The Facebook Verification Scam That’s Stealing Business Accounts

Posted on by

Key Takeaway

If you receive a Facebook message claiming your business page is about to be disabled, proceed with caution. Many of these messages are phishing scams designed to steal your Google or Microsoft login credentials—not just your Facebook account. Once cybercriminals gain access to your email account, they may be able to access other business systems, reset passwords, and compromise sensitive information.

Why So Many Business Owners Are Seeing These Messages

Over the past several months, many business owners have reported receiving Facebook messages claiming that their page has violated advertising policies, posted prohibited content, or is about to be restricted unless they complete a verification process.

At first glance, these messages often appear legitimate.

They may use Facebook logos, professional formatting, and language that creates a sense of urgency. The message often warns that your account will be disabled or restricted if you fail to act immediately.

Unfortunately, that’s exactly what scammers are counting on.

Their goal is to create enough concern that you react before taking the time to verify whether the message is legitimate.

How the Scam Typically Works

The process usually starts with a message that appears to come from Facebook.  It is normally sent to your email address.

The message encourages you to click a link to verify your account or appeal a policy violation.

Once you click, you’re often taken to a website that looks very similar to Facebook’s login page.

At that point, the scam takes an unexpected turn.

Instead of asking you to verify your Facebook credentials, you’re asked to log in using Google or Microsoft.

For many people, this doesn’t seem unusual. After all, we use Google and Microsoft accounts to access countless online services every day.

But this is where the real danger begins.

The Real Target Is Often Your Email Account

Many people assume the scammers are trying to steal their Facebook account.

In reality, the bigger target is often your email account.

If a cybercriminal gains access to your business email, they may be able to:

  • Reset passwords for other accounts
  • Access sensitive business communications
  • Review financial information
  • Access cloud storage systems
  • Compromise additional business applications
  • Impersonate employees or business owners
  • Start wire transfers

For law firms, accountants, financial professionals, and other businesses that handle confidential information, the risks can be even greater.

Why Two-Factor Authentication Doesn’t Always Stop the Scam

Many business owners assume that two-factor authentication (2FA) will completely protect them.

While 2FA remains one of the most important cybersecurity tools available, sophisticated phishing attacks can sometimes work around it.

In these scams, victims are often asked to enter both their password and their authentication code.

The victim believes they are verifying their identity.

In reality, they are providing the scammer with the exact information needed to access the account in real time.

This type of attack is one reason cybersecurity experts continue to emphasize awareness and employee training in addition to technical security measures.

What Can Happen After an Account Is Compromised?

Once a cybercriminal gains access to an email account, the consequences can spread quickly.

We’ve seen situations involving:

  • Compromised business email accounts
  • Fraudulent wire transfers
  • Stolen social media accounts
  • Data breaches
  • Business interruption
  • Reputational damage

For many small businesses, the financial impact can be significant, especially when operations are disrupted or sensitive information is exposed.

How to Protect Yourself

Fortunately, there are a few simple steps that can help reduce your risk.

If you receive a message claiming Facebook is about to disable your account:

  1. Do not click the link in the message.
  2. Open a new browser window.
  3. Go directly to Facebook.com.
  4. Log in normally and check your notifications.
  5. Verify any account warnings through official Facebook channels.

Most importantly, slow down.

Scammers rely on urgency. The more rushed you feel, the more likely you are to make a mistake.

You should also look at the sender’s actual email address and the URL that the link sends you to.  Be sure to block that sender in your email.

How To Protect Yourself From Scams Like This

Cybercriminals continue to find new ways to trick business owners into giving away valuable credentials. What makes the Facebook verification scam particularly effective is that it combines social engineering, phishing, and urgency into a message that appears legitimate.

Good cybersecurity practices are always your first line of defense. However, businesses should also understand their exposure and review whether they have appropriate cyber liability insurance coverage in place.

Sometimes what looks like a simple Facebook notification can become a very expensive mistake. Taking a few extra moments to verify a message today may save your business from a much larger problem tomorrow.

Vacation Mistakes That Can Lead to Malpractice Claims

Posted on by

Key Takeaway

Did you know that the summer vacation season can create unexpected malpractice risks for law firms when deadlines, file coverage responsibilities, and client communication are not handled properly before attorneys and staff take time away from the office? 

