Protect Your Practice: Cybersecurity Tips from the NJSBA

By NJSBA Staff posted 08-15-2019 09:53


Warding off hackers is a real concern that all New Jersey lawyers need to think about these days.

The NJSBA's cybersecurity team recently shared a warning that people should take extra precautions when using file sharing services.

The New Jersey Cybersecurity & Communications Integration Cell warned that hackers are effectively mimicking a wide variety of email messages from essentially all file sharing services like OneDrive, SharePoint and most recently Box.

"Box is a trusted file sharing platform used by 95,000 companies across various industries. The phishing email appears to be from a known or otherwise legitimate user and contains an embedded URL that redirects a potential victim to a fraudulent Box login page. The initial embedded link is not malicious, allowing this activity to bypass security devices. The malicious site is hosted on a compromised server with the intent of harvesting account credentials. The spoofed login page may look very similar to the legitimate site; however, it appears to be an older version. As cloud-based file sharing services increase in popularity amongst businesses, threat actors will continue to simulate these sites for nefarious purposes," NJCCIC warns.

Here is what you need to do to stay safe:
Never click on anything in an email that you didn’t expect or ask for.
Always ask a member of your IT team if you have any questions . It’s better to be safe and remain skeptical than to get hacked.
Always “call before you click.” Call the sender to see if they intended to send you a document or email, and never send them an email to ask – it could be compromised. It’s better to wait until you can reach someone than to take a chance.

Stay safe out there and check out the prior installments from the NJSBA about how to keep law practice and client information safe.