Friday Afternoon Fraud: DMARC for Law Firms
Friday afternoon completions are a favourite window for email fraud against law firms. Here is how DMARC stops criminals sending in your firm's name.
Law firms are a prime target for email impersonation, and Friday afternoons during completion are the classic moment criminals strike. A spoofed message about changed bank details can cost a client their deposit, and your firm its reputation.
What this short video covers
- Why conveyancing and completion deadlines make law firms such an attractive target
- How criminals send email that appears to come from your own domain
- What DMARC does, and how it stops spoofed mail reaching clients
- Why SRA and PII expectations increasingly assume basic email controls are in place
- How monitoring catches a problem before a client loses money
Most firms assume an email claiming to be from a partner really is from that partner. Domain spoofing exploits exactly that trust: criminals forge your domain in the From address, and without the right protection those messages land in your client's inbox looking entirely genuine. During a completion, a single fake note about updated account details is all it takes.
DMARC closes that gap by telling receiving servers to reject mail that is not genuinely from you, building on SPF and DKIM. The catch is that DMARC only protects you once it is set to enforce, and it needs monitoring so a configuration change does not quietly leave you exposed. That is the part most firms miss.
Start your free health checkSubscribe for £39 per domain, per month