NCSC releases email phishing attacks guidance
The National Cyber Security Centre (NCSC) has published a new guide to help organisations in all sectors defend themselves against email phishing attacks.
Reducing vulnerability to email phishing attacks is a top concern for most law firms, given their reliance on email as the primary communication channel with clients.
NCSC’s guide suggests a four-layered approach using technological, process and people-based defences:
Layer 1: Make it difficult for attackers to reach users
Layer 2: Help users identify and report suspected phishing emails
Layer 3: Protect your organisation from the effects of undetected phishing emails
Layer 4: Respond quickly to incidents
Access government guidance: Phishing attacks: defending your organisation
What is phishing?
Phishing is the fraudulent practice of inducing individuals to reveal sensitive information, such as usernames, passwords and payment card numbers, online. Phishing attacks can be via phone, text message or social media accounts, though its most common form is by email.
Sign-up to our weekly cybersecurity news digest
Want to read more stories like this? Sign up to our weekly news digest to keep you up-to-date with cybersecurity news stories relevant to the legal sector.