The latest phishing attack is targeting law firms and small businesses. Claiming to be a construction company, supplier, or other specialty contractor seeking legal services, these bad actors are looking to gain access to the vast amounts of sensitive information these companies manage. If successful, the attacker may attempt to gain access to internal networks and databases in attempts to commit further criminal activity, such as ransomware, attacks, fraud, and theft.
What You Should Do
Be on alert for such emails described above. As a reminder, common red flags include misspelled email domains and websites, missing characters, and newly created website URLs. To learn more about how to detect and report phishing attempts, watch our 2-minute video.
If you have questions or need assistance, contact a member of the BMT team.