Many malpractice claims begin with small administrative breakdowns—not major legal mistakes—which is why planning ahead during vacation season is so important.

Why Summer Can Increase Risk for Law Firms

Most attorneys look forward to summer vacations and holiday weekends. After all, everyone needs time away from work occasionally.

But for law firms, vacation season can also create conditions where preventable mistakes become more likely.

Reduced staffing, attorneys being out of the office, delayed communication, and shifting responsibilities can all increase the risk of something important slipping through the cracks.

In many malpractice situations, the issue is not that someone misunderstood the law. Instead, the problem often involves:

  • Missed deadlines
  • Calendar oversights
  • Unreturned client communications
  • Poor internal handoffs
  • Lack of file coverage
  • Miscommunication between attorneys and staff

These types of administrative issues can become more common during busy summer months when schedules are less structured and firms may be operating with fewer people in the office.

Out-of-Office Messages Do Not Stop Deadlines

One of the biggest risks during vacation season is assuming that an out-of-office email or reduced summer schedule somehow slows down legal obligations.

Unfortunately, deadlines continue regardless of whether someone is on vacation.

Court filing deadlines, statutes of limitation, discovery responses, transactional deadlines, and client obligations do not pause simply because key staff members are unavailable.

If a file is not being actively monitored while someone is away, the risk of missing something important increases significantly.

Many malpractice claims begin with something relatively small:

  • a missed filing deadline,
  • a document that was never reviewed,
  • or an email that nobody realized required immediate attention.

Often, the issue could have been prevented with better planning before the attorney or staff member left the office.

Communication Breakdowns Can Create Problems Quickly

Vacation season can also create communication challenges inside the firm and with clients.

For example, clients may become frustrated if:

  • they are unsure who is handling their matter,
  • emails are not returned promptly,
  • or urgent concerns are not addressed while their primary attorney is away.

Even when no actual legal error has occurred, poor communication can damage trust and increase the likelihood of complaints.

Internally, communication problems can arise when responsibilities are not clearly assigned before someone leaves for vacation.

It is not uncommon for multiple people within a firm to assume that “someone else” is monitoring a file or handling a deadline. Unfortunately, that assumption can create significant exposure if no one is actually responsible for the matter.

Clear internal communication and documented coverage plans can go a long way toward reducing these risks.

Summer Staffing Changes Can Increase Exposure

Many firms also bring in interns, law clerks, or temporary staff during the summer months.

While additional support can be helpful, newer employees may not fully understand:

  • office procedures,
  • confidentiality expectations,
  • calendaring systems,
  • or the importance of certain deadlines and communications.

This creates another layer of risk that firms should consider during vacation season.

Even experienced employees may be covering unfamiliar responsibilities while coworkers are away, increasing the possibility of administrative mistakes.

Training, supervision, and clearly defined procedures become especially important during periods when staffing structures change.

Why Small Administrative Problems Matter

One of the biggest misconceptions about malpractice claims is that they usually involve major legal errors or courtroom mistakes.

In reality, many claims begin with smaller administrative breakdowns that gradually escalate into larger issues.

Examples may include:

  • failing to properly calendar a deadline,
  • missing a client communication,
  • failing to document advice or instructions,
  • or not clearly assigning responsibility for a file during an absence.

These situations often become more likely during holidays, vacations, or periods where firms are operating with reduced staffing levels.

The good news is that many of these risks are preventable.

Risk Management Tips Before Taking Vacation As An Attorney

Vacation itself is not the problem. 

The issue is usually the lack of preparation before someone leaves the office. Before attorneys or staff take time away, firms should consider reviewing several important areas.

Review All Upcoming Deadlines

Take time to carefully review calendars, court dates, filing deadlines, and active matters before leaving.

This helps ensure that important dates are not overlooked while someone is unavailable.

Clearly Assign File Responsibility

Every active matter should have a clearly designated point of contact while the primary attorney or staff member is away.

Avoid situations where responsibility is assumed rather than specifically assigned.

Communicate Internally

Make sure attorneys, paralegals, assistants, and administrative staff understand:

  • who is covering which matters,
  • who should receive urgent communications,
  • and how emergencies should be handled.

