Cybercrime: An Ongoing Threat to Law Firms

In the most recent issue of Law Practice Today Sheri Davidoff describes how hackers exploit weak security measures to steal from you and your clients. The most common targets: your email, logins, and files.

Email hacks

Once a hacker gains access to your email, he or she may download your entire mailbox, set up a rule to forward your messages to their account, or use email content to begin victimizing clients.

Preventive steps

Use proper passwords

Pass phrases (sentences) are the best. Otherwise, choose passwords at least 14 characters in length which contain symbols and numbers. It is critical to create unique pass phrases or words for each login to limit the scope of a security breach. Do not share them. Do not write them on sticky notes posted to your monitor. A password manager can make the job easier.

Turn on two-factor authentication

This sounds fancy, and if you’re not familiar with it, intimidating. It is neither. Login as usual, have your smartphone or cell phone handy, and enter the code texted to you to complete your login. It’s that easy.

Biometrics

You can use your face or your fingerprint to login if your device or software supports it. A quick Google search generates pages of “pros and cons” posts, which I will avoid repeating here.

Limit substantive content in email

Consider limiting what you say by email when the information is sensitive. Pick up the phone or send the client a message prompting them to login to your secure client portal instead. As Davidoff points out in her post, “Hackers commonly search your correspondence for ongoing conversations of interest—such as a real estate purchase or other upcoming financial transaction. Then, they actively monitor these conversations to maximize their ability to intercept a payment.”

Malware and ransomware abound

The most likely way to get infected with malware or ransomware is to click on a suspicious attachment or link. Use common sense before you click and if in doubt: don’t! Even if the message appears to come from a trusted source. Pick up the phone or compose a new message and ask the sender if he/she sent the email. (Don’t ask by forwarding the suspicious message – you are only spreading the threat.)

The US Department of Homeland Security has valuable tips on combating malware and ransomware. Also, take a few minutes and peruse the resources available at the ABA Law Practice Division (search: “malware”) or checkout the Professional Liability Fund CLE, Data Security/Data Breach: What Every Lawyer Needs to Know to Protect Client Information.  

All Rights Reserved 2019 Beverly Michaelis

Client Bills Should Tell a Story

Once upon a time my lawyer sent me a billing statement I didn’t understand. The only part that wasn’t vague was the amount I owed.

If this is how clients feel about your bill, you’ve got a problem.

Billing statements should be complete, detailed, and accurate. Here are some dos and don’ts to consider:

Billing dos

  • Make the math easy to follow. If you offer early payment discounts, calculate the discount for the client. If the client is required to replenish a retainer account, show how you arrived at the replenishment number.
  • Be clear about due dates and the applicability of late charges or interest.
  • Spend client money carefully. As one writer put it, why are you FedExing correspondence to your expert when trial is six months away? The same can be said of failing to delegate work when it could have been performed just as competently for less money.
  • Put your billing practices into an easy-to-read client pamphlet. It can be on your website, in a brochure, or on a one-page sheet included with your fee agreement.
  • Proofread your bills. Mistakes drive clients crazy and cause them to question your invoice and the quality of your legal work.
  • Follow the additional tips below.

Billing don’ts

  • Don’t bill the client for anything that isn’t included in your (written) fee agreement.
  • Don’t pad your bill.
  • Don’t nickel and dime clients by billing for everyday scanning, copying, faxing, or postage. Allow for reimbursement of extraordinary expenditures by including an exception in your fee agreement, then bill accordingly.
  • Don’t raise client hackles by charging for clerical work.

What to include in your billing descriptions

  • For each billing activity include the person doing the work, the applicable rate, and the date of the activity.
  • Spell out acronyms and abbreviations like UTCR or ORCP.
  • Make your bill easier to read by ditching as much of the legalese as possible.
  • Use dynamic, results-oriented verbs to describe your work: attend, investigate, evaluate, assess, formulate. A thesaurus is your best friend.
  • Write in the present tense.
  • Always include the who, what and why:

Who

To whom did you write the email or make the call? Describe the role of the person involved – clerk of the court, opposing counsel – and include the name if it is meaningful to the client. 

What

“Review documents” is vague. Give detail! What exactly did you review? Discovery produced by the other side in response to a request for production? Say so.

Why

Explain why you took the time to perform the task. Is the trial date around the corner? Are you reviewing documents to respond to a discovery request? Give the specific reason for organizing, reviewing or preparing. This is your opportunity to tell the client that you did something worth “x” dollars and expect to be paid.

Learn more

Learn more about billing practices, collections, and how to talk to clients about money at “Getting Paid,” an online CLE event scheduled for Wednesday, October 2, 2019 from 10:00 a.m. to 11:15 a.m. 1.25 OSB MCLE Practical Skills credits approved. Designed for lawyers, legal staff, and office administrators – anyone interested in  improving billing and collection practices. Details available hereRegistration open now!

All Rights Reserved 2019 Beverly Michaelis

Getting Paid October 2, 2019 – CLE Event

Learn how to talk to clients about money, incentivize clients to pay, collect accounts receivable, and modernize billing and payment practices. Join me on Wednesday, October 2 for “Getting Paid.” 1.25 OSB MCLE Practical Skills credits approved. Designed for lawyers, legal staff, and office administrators – anyone interested in  improving billing and collection practices.

Topics include

  • Identifying your fee strategy
  • Ensuring the client is invested in the case
  • Documenting and reinforcing fee discussions
  • Exploring the advantages of automated billing systems
  • Using billing descriptions clients understand
  • Making it easy for clients to pay
  • Sourcing the latest options in credit card processing and click-to-pay invoicing
  • Unbundling services to meet marketplace demands
  • Offering hybrid fee agreements
  • Getting practical about collection

When & Where: Wednesday, October 2 2019 from 10:00 a.m. to 11:15 a.m. Pacific Time. This is a live, online webinar.

Group Discounts: Available to firms who wish to register 5 or more attendees. Contact me for more information.

Participate in Polling & Ask Questions: Questions are welcome during the live event. Attendees are also encouraged to participate in live, anonymous polling.

How to Register

Click herechoose the image above, or visit the Upcoming CLE page. Secure payment processing powered by Eventbrite. Visa, MasterCard, Discover, and American Express accepted. Program materials included in the $25 registration price.

Can’t Attend?

Video and audio recordings will be available to download along with the program materials shortly after the live program event.  Price: $25. Contact me or visit my online CLE store to place an order.

Register Now!

All Rights Reserved 2019 Beverly Michaelis