Law firms + ransomware = profit
For cyber criminals.
Are you a cyber criminal? No? Well, you might want to stick around anyway, especially if you work for a law firm.
Because we’re breaking down three steps every career criminal can take to get (malware) into legal. Of course, if you want to get ahead, you should attend our free webinar, ‘How to attack law firms using ransomware’. It’s for cyber criminals. And those who want to stop them from doing this:
Step 1: Find a law firm that doesn’t train its people to spot ransomware
You’re gonna want to grab a pen and paper for this one. Ready?
Type ‘law firms near me’ into your browser, then do that weird ‘inky pinky ponky’ thing we all did as kids. Write the names out on little pieces of paper – enough to fill up a jar – then pick one whenever you’re feeling villainous.
But how can you know if the firm you pick doesn’t invest in human factors security, you ask?
You can’t. But trust us, the odds are in your favour.
We’re talking about an industry that prides itself in NOT adapting to the times (seriously, what’s with the Latin?). So it’s pretty safe for you to assume that most firms on your list aren’t keeping up with the security industry.
Step 2: Do some casual social media stalking
Pick a random name from your jar and check the firm’s LinkedIn page and other socials, then make a note of the senior partners’ names and any people new to the firm.
Step 3: Craft the perfect ransomware email
Alright, so your target’s probably going to have some security measures in place. Like up to date antivirus software and all the bells and whistles that come with it.
But that’s just technological security, so don’t sweat it. Antivirus probably won’t stop someone from clicking a link in your expertly crafted ransomware email.
Start by picking a target. If there are any new hires, they probably haven’t finished orientation, and are eager to impress. Bingo. Whip out the details you got off social media, impersonate one of the senior partners, use wording that creates a sense of urgency, click send … then pick another name from your jar.
Got questions that need answering? Watch on demand our free webinar, ‘How to attack law firms using ransomware’.