Firms urged to review password hygiene as UK sees 116% increase in nuisance comms

New data from recent reports suggests that despite increased warnings to businesses and individuals to review cyber security measures, phishing scams and nuisance attacks are on the rise. 

A report released by the UK’s Information Commissioner’s Office (ICO) in conjunction with litigation firm Griffin Law, reveals that in the first six months of 2021 UK residents have experienced a 116% increase in nuisance calls, texts, and emails, and that cyber attacks are to blame. The ICO received a total number of 83,558 complaints in the first half of the year compared to 38,269 complaints in the same period in 2020.

While experts think that some nuisance communications can be attributed to solicitations by businesses and a general drive to increase consumer activity, a large portion may be down to more sinister tactics such as social engineering and phishing scams dating back to 2020.

User credentials are at the forefront of most cyberattacks, and the need for strong, unique passwords is at an all-time high. But new data from LastPass shows that most users are not taking proactive steps to secure data.

In the LastPass Psychology of Passwords report, it found that 51% of users rely on their memory to keep track of passwords, despite 79% agreeing that compromised passwords are concerning, and that 65% always or mostly still use the same password or a variation, despite 92% admitting that they know using the same password or a variation is a risk.

Despite knowing the increased security risks associated with remote working, it appears that many users are still apathetic when it comes to cyber security. The LastPass report shows that 47% of workers have not changed their online security habits since working remotely, 46% have not strengthened their passwords while working remotely, and an alarming 44% have shared sensitive information and passwords for professional accounts while working remotely.

Following a consultation by the SRA, a new clause making it clear what cover will be provided for cyber losses will be added to the minimum terms and conditions of law firms’ professional indemnity insurance (PII) policies

Lindsay Petzer, Key Relationship Manager for legal risk mitigation expert Lawyer Checker said

“In the first half of 2021 we saw a huge spike in scam alerts issued by the Solicitors Regulator Authority. This included a 147% rise in scam alerts in the first three months of the year when compared to the same period in 2020. Email modification fraud is a common method fraudsters use to try and intercept confidential information and funds. And impersonation of a genuine person or firm is a common theme across most cyber fraud, which is why it’s so important to maintain a secure network at your organisation.

Using two-factor authentication when logging on to any platform is crucial so there are measures to verify the identity of the user. We also recommend using a password manager that generates virtually impossible to guess passwords, unique to each account or platform. On a broader level implementing the Government backed scheme Cyber Essentials Plus is a simple yet extremely effective way of assessing and implementing change for a firm’s cyber security infrastructure.”

Today's Wills and Probate