Category: Email

CybersecurityEmailHackingPhishing

Yahoo! Latest Dangerous Place to Be

 

 

 

I read Oregon’s Attorney General Ellen Rosenblum’s fraud alert on the Yahoo data breach. Makes me unhappy to read because 500 million users includes lawyers and many friends and family members. Why anyone would use yahoo for email if they are a lawyer is a question for another day. Or not. Please beware that the old adage: there’s no such thing as a free lunch has important lessons. Encrypt, encrypt, encrypt. Or plain avoid using free email platforms for your business. Google has business mail that is different from their free gmail. Your business is your business. But so is your clients’ business so you have an ethical duty to protect your clients’ business.

Ok, I am off my soapbox. Here below is AG Rosenblum’s post. Sign up for her alerts here. 

 

ag-fraud-alert

Was your information exposed in the Yahoo data breach?

Yahoo has confirmed data “associated with at least 500 million user accounts” has been stolen in what may be one of the largest cybersecurity breaches ever.

The stolen data may include names, email addresses, telephone numbers, dates of birth, passwords, as well as security questions and answers.

“This latest hacking “bombshell” — and the huge number of people affected by it — is a real reminder of something we often don’t take the time to do: We must be vigilant about changing our email passwords regularly! If you use any Yahoo product, you should make sure you change your password immediately, and closely monitor any credit cards associated with your account,” Attorney General Rosenblum said.

If you use Yahoo services and have an account with Yahoo, you should do the following as soon as possible:

  • Change your Yahoo password, as well as your Yahoo secret questions and answers; and
  • If you reused any passwords, secret questions and answers from your Yahoo account to any other account (Gmail, Hotmail, etc.), change that information in those accounts as well.

In addition, Oregonians who have shopped and used a debit or credit card on a Yahoo account, or on a Yahoo web service, should:

  • Monitor your credit report. Visit www.annualcreditreport.com or call 1-877-322-8228 to order a free credit report and review it for errors.
  • Avoid clicking on links or downloading attachments from suspicious emails. Yahoo will be contacting affected users about this issue, but these emails will not ask you to click on any links or contain attachments and Yahoo will not ask for your personal information.
  • Beware of “phishing” (the activity of posing as a legitimate company to gain access to financial accounts) attempts and unsolicited calls or emails offering credit monitoring or identity theft services. These offers are attempts to steal your personal information.

If you find unexplained activity on your credit report or if you believe you are a victim of a “phishing” scam, there are important steps you can take to protect yourself. Contact the Attorney General’s consumer hotline at 1-877-877-9392, review the Attorney General’s website – www.oregonconsumer.gov – for information on identity theft, or view the Federal Trade Commission’s identity theft resource, available at www.consumer.gov/idtheft/.
Thank you, Attorney General, Rosenblum!

ag-rosenbloom

copyright September 23, 2016 Sheila Blackford

CybersecurityEmailLaw Practice ManagementTechnology

Watch and Authenticate Email Sender Before Opening an Attachment

 

image  by Sheila Blackford   ©2016

Senders of malware are tricky, but lawyers and their staff are smart enough to thwart the sender’s efforts.

Recently a colleague here at the PLF was contacted by a concerned Oregon lawyer who received an email eCourt notice that turned out to be fake and trying to deliver an attachment that was a virus.  The facts are instructive.

Lawyer had an upcoming hearing in lawyer’s local county court. Let’s say the date of the court appearance was for May 18, 2016. The reminder purported to be from the local county court providing a court reminder of the upcoming hearing. The date was accurate. The attachment was labelled “Court Notice.” Lawyer’s virus , Oregon’s 4th Judicial District scanner detected this email as being a problem so flagged it as a virus. Although the email ‘said’ it was from the county court, the domain name was completely different. Lawyer did not open that “Court Notice” which would have launched a virus. Lawyer called to share the lesson.

What is the lesson? You can never be too careful with email mail attachment and emailed hyperlinks. Spoofers pretend to be legitimate companies. But if you look close, you can catch the spoof, whether the domain name doesn’t properly match or the email message reads a bit off. It calls for paying closer attention. For example Multnomah County Circuit Court has a very nice website. http://courts.oregon.gov/Multnomah/Pages/index.aspx A specific judge at Multnomah County Circuit court would have their email address looking like this: FirstName.LastName@ojd.state.or.us. Don’t just rely on the name, look for the actual email address coming from the expected domain name.

My email may show up in your email inbox as coming from ‘Sheila M. Blackford’ but pressing on the name, you will see my actual email address domain which will be SheilaBatOSBdotPLFdotORG.  I really don’t like spam or malware in my inbox. That’s why my email address spells out the proper email punctuation in the previous sentence. There are robots that harvest email addresses from the Internet so I wanted to be careful here.

A lesson about attachments, be careful before opening any attachment. It could be malware, not what you are expecting. Hopefully your malware protection software will flag it. But it may not. Unless you are downloading a program from the internet from a verified trusted site– you should never be opening a document that ends with .exe.  CAVEAT: Be certain that you are about to download a safe program from a  legitimate website such as downloading Windows 10 from Microsoft.com.  Microsoft Word 2016 documents end with .docx  You may notice that your malware protect software provides an option to scan a document before opening it.

I will never forget my own malware experience while in law school at University of the Pacific, McGeorge School of Law. I was about 80% done with the law review article to be submitted for making law review. It was good. Past tense. When I  booted up to finish the last 20%, a virus executed and wiped everything out. Everything. Ah! I tried to reconstruct that article which took hours and hours. Sleepless in the Bay Area, my husband volunteered to drive me the 3 hours to get to law school in Sacramento on time to turn it in at the last minute. But it bore a poor resemblance to the article I had lost. I did not make the main law review journal. I did not make the second tier law review journal. I ended up as an editor on the California Initiative Review. Better than nothing but a bummer.Sad story, huh? But a malware virus could have even worse consequences for you lawyers. Seriously, think if your hard work was destroyed. AH! So be careful. You don’t need to learn lessons the hard way.

