Friday Afternoon Fraud: DMARC for Law Firms

Friday afternoon completions are a favourite window for email fraud against law firms. Here is how DMARC stops criminals sending in your firm's name.

Friday Afternoon Fraud: DMARC for Law Firms

Law firms are a prime target for email impersonation, and Friday afternoons during completion are the classic moment criminals strike. A spoofed message about changed bank details can cost a client their deposit, and your firm its reputation.

What this short video covers

  • Why conveyancing and completion deadlines make law firms such an attractive target
  • How criminals send email that appears to come from your own domain
  • What DMARC does, and how it stops spoofed mail reaching clients
  • Why SRA and PII expectations increasingly assume basic email controls are in place
  • How monitoring catches a problem before a client loses money

Most firms assume an email claiming to be from a partner really is from that partner. Domain spoofing exploits exactly that trust: criminals forge your domain in the From address, and without the right protection those messages land in your client's inbox looking entirely genuine. During a completion, a single fake note about updated account details is all it takes.

DMARC closes that gap by telling receiving servers to reject mail that is not genuinely from you, building on SPF and DKIM. The catch is that DMARC only protects you once it is set to enforce, and it needs monitoring so a configuration change does not quietly leave you exposed. That is the part most firms miss.

Start your free health checkSubscribe for £39 per domain, per month

Shaun Cooke
Shaun Cooke

Founder of SealedMail and a UK email-security specialist in DMARC, SPF, DKIM and email authentication for regulated sectors. He personally reads the DMARC and TLS reports behind every SealedMail account and writes the company's plain-English guides. More from Shaun Cooke →