in writing on a piece of paper.

  • Be careful about clicking links in emails or downloading attached files. Check that you know the sender and you trust them before opening any emails or clicking any links or attachments. Check email addresses carefully, as hackers can easily impersonate a trust email address. For example, admin@rjtlaw.com.au looks very similar to admln@rjtlaw.com.au

  • Do not share personal information online, such as your full name, address or date of birth, who you bank with, your phone number, etc. Criminals can piece together these pieces of information to help them steal your identity.

  • Keep your computer and phone up to date with the latest software updates, which often provide increased security.

  • Install anti-virus software.

  • Use unique, hard to guess passwords, and change them often. Use a password manager to keep a record of them all so you don't have to store them written down somewhere.

If you think you may have been tricked into making a payment to an unintended recipient, the first thing you should do is call your bank as they may be able to stop the payment before it is processed. Then contact the intended recipient to confirm payment instructions. You may also like to report the matter to the Australian Cyber Security Centre. Other things you can do include running a virus scan on your devices, changing your passwords, notifying your other banks and other online accounts, and also advising your friends, family and social network connections to be on the lookout for anything strange, particularly anything purporting to be sent by you.

If you would like to discuss any cyber security concerns you have further, please do not hesitate to contact me.