​With 62% of law firms falling victim to cybercriminals in the last year, and only 35% with a mitigation plan in place in the event of an attack, experts are warning that practices need to be doing more to address the real and present threat from online fraudsters.

Cybercriminals targeting the legal sector do so for three main reasons – extortion, theft and fraud – and they are using a variety of constantly evolving tricks and techniques to dupe targets and breach systems.

Our MD, Jason Fry, said:

"The sensitive and highly confidential nature of the information held by the legal sector presents a prime picking ground for cybercriminals - currently 4.5% of all UK data breaches are occurring in the sector so it's a serious issue and one that needs to be addressed in order to protect the profession's integrity. 

"The problem is that many law firms believe they aren't big enough to warrant an attack by a professional hacker, but that simply isn't the case.  All law firms hold what is considered by fraudsters to be high value data and information so it is important that the sector understands and acts on the risks involved."

Cybersecurity breaches come in many forms so knowing how they may be instigated is one of the first steps to preventing attacks and safeguarding data.  

Robert Schifreen is a former UK-based computer hacker who was arrested in 1985 for breaching computers at British Telecom.  He now runs a security awareness training programme called SecuritySmart.co.uk.  He said:

"Certainly there have been huge advances in the ways attacks are carried out and the methods that are adopted by cybercriminals.  These days we see more and more sophisticated methods being put in to practice that are scarily 'real' to the target, such as a combination of social engineering and 'vishing' (fraudulent phone calls that appear to come from trusted sources).  Lack of awareness, not just amongst business owners but their employees as well, is a huge part of the problem."

'Friday Fraud' – a term coined specifically for the law sector due to cybercriminals becoming familiar with the profession's practice of transferring funds on Fridays – was responsible for the theft of £85 million from British law firms between the beginning of 2015 and July 2016.

Jason continued:

"Once cybercriminals discover a weak link they can quickly latch on to it and it becomes much easier for them to carry out their attacks successfully."

So what can be done?  Jason believes that reviewing a company's cybersecurity policy is key.

"First and foremost identify the person within the firm who is responsible for making sure cybersecurity policies and procedures are in place and regularly reviewed. 

"And even though it may sound obvious, from there it is about ensuring the basics are correctly and effectively addressed."

"A robust security policy needs to not only include the traditional protection of systems, such as anti-virus and firewall software, but also iron clad processes should be adopted and communicated effectively to staff to prevent information from being leaked and to reduce the likelihood of them or their clients becoming victims of duping scams."

Although security software and procedures will help ward off potential threats, fraudsters will always aim to be one step ahead so individuals need to keep their wits about them to avoid any unpleasant surprises. 

Jason added:

"I would always recommend that firms seek professional advice from an IT specialist to review their policies and provide a clear plan of how to tackle any loopholes in their practice's security systems."

If you would like to know more about how to protect your business from cybercrime, and how PAV i.t. can help, call us on 01273 834 000 or complete our enquiry form.


PAV i.t. services
Reeds Lane, Sayers Common
West Sussex, BN6 9LS
General enquiries: +44 (0)1273 834 000
Support / service desk: +44 (0)1273 834 433


PAV study highlights phishing threat to SMEs
A recent study carried out by PAV i.t. Services in conjunction with one of the UK's leading insurers highlighted that 29% of staff working at Small and Medium Sized Businesses (SMBs) open phishing emails.

Legal firms prime target for cybercriminals warn experts
With 62% of law firms falling victim to cybercriminals in the last year, and only 35% with a mitigation plan in place in the event of an attack, experts are warning that practices need

Security should be top priority for mobile developers to protect consumers
With the recent surge in fake apps tricking consumers out of personal data, experts are warning that manufacturers and developers of mobile devices need to make security a top priority in the design process to mitigate the serious risks posed by hackers.

PAV i.t. hosting free cybersecurity workshop for businesses
PAV i.t. will be holding a free cybersecurity workshop for businesses at Sussex Downs College in Eastbourne on Friday 24th February from 10am to 2pm.

From computer to crash helmet: Andy going for rally car glory
Andy Hollingham, an employee from PAV i.t., will be swapping his computer for a crash helmet when he takes part in the South Downs Stages rally car racing at Goodwood on Saturday 11th February.

From fiction to fact: the cybercrime threats of the future
Cybercrime was big business for fraudsters in 2016 with cybercriminals racking up an estimated £1 billion in damages to companies across the UK.

PAV i.t.'s experts examine security breaches at Yahoo and TalkTalk
Big business are not immune to cybercrime: PAV i.t. examines high-profile hacks at Yahoo and TalkTalk

Festive season prime time for IT outages warns PAV i.t.
With the cost of IT downtime, outages and failures costing UK businesses in excess of £12 billion in lost productivity in 2015, PAV i.t. is warning companies to be prepared...

It's good to talk: PAV i.t. urges firms to share their experiences to help in the fight against cybercrime
We regularly discuss the threats to businesses from the online world, and offer our expert advice about the steps firms can take to protect themselves. But despite various awareness campaigns about the threat of cybercrime, it remains a taboo subject


@SophosPartners @AspireCharity How about the London Revolution next year ? https://t.co/Q0BIYMFn2v - would love to… https://t.co/zNY1jYKZxN

Thanks @Sophos @krishagerman our MD Jason really appreciated the lightweight cycling gear for his ride to a very wa… https://t.co/fV36KGd7oe

We use cookies to help provide you with the best possible online experience.
By using this site, you agree that we may store and access cookies on your device. You can find out more and set your own preferences here.