27 February, 2019
In the last couple of weeks the CLC has been notified of 3 almost identical cyber incidents from our regulated practices.
Hackers had secured access to an individual’s email account, probably through a phishing email.
The hacker then set up rules on that email account to either forward all emails, or emails containing key words to themselves. Key words might include sort code, exchange, bank details, payment etc.
The hacker could then send emails with revised bank account details, purporting to be from the practice to the client.
This is a variant on previous themes, but the advice and steps that can be taken to mitigate remain,
In light of these incidents CLC Regulated practices are encouraged to run security checks on their systems on a regular basis, and to check their systems have not been compromised in this way.
If you have any concerns over your IT security please contact your Regulatory Supervision Manager to discuss, firstname.lastname@example.org
Further advice is available here
|CookieConsent||https://www.clc-uk.org/||Stores the user's cookie consent state for the current domain||1 Year||HTTP|
|_ga||https://www.clc-uk.org/||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||1 Year||HTTP|
|_gat||https://www.clc-uk.org/||Used by Google Analytics to throttle request rate||Session||HTTP|
|_gid||https://www.clc-uk.org/||Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||Session||HTTP|
|collect||google-analytics.com||Used to send data to Google Analytics about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels.||Session||Pixel|
|GPS||youtube.com||Registers a unique ID on mobile devices to enable tracking based on geographical GPS location.||Session||HTTP|
|VISITOR_INFO1_LIVE||youtube.com||Tries to estimate the users' bandwidth on pages with integrated YouTube videos.||1 Year||HTTP|
|YSC||youtube.com||Registers a unique ID to keep statistics of what videos from YouTube the user has seen.||Session||HTTP|