Set Clear Client Expectations

Clients should know:

  • when their attorney will be unavailable,
  • who they should contact if an urgent issue arises,
  • and what type of response time they can expect.

Good communication helps reduce frustration and confusion.

Review Cybersecurity Risks

Vacation periods can also increase cybersecurity exposure because employees may be working remotely, using mobile devices, or moving quickly through emails before leaving town.

Law firms should remind employees to remain cautious about:

  • phishing emails,
  • wire transfer requests,
  • password security,
  • and suspicious links or attachments.

Strong Internal Systems Help Prevent Avoidable Claims

No law firm can eliminate every possible risk.

However, firms with strong procedures, communication systems, and file management practices are generally in a much better position to avoid preventable malpractice problems.

Summer vacation season is a good reminder that many malpractice claims do not begin with dramatic legal mistakes. They often begin with small administrative issues that were never addressed early.

Good planning, clear communication, and proper file coverage can significantly reduce the likelihood of problems developing while attorneys and staff are away from the office.

Start Planning Now And Enjoy Your Vacation

Taking vacation and spending time away from work is important for attorneys and staff alike. But before leaving the office, it is worth taking a few extra steps to make sure files, deadlines, and client communication are properly managed.

In many cases, preventing a malpractice claim starts long before a problem develops.

It starts with preparation.

One Click Is All It Takes: How a Simple Phishing Email Can Lead to a Major Cyber Insurance Claim

Posted on by

Key Takeaway

Many cyberattacks no longer look suspicious. Modern phishing emails often appear legitimate and are designed to trick employees into clicking links, opening attachments, or providing login credentials. For businesses and law firms, one mistaken click can lead to ransomware, data breaches, wire fraud, business interruption, and significant financial losses. Cyber liability insurance can help protect against these risks—but understanding your coverage before an incident occurs is critical.

Why Small Businesses and Law Firms Are Prime Targets for Cyberattacks

One of the biggest misconceptions about cybercrime is that hackers only target large corporations.

In reality, small businesses and law firms are targeted every day. According to Gartner research, end-user spending on information security is projected to reach approximately $215 billion globally in 2024, with financial institutions among the industries making the largest cybersecurity investments 

Cybercriminals know that many smaller organizations can’t spend like financial institutions.  They do not have dedicated cybersecurity teams or sophisticated security infrastructure in place. 

They also know that employees are busy, moving quickly, and often handling large volumes of emails, invoices, contracts, and document requests throughout the day.

For law firms specifically, cybercriminals recognize the value of the information attorneys handle, including:

  • Confidential client communications
  • Financial records
  • Settlement information
  • Wire instructions
  • Personally identifiable information
  • Business and litigation documents

Because of this, law firms and professional service businesses have become increasingly attractive targets.

A Real Example of a Modern Phishing Email

Recently, I received a phishing email that looked legitimate at first glance.

The subject line referenced a “Deposit Confirmation Request” and stated that documents were ready for signature. The email used professional formatting and branding that appeared to come from a legitimate business platform.

To someone moving quickly through emails during a normal workday, there would have been very little that immediately stood out as suspicious.

That is exactly what makes these attacks so dangerous today.

Years ago, phishing emails were often easier to identify because they contained obvious spelling errors, poor formatting, or unusual wording. Modern phishing attacks are much more sophisticated. 

Many are carefully designed to resemble everyday business communications.

Common examples include:

  • DocuSign requests
  • Facebook account cancellations
  • Deposit confirmation emails
  • Shared document notifications
  • Microsoft 365 login alerts
  • Invoice requests
  • Wire transfer confirmations
  • Password reset requests

Cybercriminals understand that employees regularly interact with these types of emails, which increases the likelihood that someone will click without taking a closer look.

What Happens After Someone Clicks a Malicious Link?

Many cyber incidents begin with a simple mistake.

Once an employee clicks a malicious link or opens an infected attachment, several different things can happen depending on the nature of the attack.

Ransomware Attacks

One of the most common outcomes is ransomware. In these situations, hackers lock access to business systems and files until a ransom is paid.

This can bring normal business operations to a halt for days—or even weeks.

Data Breaches

A phishing attack may also allow cybercriminals to access sensitive client or customer information.

