Making it easier to grow your law firm


This section covers succession, specialisation, mergers, selling a law firm, becoming a partner, and business structure

How to plan and execute the process of starting up a new legal practice that is compliant and financially healthy

How to set up your firm’s systems to provide the information that enables you to improve profitability and cashflow

How to avoid professional negligence claims, with examples of common problems and suggested solutions. Plus FAQs on PII

This section only covers SRA Accounts Rules and GDPR at the moment. Compliance for start-ups is covered in the Starting up...

How to protect your law firm from cyber attacks. What steps to take if your systems are hacked

How to recruit and retain a team that is both happy and highly effective, dealing with the HR issues along the way

In marketing, like anything, you need to get the basics right. Otherwise the time and money you invest in marketing will be wasted

How to win new clients, make the most of existing relationships, encourage referrals and generate new leads

How to approach creating a law firm website that works, from agreeing your objectives to making sure you get the results you want

Why lawyers need to know about social media, how to make the most of the opportunities and how to avoid potential pitfalls

How to use PR to build your firm’s reputation; and how to create cost-effective advertising – traditional and online – that delivers results

Cyber fraud - is your law firm prepared?

Darren CableDarren Cable, Lloyds Bank Area Director for the legal sector in London, explains why law firms are targeted by internet fraudsters and what you should be doing to protect the firm. (Updated 12 June 2023)

It's not difficult to understand why fraudsters consider law firms to be an attractive target. With significant client balances held in call accounts, fraudsters who identify a weakness in a firm's controls and processes can potentially steal huge amounts.

Law firms have access to large sums of electronic money and the large volumes of genuine transactions can make fraudulent payments difficult to spot. Fraudsters also know the busiest days to strike, such as a Friday which is busy for conveyancing firms. All of this puts the legal sector towards the top of a fraudster's hit list.

The remote, faceless existence of an internet fraudster means that online attacks can be hard to detect, particularly for unsuspecting employees who are not aware of current threats. As digital technology advances, fraudsters continue to develop new, increasingly sophisticated uses of technology to steal funds.

Headshot of Jonathan Ashley"Cybersecurity is now a central plank of law firm strategy. It is not only an essential defence ... these days it can be part of a firm's competitive advantage."
Jonathan Ashley, co-founder, etiCloud

How do cyber frauds target law firms?

Malware (malicious software) describes software which is deliberately designed to deceive a computer or its user. For example, malware might allow a fraudster to secretly and remotely view information on the firm's computer network, or capture keystrokes and passwords which could be used to access online bank accounts.

Malware is not only used to carry out attacks. Malware is also widely used for reconnaissance work beforehand – to increase the likelihood of a successful attack – and for cleaning up the 'crime scene' on the firm's computer network before disappearing, leaving no trace.

Many cyber frauds start with a phishing email, disguised as a genuine email message. This is specifically targeted to capture secure information or to trick the recipient into downloading malware. These emails are often made to look like they've been sent by your bank and may contain hyperlinks to fake websites or attachments containing malware.

This type of malware severely restricts access to a computer, device or file until a ransom is paid by the user. Ransomware has the ability to lock a computer or encrypt files. A demand is then displayed informing the user that the system will not be unlocked until a sum of money is paid. A deadline is usually imposed for the ransom to be paid, after which the code to decrypt the data will be deleted and the data will not be recoverable.

Cyber extortion
This occurs when a fraudster issues an online threat and demand to a potential victim. As with ransomware, the demand is usually aimed at forcing a payment to the fraudster, typically in a digital currency such as bitcoin. Threats vary but have included fraudsters stating that they will leak confidential data about a firm's clients on the internet, and threats to post thousands of defamatory comments on a review site causing reputational damage.

Impersonation frauds
Typically these are emails disguised to look as if they have been sent by a known beneficiary of the firm, quoting alternative bank account details for a settlement or payment that is due to be paid. Fraudulent emails can also target your clients, falsely advising them that your firm has changed the details of the account to which clients need to send funds.

Another common impersonation fraud is where an employee receives an email – apparently from a senior person within the firm – asking for an urgent and confidential payment to be made. With any of these types of impersonation fraud, any payments sent to the fraudster's account are likely to be lost.

You can find more fraud guidance from Lloyds Bank and from the government-backed Take Five campaign.

Protecting the firm against cyber fraud

  • Have a good quality anti-virus software suite. Update regularly to the latest version.
  • Carry out operating system updates and other software updates (such as Adobe, Microsoft Office) as soon as they become available.
  • Don't rely on a phone's caller display to identify a caller. Fraudsters can make the phone's incoming display show a genuine number.
  • Never divulge online banking passwords or online banking secure codes to anyone on the telephone or via email – even if you think it's the bank contacting you.
  • Establish a programme of making regular back-ups, ensuring that your most important files are copied most frequently and to a location not permanently connected to your network. This will enable machines and systems to be restored in the event of infection, without a significant impact. Regularly test the recovery process.
  • If you are targeted, retain original cyber extortion emails. Maintain a timeline of the attack, recording the times, type and content of all contacts. Report it to Action Fraud.
  • Have a documented process which ensures that email requests to set up or amend payment details are verified as genuine. Employees should use known contact details other than e-mail to make these checks. The same caution should be applied to all payment-related emails from both external and internal sources.
  • Ensure employees are aware of the risks associated with malware and the typical ways malware can get onto a device.
  • Consider controlling access to removable media devices (such as USB drives). Ensure that all media are scanned for malware before files are imported onto any of the firm's systems.

Responding to the increasing threat of cyber fraud

The legal sector has delivered a very proactive and effective response to the increased threat of cyber fraud, probably more than other industries. This is of course understandable given the significant funds law firms hold on behalf of their clients. The seriousness of reputational and regulatory damage is also a key factor.

Legal bodies such as the Law Society have also been proactive in organising fraud awareness seminars for their members. Along with events hosted locally by firms themselves, the sector is considered to be one of the most astute when it comes to fraud vigilance.

But even though we see many reports of fraud attack prevention, there are still too many firms who do fall victim. This is often down to employees who have not received the appropriate fraud education, or do not receive it often enough. It is really important that firms have a regular schedule of delivering up-to-date fraud awareness material to their employees.

Fraudsters' preference for cybercrime as a method to commit fraud is only likely to increase in the future, with attacks becoming more complex and difficult to detect. Law firms need to change their mentality from 'if we get targeted' to 'when we get targeted'.

Those best prepared for a cyber fraud attack will have multi-layered controls in place. This will include a robust ongoing employee awareness program as well as clear plans on how to respond in the event of an attack.


Why do law firms choose Lloyds Bank?

It’s because Lloyds is the only bank with a Lexel-qualified team of legal sector specialists who understand law firms and their specific funding needs.

See also: