How Our Client Got Scammed (& How We Played a Part in It)
Perhaps I should have thought long and hard before posting this, as Mockingbird unwittingly played a part in one of our clients dealing with a huge online headache. But…I’d rather share our experiences so that others might avoid them, than cover things up to make us always look great.
Here’s the story:
One of our clients had their email account hacked. Hackers set up forwarding rules on that email account so that anything coming from us bypassed the client and were forwarded to them. They then replied to an existing current email thread with us, asking for a password to the website backend to make some basic content changes. The client had unfortunately used that same password for a variety of different accounts. Chaos ensued….
How to Guard Against This….
- Use a sophisticated password management system. (We use LastPass).
- I’d strongly recommend that law firms connect with your agencies and put in place a strict policy of ONLY sharing passwords over the phone.
There have been an increasing number of scams impacting small businesses – especially the legal community, if the chatter on solosez is any accurate indication. Protect yourself.