For law firms, this can create significant legal, ethical, and reputational concerns.  It takes years to develop a stellar reputation and seconds to destroy it.

Wire Fraud and Financial Theft

Some attacks are designed specifically to compromise banking information or redirect wire transfers. Businesses handling real estate transactions, settlements, or vendor payments are particularly vulnerable. In the legal field, these attacks often target attorneys, paralegals, or office managers involved in client billing, wire transfers, or trust account administration.

Business Interruption

Even when data is recoverable, downtime itself can become extremely expensive. Businesses may lose revenue, productivity, and client trust while systems are being restored.

The Financial Impact of a Cyberattack

The costs associated with a cyber incident often extend far beyond repairing a computer system.

Businesses may face:

  • IT forensic investigation costs
  • Data recovery expenses
  • Lost revenue from downtime
  • Legal fees
  • Breach notification costs
  • Credit monitoring services
  • Public relations expenses
  • Regulatory penalties
  • Increased insurance premiums after a claim

For many small businesses, even a relatively small cyber incident can create serious financial strain.  According to industry research, the average cyberattack on a small or mid-sized business can cost over $250,000 once you factor in downtime, recovery costs, lost revenue, and other expenses. 

Does General Business Insurance Cover Cyberattacks?
One of the most common misunderstandings I see is the assumption that standard business insurance automatically covers cyber-related incidents.

In many cases, it does not.

Some policies may provide very limited protection with small sub-limits, while others exclude cyber-related losses entirely.

That is why cyber liability insurance has become so important.

What Does Cyber Liability Insurance Typically Cover?

Coverage varies depending on the policy, but a properly structured cyber liability policy may help with expenses related to:

Forensic Investigations

Determining how the breach occurred and what systems or information were affected.

Data Recovery

Recovering or restoring compromised systems and files.

Business Interruption

Helping offset lost income during operational downtime.

Legal Expenses

Coverage for certain legal costs associated with a cyber incident.

Breach Notification Costs

Helping businesses comply with legal notification requirements after a data breach.

Ransomware and Extortion Expenses

Some policies may help cover ransomware-related costs depending on the circumstances and policy terms.

Because every business is different, it is important to review policy details carefully and understand what is and is not included.

Cyber Insurance Is Not a Substitute for Cybersecurity

Cyber liability insurance is an important part of risk management—but it should not replace good cybersecurity practices.

Businesses should still implement:

  • Employee cybersecurity training
  • Multi-factor authentication
  • Strong password policies
  • Email filtering and spam protection
  • Regular software updates
  • Reliable data backups
  • Reputable IT support

Even with strong systems in place, however, human error remains one of the leading causes of cyber incidents.

And sometimes, all it takes is one click.

Final Thoughts: Review Your Cyber Coverage Before There’s a Problem

The reality is that no business is completely immune from cyber threats anymore.

Modern phishing emails are becoming increasingly convincing, and cybercriminals continue to target businesses of all sizes—including law firms and professional service providers.

Understanding your cyber risks—and your insurance coverage—before an incident occurs can make a significant difference in how disruptive and expensive a cyber event becomes.

If you are unsure whether your current policy adequately addresses cyber risks, it may be worth reviewing your coverage now rather than waiting until after a problem occurs.

Claim vs. Potential Claim: When Should Attorneys Report to Their Malpractice Carrier?

Posted on by

One of the most common questions I get from attorneys is this:

“What’s the difference between a claim and a potential claim—and when do I actually need to report it?”

It’s a great question, and the answer can have a major impact on whether your malpractice coverage protects you when you need it most.

What Is a “Claim”?

A claim is typically straightforward. It involves a clear allegation of wrongdoing or a demand for money. This could be a lawsuit, a formal demand letter, or any situation where a client (or former client) is asserting that an error caused them harm.

At that point, most attorneys know they need to notify their insurance carrier.

What Is a “Potential Claim”?

A potential claim is less obvious—but just as important.

This is when you become aware of a situation that could lead to a claim, even if no one has formally complained yet. Common examples include:

  • Missing a filing deadline
  • Discovering a mistake in a document or case strategy
  • Receiving communication from a client that suggests dissatisfaction (including online reviews)
  • Realizing something may not have been handled correctly

In these situations, nothing has escalated yet—but there’s a reasonable chance it could.

