Cybersecurity Alert – Phishing Emails

Dear Firms, Practitioners and Personnel

A number of practitioners have received emails purporting to be from the President of the Law Society of Tasmania.  Some emails have included references to names of other lawyers known to them.   

The emails we are receiving are becoming more targeted and more sophisticated.   

Please be assured that in many instances, including with my email, no ‘hacking’ of the sender’s system has occurred. The would be scammer has simply masked their true email address and used information from the web to make the email appear genuine.

Please continue to notify the practitioner if you receive one of these emails.

Some practical information:

  1. By clicking on “reply” you can check the return address to see if it matches the sender. I am advised this can be done safely as long as you do not send the reply.
  2. If you are receiving these emails then contact your IT service provider to check your email settings. These emails (differing send/return addresses) can and should be filtered out and never received.
  3. Take the time to report it to the email service provider where the email came from. (eg Gmail). It takes 20 seconds to notify them their service is being used for criminal activity. They can shut down the address and this forces the scammer to create a new one. It also gives the mail provider information to block future attempts by the same “person” to create a new mail account.

Legal practices of course need to remain vigilant in staff training and treatment of emails received, particularly if the subject matter relates to financial transactions. 

All of this assists to ‘counter-phishalise’ this activity. The harder we are as a target, the less likely we are to become one.

Please circulate this to all members of your practice.

Yours faithfully,

Evan Hughes
President, Law Society of Tasmania