Be safe.

 

 

 

 

BillingBusiness PlanningClient relationsCommunicationEmail

15 Resolutions for a More Rewarding Law Practice in 2015

image  by Sheila Blackford   ©2015

15 resolutions you may want to adopt for your own:

1. Check email in the morning and sort into three folders: Do, Delegate, Delete; you want to use email as a tool not get swallowed up by it.

2. Unless urgent, return calls at 11:00 a.m. and 4:00 p.m. daily; you’ll save time batch calling.

3. Have a Work in Process (WIP) meeting Monday mornings for reviewing and updating status of all open matters; you will catch what would otherwise slip through the cracks.

4. Call a different client each day off the clock to check in about how the client is doing; you’ll be rewarded from this simple action.

5. Plan time for a health break daily for a brisk walk, meditation, or yoga session; you’ll perform better if well-balanced.

6. Learn to say “no” to cases that you don’t want to do; your time is a valuable resource to invest wisely.

7. Send a handwritten thank you note when a matter is finished and enclose two business cards; appreciation is contagious.

8.  Monitor your financials: receivables, expenses, profitability; your clients need you to succeed.

9. Dust off your business plan and review quarterly; make it dynamic.

10. Plan regular networking breakfasts with colleagues and potential referral sources; don’t become isolated or overlooked.

11. Pick up the phone if a client is 45 days late in paying the bill; find out if there a problem tobe solved.

12. Use clearly written fee agreements; keep your client relationships positive.

13. Do an office audit to identify any inefficiencies and potential sources of malpractice claims and ethics complaints; call a PMA for help.

14. Focus on improving service to clients and increasing job satisfaction; don’t settle for mediocrity.

15. Create a case timeline, case budget, and scope of representation for clients before beginning work; keep the focus sharp.

BillingBusiness PlanningClient relationseLawyeringEmail

Where are your go to resources?

JEL23652-Blackford, Sheila P3 (2)   by Sheila Blackford   ©2012

What is the best trust accounting software I should adopt for my firm?
When should I run a conflicts search?
How long I should keep closed client files – if my client has a copy already?
Where should I open my office to get more business?
Which networking events may be helpful to me as a new attorney?
Who can help me figure out what I need to do to open my own office?

These are all questions that get asked over and over by lawyers. The big question behind all of them is one: where are your go to resources? Today, I’d like to tell you about where you can find a variety of valuable of go to resources.

Ask a Practice Management Advisor
I work for the Oregon State Bar Professional Liability Fund as a practice management advisor. If you are an Oregon lawyer or member of an Oregon lawyer’s firm, then you know the PLF is the mandatory malpractice insurance carrier for the basic coverage required of Oregon lawyers in private practice. If you are not an Oregon attorney, you may have a practice management advisor associated with your state bar association. To see a list of practice management advisors in North American, see here ABA Law Practice Management Section Practice Management Advisors/State & Local Bar Outreach Committee. Call your practice management advisor! We are a resource to getting you the answers to your questions.

Practice Aids & Forms
What you may not realize is that the PLF has a huge variety of free practice aids and forms that can be downloaded from www.osbplf.org. See Loss Prevention on the menu and select the last item, practice aids and forms. Download all of them in Word or WordPerfect and you can customize them. You find a variety of checklists to help you to tackle various substantive practice areas – adoptions to workers’ compensation– plus topics that cut across all practice areas like conflicts of interest, calendaring and docketing, engagement, nonengagement, disengagement, file management, opening your law office, closing your law office, trust accounting, and technology. Lawyers are surprised by the number of practice aids and forms that are available.

Publications
You want to open your own law office? The PLF has free guides which you can download in PDF format from the PLF website, on the menu under Loss Prevention, select Books from the PLF: A Guide to Setting Up & Running Your Law Office, A Guide to Setting Up & Managing Your Lawyer Trust Account, Planning Ahead: A Guide to Protecting Your Clients’ Interests in the Event of Your Disability or Death, and Oregon Statutory Time Limitations Handbook.

Books from the OSB: BarBooks is a resource you simply must take advantage of because you are entitled to free access to excellent books specific to your desired practice area, such as the helpful five volume Advising Oregon Businesses. If you want to look at what publications the OSB offers, see the Legal Publications Catalog. Don’t overlook valuable publications that are associated with CLEs.

CLE Seminars
You want to learn about practicing in different areas?
CLEs from the PLF:You can find CLEs geared to avoiding malpractice traps in family law or how to set up a conflict system or handling your trust account or improving your understanding of financial considerations about managing your law office plus a great variety of other practice management at the PLF. See PLF website then on menu under Loss Prevention select CLE to review on-demand programs, access programs available on DVD of a CLE you might have missed and download the CLE’s handouts, or learn about an upcoming in-person CLE.

CLEs from the OSB:You can find CLEs specific to your desired practice area plus other CLEs – find out what CLEs are available in a variety of formats, QuickCalls, CLE On Demand learn about upcoming live seminars you can attend in person or by webinar by accessing the OSB CLE and Seminars catalog at OSBCLE.org.

CLEs from the Oregon Law Institute (OLI):You can find CLE offerings that fit your needs at OLI. Don’t overlook the OLI resources, whether in person seminars, webinars, MP3 courses, or review their product catalog.

American Bar Law Practice Management Section CLEs: The LPM Section offers CLEs produced by the American Law Institute (ALI). You do not have to be a member of the ABA LPM Section, though you may want to join. See information about the LPM CLEs here.