Why Timing Matters When It Comes To Legal Malpractice Claims

Most legal malpractice policies are claims-made policies, which means coverage is triggered based on when a claim is reported—not just when the incident occurred.

That’s why the distinction between a claim and a potential claim is so important.

Reporting early isn’t just a requirement of the policy—it can also work in your favor. 

Getting your carrier involved sooner can help reduce defense costs, improve the chances of resolving the issue efficiently, and give you more options if the situation develops into a formal claim.

In fact, many malpractice claims don’t begin with a lawsuit—they start as smaller issues that weren’t addressed early.

The Risk of Waiting To Report A Claim

It’s not uncommon for attorneys to hesitate before reporting a potential issue. There’s often concern about how it might impact premiums or whether it’s “too early” to involve the carrier.

But waiting can create serious problems.

If you’re aware of a potential issue and choose not to report it—and that issue later turns into a claim—there’s a risk your carrier may deny coverage altogether.

A Simple Rule to Follow

If there’s any doubt, it’s usually better to have the conversation early.

You don’t need to have all the answers, and reporting something doesn’t mean it will automatically turn into a claim. It simply puts you in a better position if it does.

If you’re unsure about your current policy or what should be reported, it’s worth taking a few minutes to review your coverage and get clarity before an issue arises.

If you have questions about your current coverage or want a second opinion, feel free to reach out 412.563.2106

Lawyers: You May Not Have the Cyber Coverage You Think You Do

Posted on by

When I review insurance policies for law firms, there’s one issue I see come up again and again…cyber liability.

And more often than not, the conversation starts the same way:

“We already have cyber coverage.”

That may be true. But the real question is… what does that coverage actually include?

Because in many cases, when we take a closer look, there are some significant gaps.

The Problem Isn’t Whether You Have Coverage—It’s What It Covers

I recently reviewed a policy for a small law firm. Smart attorneys, well-run practice, and they were confident they had everything in place from an insurance standpoint.

On the surface, it looked like they had cyber coverage.

But once we dug into the details, the picture changed.

There was no coverage for social engineering fraud.
Wire transfer fraud protection was missing.
Business interruption coverage was minimal.
And the deductible was set so high that it would take a major incident before the policy even became useful.

This isn’t unusual. Many cyber policies are written in a way that appears comprehensive, but when you read the fine print, certain types of claims are carved out, capped, or excluded altogether.

Why Law Firms Are a Target

Law firms are in a unique position when it comes to cyber risk.

You’re handling sensitive client information.
You’re moving money.
You’re constantly communicating via email.

That combination makes law firms an attractive target for cybercriminals.

And unlike large financial institutions, most firms don’t have the same level of cybersecurity infrastructure or internal controls in place. That doesn’t mean firms are careless—it just means they’re often easier to exploit.

All it takes is one convincing email.
One request that looks legitimate.
One click.

From there, a situation can escalate quickly—sometimes into a six- or even seven-figure loss.

Where Cyber Policies Often Fall Short

This is where things get tricky.

A policy might say “cyber coverage,” but that doesn’t always mean you’re protected in the ways you expect.

Some of the most common gaps I see include:

  • Social engineering fraud – when someone impersonates a trusted party to trick you into sending money
  • Funds transfer fraud – unauthorized movement of money through your systems
  • Ransomware payments – coverage limits or conditions that don’t fully address real-world scenarios
  • Business interruption – limited protection for lost income if your systems are down

In many cases, these areas are either excluded entirely or subject to strict sublimits that may not go very far in an actual event.

A Better Question to Ask

If you’re a law firm owner, I’d encourage you to shift the way you think about cyber insurance.

Instead of asking:

“Do we have cyber coverage?”

Ask:

“What exactly is covered, where are the gaps and can we afford that risk?”

That’s where the real value is.

Because with cyber liability, what you don’t know can end up being the most expensive part.

Final Thought From Don I, Your Insurance Guy

Cyber risk isn’t going away. If anything, it’s becoming more sophisticated and more targeted.

The goal isn’t to overcomplicate things or create unnecessary concern—it’s simply to make sure you understand what you have in place before you need it.

