You are here:
  1. Home
  2. News
  3. Stories
  4. NCSC releases email phishing attacks guidance

NCSC releases email phishing attacks guidance

16 February 2018

The National Cyber Security Centre (NCSC) has published a new guide to help organisations in all sectors defend themselves against email phishing attacks.

Reducing vulnerability to email phishing attacks is a top concern for most law firms, given their reliance on email as the primary communication channel with clients.

NCSC’s guide suggests a four-layered approach using technological, process and people-based defences:

Layer 1: Make it difficult for attackers to reach users

Layer 2: Help users identify and report suspected phishing emails

Layer 3: Protect your organisation from the effects of undetected phishing emails

Layer 4: Respond quickly to incidents

Access government guidance: Phishing attacks: defending your organisation

What is phishing?

Phishing is the fraudulent practice of inducing individuals to reveal sensitive information, such as usernames, passwords and payment card numbers, online. Phishing attacks can be via phone, text message or social media accounts, though its most common form is by email.

Sign-up to our weekly cybersecurity news digest

Want to read more stories like this? Sign up to our weekly news digest to keep you up-to-date with cybersecurity news stories relevant to the legal sector.


professional development centre
GDPR for managers: an introduction

New online course, GDPR for managers featuring downloadable checklists and valuable resources from the Law Society and ICO.

GDPR for managers: an introduction > More