Attorneys in California are facing an increase in cyber liability claims asserted by their clients and sometimes by third parties arising out of email phishing attacks. The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) defines phishing attacks as “email or malicious websites to solicit personal information by posing as a trustworthy organization.” Let’s suppose a former client sends an email out of the blue asking for the review of a document.

Or perhaps an email is received with wire instructions from opposing counsel regarding where to send settlement funds. It may appear harmless, but on the “other side” of a seemingly legitimate transaction could be a cybercriminal impersonator. One wrong click and they have control. Today’s schemes have become so elaborate that nearly every lawyer is at risk. This is evidenced in part by the drastic rise in acquisition of cyber insurance policies.