Australia’s top-tier and mid-tier law firms are leading the way in the use of anti-phishing technologies. Cybersecurity researcher at Iron Bastion, Gabor Szathmari, has published a new report providing a unique insight into the use of anti-phishing technologies protecting the legal profession in Australia.

Phishing is a global cyber-threat affecting all businesses. The Australian Competition and Consumer Commission (ACCC) reported earlier that phishing is the most prevalent cyber-threat costing $3.8 million to Australian businesses. In addition, the 2018 Telstra Security Report found that the most common cybersecurity threat in Australia is phishing, with reports of phishing attacks increasing by 1,178% in 2017 over the previous year.

Australian legal practices have been targeted by both domestic and international crime syndicates. The Law Council of Australia has stated that Australian law firms are prime targets for cyber attacks. In 2017, the New South Wales Law Society and the Queensland Law Society both issued various scam alerts warning its members of cyberattacks explicitly targeting Australian law firms through phishing.

The extensive research can reveal that 83% of top-tier and mid-tier law firms in Australia have an anti-phishing technology service in place to protect themselves from phishing attacks.

When it comes to anti-phishing vendors, there is no majority consensus within the legal sector as to a definite vendor to choose. Law firms rely on a wide variety of vendors. The only apparent commonality between the most popular services is that they are all cloud-based. The most popular services were Mimecast (36 instances), which was closely followed by Symantec (13) and MailGuard (8).

Mr Szathmari said: “We were pleased to see that only one in ten law firms had no anti-phishing protection in place at all. Meaning that 10% of the law firms assessed have not protected their employees from cyber attacks which arrive by emails.” According to the report, the most frequent email service left exposed was Microsoft Exchange, closely followed by the cloud-based email service Microsoft Office 365.

Iron Bastion’s report concludes that top-tier and mid-tier firms in the legal sector in Australia recognise the sheer scale of phishing threats, and have taken action to protect themselves. The majority of the law firms assessed (83%) were protecting their staff from phishing threats with the use of anti-phishing technology. A small fraction of these firms preferred to host the anti-phishing service themselves (10%), the majority (90%) chose to go for a cloud-based solution instead. Only one in ten firms we assessed had no protection at all.

Iron Bastion are Australia’s anti-phishing experts. We offer all legal firms the same anti-phishing technology used by the top-tier, without the top-tier pricing. Our range of services are cloud-based, fully managed and easily integrate with any existing infrastructure. Our team feature qualified cybersecurity experts, and all our staff and operations are based in Australia.

The full report is available on Iron Bastion’s Tech Blog at