If you’re unsure, it’s worth taking a closer look.

Sometimes a quick review can uncover small adjustments that make a big difference.

About the Author

Don I helps law firms and small businesses understand their insurance coverage so there are no surprises when it matters most. If you’d like a second set of eyes on your policy, he’s always happy to provide straightforward, no-pressure feedback.

Choosing the Right Clients: A Risk Law Firms Often Overlook

Posted on by

One of the most important risk decisions a law firm makes doesn’t happen in the middle of a case. 

It happens at the very beginning — when deciding whether to take on a client.

Over the years, I’ve seen situations where problems didn’t come from how the work was done, but from taking on work that wasn’t the right fit to begin with.

Every Firm Has a Sweet Spot

Every law firm has a “sweet spot” — the types of cases it handles well, the types of clients it works best with, and the structure it has in place to support that work.

When a case falls outside of that sweet spot, risk tends to increase, which can lead to malpractice claims.

Sometimes it’s a matter of complexity. 

A sole practitioner may take on a matter that realistically requires a larger team — multiple paralegals, more time, and additional support.

The opportunity may look attractive from a revenue standpoint. But if the firm doesn’t have the capacity to fully support the work, the situation can become difficult to manage.

When Revenue and Risk Don’t Align

I’ve seen cases where a matter generates significant revenue, but also creates exposure that far exceeds it.

What looks like a strong opportunity on the surface can carry risks that aren’t immediately obvious.

That’s why it’s important to evaluate not just the potential upside of a case, but whether the firm has the capability and resources to handle it properly.

The Client Fit Matters Too

In other situations, the issue isn’t the case — it’s the client.

Some clients require more communication, more oversight, or a different working style than others. Every firm operates a little differently, and not every client will be a good fit.

If your firm has a certain pace, structure, or approach to communication, it’s important that the client aligns with that.

Sometimes your instincts will tell you that something isn’t quite right. That doesn’t necessarily mean the client is difficult — it may simply mean they’re not the right fit for your firm.

Listen To Your Gut.

It’s Okay to Say No

Referring a case out or declining to take on a client is often a good decision — for both the firm and the client.

Making sure a client is in the right place, with the right resources and expertise, ultimately leads to better outcomes.

Start with the Right Decision For Your Firm

At the end of the day, the goal is to ensure that the work you take on matches your firm’s capabilities — the right experience, the right resources, and the right structure. 

When those things are aligned, you’re in a much better position to serve your clients effectively while managing risk.

And sometimes, the best decision you can make is the one you make before the work ever begins.

Cyber Insurance Gaps I See Most Often in Law Firms

Posted on by

Cyber insurance has become an important part of risk management for law firms. Data breaches, ransomware attacks, and phishing attempts are now common risks in the legal industry, particularly because firms handle sensitive client information.But one thing I’ve noticed over the years is that many small to mid-sized law firms have cyber insurance coverage that isn’t fully aligned with the risks they actually face.

The issue is usually the details of that insurance policy.

There are several coverage gaps that tend to show up repeatedly when reviewing policies for law firms.

Common Cyber Insurance Gaps Law Firms Should Watch For

While every policy is different, there are a few areas where coverage often falls short. Understanding these gaps can help firms avoid unpleasant surprises if a cyber incident occurs.

Below are some of the most common issues I see.

Inadequate Coverage Limits

One of the most common cyber insurance gaps is insufficient coverage limits.

Cyber incidents can become expensive very quickly. Even a relatively contained incident can involve multiple layers of cost.

Potential Costs of a Cyber Incident

A cyber event may involve:

  • Forensic investigations to determine what happened and how the breach occurred
  • Legal costs associated with responding to the incident
  • Client notification requirements depending on the type of data involved
  • Credit monitoring services for affected clients
  • Business interruption losses if systems are unavailable

For example:

  • A forensic investigation alone can cost $15,000 to $50,000 or more, depending on the complexity of the breach.
  • Credit monitoring services can run up to $30 per person per month for 12–24 months.

When you add those costs together, the financial impact can expand quickly.If a firm’s coverage limit is too low, the policy may still provide assistance—but it may not go nearly as far as the firm expected.

