The recent hype regarding Artificial Intelligence has inspired a new wave of email phishing attacks.
In one scenario, the email recipient is given a link for a free download of ChatGPT or some other AI product. Clicking on the link activates malware that can steal passwords and data from your network.
Here are more details from a post by Stu Sjouwerman, founder and CEO of the security awareness firm KnowBe4:
“Curiosity leads people to suspend their better judgment as a new campaign of credential theft exploits a person’s excitement about the newest AI systems not yet available to the general public. On Tuesday morning, April 11th, Veriti explained that several unknown actors are making false Facebook ads which advertise a free download of AIs like ChatGPT and Google Bard.
Veriti writes ‘These posts are designed to appear legitimate, using the buzz around openAI language models to trick unsuspecting users into downloading the files. However, once the user downloads and extracts the file, the Redline Stealer (aka RedStealer) malware is activated and is capable of stealing passwords and downloading further malware onto the user’s device.’
Veriti describes the capabilities of the Redline Stealer malware which, once downloaded, can take sensitive information like credit card numbers, passwords, and personal information like user location, and hardware.“
- Don’t click on suspicious links or ads.
- Go directly to the product source to see if the email is legitimate.
- Use only demos from reputable sources.
- Train your staff to be vigilant.
- Report incidents promptly to your liability insurance carrier
Do you know one simple step that will reduce your risk of wire fraud to near zero? Can you name the Three C’s of Law Firm Branding? Do you understand how amygdala hijack might be sabotaging your law practice? You would know the answers to these and other important questions if you attended our recent CLE webinars. These free lunch-hour programs – which feature nationally-recognized experts offering practical tips and guidance on crucial issues affecting the legal industry – are just one of the many benefits available to you as a member of the Alta Pro Risk Purchasing Group (RPG). Do you practice in Wisconsin, Texas, Minnesota, Ohio, Illinois, Indiana or Michigan? You may be eligible for regular Pro Practice e-Alerts, the Pro Practice Blog, Reminger Law’s ProLink risk hotline, discounts on CLIO practice management software, free consultations with the Risk Pro and more – without even knowing it. Register here and start enjoying your Alta Pro RPG benefits.
Cybersecurity Awareness Training
Cyber training is essential for all law firms. Those who should receive training include employees, temps, independent contractors and perhaps some vendors. Training sessions should be held once or twice a year – or whenever an incident occurs.
KnowBe4 and other cybersecurity companies offer Security Awareness Training. Learn more here.
Are you taking advantage of the many benefits available to you as a member of the Alta Pro Risk Purchasing Group (RPG)? Free, cutting-edge CLE webinars on hot topics from Cannabis Law to Emerging Cyber Threats. Pro Practice e-Alerts delivered straight to your in-box with breaking news for solos and small firms. Premium content – including forms, roadmaps and checklists – available 24/7 at the Pro Practice Blog and Pro Practice Playbook on the RPG website. Prompt, confidential assistance with problem cases from Reminger Law claims prevention. Practice management assistance from The Risk Pro. Discounts on CLIO software products and tax savings on health insurance plans. These tools and resources – and more like them – have real, practical value. More important, they are actually used by hundreds of law firms nationwide to stay safe and successful. Get with the RPG program! Click here to start accessing your benefits.