Cybercrime: An Ongoing Threat to Law Firms

In the most recent issue of Law Practice Today Sheri Davidoff describes how hackers exploit weak security measures to steal from you and your clients. The most common targets: your email, logins, and files.

Email hacks

Once a hacker gains access to your email, he or she may download your entire mailbox, set up a rule to forward your messages to their account, or use email content to begin victimizing clients.

Preventive steps

Use proper passwords

Pass phrases (sentences) are the best. Otherwise, choose passwords at least 14 characters in length which contain symbols and numbers. It is critical to create unique pass phrases or words for each login to limit the scope of a security breach. Do not share them. Do not write them on sticky notes posted to your monitor. A password manager can make the job easier.

Turn on two-factor authentication

This sounds fancy, and if you’re not familiar with it, intimidating. It is neither. Login as usual, have your smartphone or cell phone handy, and enter the code texted to you to complete your login. It’s that easy.

Biometrics

You can use your face or your fingerprint to login if your device or software supports it. A quick Google search generates pages of “pros and cons” posts, which I will avoid repeating here.

Limit substantive content in email

Consider limiting what you say by email when the information is sensitive. Pick up the phone or send the client a message prompting them to login to your secure client portal instead. As Davidoff points out in her post, “Hackers commonly search your correspondence for ongoing conversations of interest—such as a real estate purchase or other upcoming financial transaction. Then, they actively monitor these conversations to maximize their ability to intercept a payment.”

Malware and ransomware abound

The most likely way to get infected with malware or ransomware is to click on a suspicious attachment or link. Use common sense before you click and if in doubt: don’t! Even if the message appears to come from a trusted source. Pick up the phone or compose a new message and ask the sender if he/she sent the email. (Don’t ask by forwarding the suspicious message – you are only spreading the threat.)

The US Department of Homeland Security has valuable tips on combating malware and ransomware. Also, take a few minutes and peruse the resources available at the ABA Law Practice Division (search: “malware”) or checkout the Professional Liability Fund CLE, Data Security/Data Breach: What Every Lawyer Needs to Know to Protect Client Information.  

All Rights Reserved 2019 Beverly Michaelis

Phishing Scam Hits OJD Users

Here are the details.

Astonishing Admission from Amazon about your Data

Thanks to Delaware Senator Chris Coons we recently learned that Amazon keeps Alexa transcripts and voice recordings indefinitely and only removes them if they’re manually deleted by users. Maybe.

While the company is engaged in an “ongoing effort to ensure those transcripts do not remain in any of Alexa’s other storage systems,” there are still records from some conversations with Alexa that Amazon won’t delete, even if people remove the audio.

In addition, Alexa also retains all purchase requests, reminders, and alarms.

Wow!

You, the user, must take the extra step to delete this data – and even if you do – Amazon doesn’t always follow through.

Despite reports by cnet and other tech sites, this news flew under the radar when reported last Tuesday – two days before Independence Day.

Smart Technology

As cnet points out, voice assistants aren’t the only cause for privacy concerns. Any smart home device – locks, doorbells, or appliances – can potentially collect and share your data. Be aware that the price you pay for convenience may mean sacrificing privacy.

All Rights Reserved 2019 Beverly Michaelis

2019 ABA TECHSHOW – 60 Tips

It could be anything!

If you’re referring to the annual “60 in 60” tips session at the ABA TECHSHOW you are absolutely right! From useful websites to new apps, gadgets, or tools for lawyers – the content is always unpredictable.

For all the details from TECHSHOW 2019, see my full story on Wakelet. Meanwhile, here are a few of the highlights:

  • Checkli.com – free checklist maker.
  • Flow-e – email client that turns your messages into a visual (Kanban style) task board.
  • Instant tethering – use your Android phone to connect more than 45 Chrome/Android devices.
  • MileIQ – free mileage tracking that integrates with Office 365.
  • PassProtect – realtime check for potentially unsafe passwords.
  • Poll Everywhere – polling software that integrates with connected presentations, updating slides in real time as answers are texted in.
  • Rocket Book – a pen and paper notebook that saves what you write to the cloud. Erase your notes using your microwave oven when you use Pilot FriXion pens.
  • Tweet Delete – automatically delete old tweets from your Twitter account.
  • Windows 10 GodMode – If you’re sick of switching between Settings and the Control Panel or searching for your lost settings in Windows, use GodMode.

There’s so much more … like where to find a wireless “endoscope” smartphone camera to explore hard-to-reach locations.

Hopefully I’ve tempted you. Check out the complete list from 60 in 60! Where else will you learn how to enable private browsing, design better slide decks, create shortcuts for your iOS devices, find the best Chrome extensions, or access a legal keyboard with over 35 legal symbols and functions in one keystroke?

All Rights Reserved 2019 Beverly Michaelis