As discussed in our previous chapter
on data breach nightmares, they have taken a variety of
forms, ranging from phishing scams and social engineering attacks (e.g., using e-mail to trick attorneys to visit a malicious web site or to be lured into
fraudulent collection schemes for foreign «clients») to sophisticated technical exploits that result in long term intrusions into a law firm's network to steal
information.