You are here:
  1. Home
  2. News
  3. Stories
  4. NCSC releases email phishing attacks guidance

NCSC releases email phishing attacks guidance

16 February 2018

The National Cyber Security Centre (NCSC) has published a new guide to help organisations in all sectors defend themselves against email phishing attacks.

Reducing vulnerability to email phishing attacks is a top concern for most law firms, given their reliance on email as the primary communication channel with clients.

NCSC’s guide suggests a four-layered approach using technological, process and people-based defences:

Layer 1: Make it difficult for attackers to reach users

Layer 2: Help users identify and report suspected phishing emails

Layer 3: Protect your organisation from the effects of undetected phishing emails

Layer 4: Respond quickly to incidents

Access government guidance: Phishing attacks: defending your organisation

What is phishing?

Phishing is the fraudulent practice of inducing individuals to reveal sensitive information, such as usernames, passwords and payment card numbers, online. Phishing attacks can be via phone, text message or social media accounts, though its most common form is by email.

Sign-up to our weekly cybersecurity news digest

Want to read more stories like this? Sign up to our weekly news digest to keep you up-to-date with cybersecurity news stories relevant to the legal sector.


Excellnce Awards 2019
Enter the Excellence Awards

Choose from 22 categories, including Excellence in Access to Justice. Nominate now for your chance to shine.

Enter the Excellence Awards > More