Insight Archive | Subscribe to our insights >>

Aon | Professional Services Practice
In deep water: phishing risks for professional services firms – executive summary

Release Date: May 2021

Ransomware is a leading risk for professional service firms in 2021 – Aon’s Cyber Solutions Group statistics show that ransomware attacks have increased 486% in two years.

Attackers are very sophisticated
- They employ behavioral psychologists
- They employ professional translators
- They do their research and know:
  - You (they have your name, email address, and photograph)
  - Your clients
  - Your expertise, experience, and specialty
  - Personal information shared on social media (from where you live, to your dog’s name, including information leaked on the dark web, including SSN’s)
  - Your colleagues
  - Your position in your organization – who you report to and who reports to you
  - Your vacation schedule and where you go
Attackers have all the information they need to
- Craft convincing messages
- Impersonate you to someone else (e.g., a client)
- Impersonate one of your clients or vendors to you
- Convincingly emulate a prospective client
The pandemic and subsequent shift to remote working environments has given the attackers new opportunities to exploit issues with carefully crafted messages
Statistically, attackers need to send only 20 messages to have a high chance that at least one person will click a link or open an attachment, potentially releasing malware into your systems
You and your employees are the “gatekeepers”
- When they get past you, everything else is technology and they are very, very good at technology
- The attackers only need to be lucky once
- Your best defense is training the gatekeepers, often and repetitively

What can you do?

Be vigilant – look out for spoofed emails and names that are not quite right
Think twice before opening documents or clicking on links
Double-check changed instructions using “out of band” communication with parties to a transaction
If you think you have a problem, tell someone – the sooner the better
Establish and follow protocols – changes and exceptions are always red flags

Contact

To discuss any of the topics raised in this article, please contact Tom Ricketts.

Tom Ricketts
Senior Vice President and Cyber Risk Leader
New York

How is a reliance on outsourced vendors exposing professional service firms?

Professional Liability for Mid-Sized Law Firms

1 2 3 4 5 6 7

Explore Our Solutions & Services

Industry Groups

Aon’s Professional Services practice unites colleagues in all regions around the world to provide specialist solutions dedicated solely to law, accounting, consulting and design firms.

Insurance & Risk Solutions

We provide strategic advice, placement and management of insurance programs, and expert support across your lines of coverage.

Value Added Services

In addition to insurance solutions, our teams create value by providing a range of additional services.

Loss Prevention
Helping clients to identify and minimize liability and professional risks
Risk Management Information
A suite of services to provide our clients with up to date information on the global risk environments in which they operate
Claims Advocacy and Resolution
Using our knowledge and leverage to our clients’ benefit to ensure effective claims handling and resolution
Actuarial Risk Analysis
A dedicated and experienced team of actuaries providing a full range of analytical services
Global Compliance
Advice and solutions addressing regulatory and compliance needs
Benchmarking
Deep data resources allow us to provide customized benchmarking analysis

Human Capital Solutions

We provide a wide array of human capital solutions focused on the unique needs of professional service firms.

Environmental, Social and Governance

For professional service firms, the management of environmental, social and governance (ESG) risks and opportunities (both in their own businesses and in the delivery of services to their clients) has become an increasingly important and material issue.

Environmental, Social and Governance

Law Firm Advisory Services

Our team provides management consulting and advisory services to law firms.

Law Firm Advisory Services

About Aon | Professional Services Practice

Useful links – Professional Services Practice regional sites

Professional Services Practice
Article Subscription Form

Sign up here to receive our insights on an automatic basis, as soon as they are available

_{All fields marked with an asterisk are required}

First Name Last Name E-mail (articles will be delivered to this address) Industry segments:
Law Firms
Accounting Firms
Consulting Firms
Design & Construction Firms
Location Aon and other Aon group companies will use your personal information to contact you from time to time about other products, services and events that we feel may be of interest to you. All personal information is collected and used in accordance with our privacy statement.

Please click here to manage your communication preferences