Missing or Limited Social Engineering Coverage

Another gap I often see involves social engineering coverage.Social engineering fraud occurs when someone is tricked into sending money or sensitive information because they believe the request is legitimate.

Examples of Social Engineering in Law Firms

These situations might involve:

  • An email that appears to come from a client
  • A request that looks like it came from a colleague
  • Instructions from what appears to be a trusted partner in a transaction

Because legal transactions often involve sensitive documents and financial transfers, law firms can be particularly vulnerable to these types of scams.

However, not every cyber insurance policy automatically includes strong protection for social engineering losses.In many cases, it requires a specific endorsement or additional coverage to be added to the policy.

Lack of Meaningful Business Interruption Coverage

Business interruption is another area that is sometimes overlooked.

If a cyber incident shuts down a firm’s systems, the consequences can extend far beyond the technical problem itself.

How System Downtime Can Affect a Law Firm

When systems are unavailable, firms may experience:

  • Delayed cases and legal filings
  • Staff unable to access important files
  • Disruptions to normal operations
  • Potentially missed statutes of limitation

Even a temporary disruption can have significant operational and financial consequences.Business interruption coverage is designed to help address these situations. However, not every policy includes this coverage in a meaningful way, and some policies may include limitations that firms don’t realize until after an incident occurs.

High Deductibles That Surprise Firms Later

Another detail that often gets overlooked is the policy deductible.Many firms understandably focus on the coverage limit, but the deductible plays an equally important role in determining how the policy functions.

Why Deductibles Matter

Some cyber policies carry deductibles that are much higher than firms realize.

This means that before the insurance coverage begins responding, the firm may need to absorb a significant portion of the costs themselves.

If that deductible is higher than expected, the financial impact of an incident may be greater than anticipated.

Reviewing this number carefully is an important step in understanding how the policy will actually work in a real-world situation.

Misunderstanding the Retroactive Date

One final detail that deserves attention is the retroactive date.The retroactive date helps determine how far back the policy coverage applies if a breach or cyber incident began before it was discovered.

Why Retroactive Dates Matter

Many cyber incidents are not discovered immediately. In some cases, malicious activity may have started months before anyone realized there was a problem.

The retroactive date helps determine whether that earlier activity is covered.If the retroactive date isn’t fully understood, firms may assume coverage exists when it may not apply in certain situations.

Why These Gaps Happen

It’s important to note that these gaps usually don’t happen because law firms are careless.

In most cases, the issue is simply that:

  • Cyber insurance has evolved rapidly in recent years
  • Policy language can be complex
  • Coverage options can vary significantly between insurers

As a result, many firms end up with policies that made sense when they were purchased—but may not fully reflect how the firm operates today.

Reviewing Your Cyber Insurance Coverage

Because cyber risks continue to evolve, it’s helpful for law firms to periodically review their cyber insurance policies.

A simple policy review can help answer important questions such as:

  • Are the coverage limits still appropriate?
  • Does the policy include social engineering protection?
  • Is there meaningful business interruption coverage?
  • Are the deductibles reasonable?
  • Do we fully understand the retroactive date?

Often, a short conversation can clarify many of these details and help firms feel more confident about the protection they have in place.

Final Thoughts

Cyber insurance has become a critical component of risk management for modern law firms.

However, having coverage isn’t always the same as having the right coverage.

Taking the time to review the details of a policy can help ensure that the protection in place truly aligns with the risks law firms face today.

Want Help Reviewing Your Policy?

If you’re not sure how your cyber insurance policy would respond in a real-world incident, it may be worth taking a closer look.Give INF a call at 412-563-2106 and we can review the key areas discussed in this article to make sure your firm has coverage that’s right for you.

I’m Don I. Your Insurance Guy.

Extended Reporting Periods: What Every Attorney Needs to Know Before Tailing Out

Posted on by

If you’re planning to retire, step away from private practice, or transition out of law for any reason, there’s one topic you cannot afford to misunderstand: extended reporting periods, often referred to as “tail coverage.”

Recently, I read an article published on the Professional Liability Underwriting Society blog, authored by Lucas Roberts, that does an excellent job of reinforcing an important—and often overlooked—point about tail coverage. It’s a point worth emphasizing because getting it wrong can leave you exposed at exactly the wrong time.

