Most law firms moved to secure their websites during the past few years, prodded by bar regulators, who worry that client communications might be intercepted, and marketers, who’ve heard that Google dings websites lacking an SSL certificate.
But have law firms done all they can to protect against phishing attacks?
Law firms and their clients are particularly suspectible to phishing exploits. Just like banks, law firms are trusted entities that handle sensitive financial and personal information. An email purporting to come from an attorney’s domain will prompt at least a few clients to let down their guard.
Among marketers, email authentication is a “best practice” at least. Among law firms, it should be a “must do.”
One of my more popular posts was a longish look at domain name registrations by large law firms in the new(ish) .law top-level domain.
A relevant development occurred several weeks ago, when several federal legislators complained that a proposed .cpa top-level domain should not be operated in a manner that allows any member of the public to register a domain name in the .cpa space.
The congressmen, in a letter to the Internet Corporation for Assigned Names and Numbers (PDF), argued that open registration of domain names in the .cpa top-level domain would create an unreasonable risk to the public. They want restrictions in .cpa along the lines of those proposed by the American Institute of Certified Public Accountants, one of several applicants for the .cpa domain. Basically, the legislators want domain name sellers to verify the credentials of registrants in top-level domains associated with regulated industries and to limit registrations to credentialed applicants (licensed doctors in .doctor, licensed lawyers in .lawyer, veterinarians in .vet, et cetera).
ICANN has already rejected this argument — for .cpa and for many other domains targeting other professions and highly regulated industries. So far, so good within the legal profession. Lawyers today can choose among several inexpensively priced domains for use in their marketing campaigns.
The .law top-level domain (TLD), one of several new domains targeting the legal community, opened for business in October 2015. As a business concern, .law has struggled. That’s not news, and it’s not my intention to waste 3,000 words pointing out that .law is among the many domains struggling to get a foothold in the challenging new top-level domain market.
Instead, this post will take a look at what is actually going on in .law. My hope is that this exercise will prove enlightening for lawyers considering whether — and what — to register in the .law top-level domain.