Corporate legal departments are more likely than others to click on phishing emails, study finds
Image from Shutterstock.
Corporate legal departments are more likely to open phishing emails than most other corporate departments, according to a study of data breaches by Verizon.
The study (available here) measured responses to more than 150,000 phishing emails sent as security-awareness tests. Among the departments most likely to open the emails were legal, communications and customer service. Thompson Hine’s blog, the Law for Lawyers Today, noted the findings, and Corporate Counsel noted the blog post.
Phishing emails appear to come from trustworthy sources, and they are aimed at attaining sensitive information, either through recipients disclosing passwords or unknowingly downloading malware.
The Law for Lawyers Today says lawyers are vulnerable because:
• Lawyers hungry for clients will be lured by an email that appears to be from a prospective client.
• Lawyers have to work efficiently and must be responsive to clients, making them more likely to click on emails before thinking.
• Lawyers overestimate their technology skills.
• Lawyers develop trusting relationships with clients, and will click on an email that appears to be from the client.
