Report comment

Readers dont seem to understand that unfortunately that email "from" addresses can easily be faked without access to the purported sender's email account- this is one of the big weaknesses of the internet. Your firm's registered number can be ascertained from the on-line Law Society Directory and the hackers could probably guess who to send the emails to using the Law Society Directory or firm's own websites to identify senior staff in each firm. However what is more concerning is that SRA have not issued any information about the nature of the virus, is it one or multiple types of virus that were contained in the emails, how worried do we need to be, are there any specific things our IT departments should be doing. I also agree SRA were slow off the mark, I faxed the details of the attack to them within an hour or so of receiving the email. They should have emailed members within the day.