What an Extended Reporting Period Really Does

Many attorneys assume that purchasing tail coverage (or qualifying for a free tail) automatically protects them from any issues that arise after their policy ends. That assumption can be dangerous.

An extended reporting period does not extend the time to report claims you already know about.

Instead, it allows you to report claims that are first made against you and first become known to you during the extended reporting period—after your policy has ended.

That distinction matters.

Known Claims Must Be Reported Before You Tail Out

Before canceling your policy or requesting tail coverage, you must take the time to review your files carefully. Any claim—or even a potential claim—that you are aware of must be reported to your carrier before the policy ends.

This is true whether you are:

  • Purchasing tail coverage, or
  • Qualifying for a free tail under your policy

Failing to report known issues before tailing out can result in a claim being denied later due to late reporting—even if you have an extended reporting period in place.

Why This Step Is So Important

Here’s the situation you want to avoid:

You retire or leave practice.
You tail out your policy.
A claim surfaces during the extended reporting period.
You report it—only to learn that the carrier declines coverage because the issue was known before the policy ended and was never reported.

At that point, you may find yourself personally responsible for a claim you assumed was covered.

The Right Way to Protect Yourself

Before you tail out:

  1. Review your open and closed files carefully
  2. Identify any actual or potential claims
  3. Report those issues to your carrier before canceling the policy
  4. Then proceed with tail coverage—free or purchased

Taking these steps helps ensure that the coverage you believe you have is actually there when you need it.

Final Thoughts

Extended reporting periods are a valuable protection—but only when they’re understood and used correctly. Don’t let a technical misunderstanding undo years of careful risk management.

If you’re approaching retirement or considering a transition out of practice, now is the time to review your coverage and make sure everything is handled properly.

Cyber Insurance Myths Law Firms Still Believe

Posted on by

Cyber insurance is still one of the most misunderstood types of coverage I see — especially among law firms.

Many firms assume they’re protected…
until something actually happens.

Unfortunately, that’s often when they discover the coverage they thought they had doesn’t respond the way they expected. Let’s clear up some of the most common cyber insurance myths law firms continue to believe.

Myth #1: “Our General Liability Policy Covers Cyber Incidents”

This is one of the most common — and most dangerous — assumptions.

In most cases, general liability insurance does not cover cyber incidents.
 General liability is designed for things like bodily injury, property damage, or advertising injury — not data breaches, ransomware, or network intrusions.

If a client’s personal information is compromised, a general liability policy typically won’t respond. That’s where cyber insurance comes in — if you have it set up correctly.

Myth #2: “We Have an IT Company, So We Don’t Need Cyber Insurance”

IT support is critical — but it’s not a substitute for insurance.

Think of it this way:

  • IT helps prevent problems
  • Insurance responds when prevention fails

Even the best security systems can be bypassed. Phishing emails, compromised passwords, vendor breaches, and human error still happen every day. When they do, cyber insurance helps cover the financial fallout — not your IT provider.

Myth #3: “We’re Too Small to Be a Target”

This one couldn’t be further from the truth.

Today, size doesn’t matter when it comes to cyber attacks. In fact, smaller law firms are often easier targets:

  • Less money spent on cybersecurity
  • Fewer internal controls
  • Outdated systems
  • Easier access points for attackers

Hackers aren’t always looking for the biggest payout — they’re looking for the path of least resistance.

Myth #4: “Cyber Insurance Is Just for Ransomware”

Ransomware may get the headlines, but cyber insurance covers much more than that.

Depending on the policy, cyber coverage may help with:

  • Data breaches
  • Business interruption
  • Client notification requirements
  • Forensic investigations
  • Legal and regulatory costs
  • Credit monitoring services
  • Crisis management and reputation support

Cyber incidents can affect your firm long after systems are restored — and the costs add up quickly.

The Real Issue: Understanding What Cyber Insurance Does (and Doesn’t) Cover

The biggest issue isn’t whether a law firm has cyber insurance.

It’s whether they understand:

  • What their policy actually covers
  • What it excludes
  • How it would respond in a real-world incident

If you’re not sure how your policy would work during a data breach or cyber attack, that’s usually a sign it’s worth reviewing.