© 2019 Aitchison Reid Consulting Pty Ltd, a company incorporated in Australia. Trading as ARC Solutions and Aitchison Reid Consulting. ACN 158 303 774. ABN 56 347 951 609.

 

Disclaimer: The commentary and information on this website is not legal advice, IT, risk, management or general advice. Seek advice on matters of interest arising from the commentary and information on this website. Any reference made on this website to law practice Aitchison Reid Pty Ltd or Aitchison Reid Consulting Pty Ltd does not imply any warranty or any guarantee from Aitchison Reid Pty Ltd or Aitchison Reid Consulting Pty Ltd for the reference made. 

 

 

Terms of Use & Privacy Policy | News & Publications | About Us | Contact

 

.

    • Twitter Clean Grey
    • Facebook Clean Grey
    • LinkedIn Clean Grey

    Cyber attacks pretending to be payment schedules

    Aitchison Reid Consulting provides cyber security services to Aitchison Reid Building and Construction Lawyers, and we have a number of protection measures in place for the law practice.

     

    One of the measures includes the email system to automatically sweeping for cyber-attack emails and blocking them.

     

    A phishing attack email came into the law practice yesterday morning, pretending to be a forwarded payment schedule. The law practice's email system automatically detected and blocked the email.

     

     

     

    The issues for building and construction subcontractors and trade contractors for this sort of attack are:

    1. The attacks if successfully launched against subbies’ and tradies’ businesses can disrupt or stop their trading by:

      1. locking up and ransoming their business and client data, releasing it only after being paid; and/or

      2. installing keylogging and monitoring software on computers inside the subbies’ and tradies’ businesses to capture sensitive user id and password details (for example, to access online banking, and for identity theft).
         

    2. Subbies and tradies need to make sure they have systems in place to:

      1. detect and prevent as many of these emails from coming through to staff mailboxes; and

      2. constantly backup their information systems (accounts, client data, supplier data, the lifeblood data which they must have for their businesses) as close to real time as possible, so that they can quickly recover access to their systems if they’re ever locked and ransomed out of their systems by attackers.

     

    Undetected phishing attack emails can spread their malware rapidly like wildfire across businesses which don’t have detection and prevention systems in place, potentially costing you and your supply chain valuable money, business data and time.

     

    For phishing attack emails designed to psychologically and emotionally trick subbies and tradies into clicking them (such as using subject lines describing the email as a payment schedule, section 20A notice, payment claim, invoice or anything else that may seem to relate to subbies’ and tradies’ businesses), it’s an extremely easy and effective method of attack to carry out against any subbies and tradies who don’t have effective detection and prevention measures in place.

     

    Wanting help to setup cyber protections for your business without busting your budget to pieces? Email Aitchison Reid Consulting here to arrange a confidential conversation: info@arcsolutions.com.au.

    Please reload

    Featured Posts

    Cyber attacks pretending to be payment schedules

    March 28, 2018

    1/6
    Please reload

    Recent Posts
    Please reload

    Archive