THE OKLAHOMA BAR JOURNAL 56 | FEBRUARY 2026 Law Practice Tips By Julie Bays Beyond the Inbox: Preventing Data Breaches Before They Begin EARLIER THIS YEAR, I wrote about changes to Oklahoma’s security breach notification statutes and what those updates mean for lawyers after a breach has already occurred. In my Jan. 7 Courts & More tip, I focused on the new postbreach obligations these changes create.1 Now, I want to turn to the part we often overlook: What measures can prevent a breach from occurring in the first place? What happens before a breach is just as important as what happens after one. Honestly, it tends to get overlooked because it usually shows up in very ordinary ways. I am talking about everyday moments and routine emails that quietly set the stage for a much bigger problem. In January 2026, I received an email from a lawyer I know well, someone who regularly sends documents to a group I am a part of. At first glance, the message looked normal. It was simply a shared file, but there was no explanation or context. That struck me as odd. The lack of detail in the message immediately raised a red flag for me. Instead of opening it, I sent the lawyer a separate email from my contacts list. I made sure not to reply directly to the suspicious message and asked whether he had actually sent the file. The response came quickly from his Outlook account, and it simply said, “A file for your review.” That was when my concern grew. The reply was unusually brief and impersonal, which was out of character for him. Given how well I know this lawyer, I expected a more detailed answer or at least a bit of context. The vague response only confirmed my suspicion that something was wrong. Rather than clicking on the attachment, I did what I always encourage lawyers to do when something feels even slightly off. I paused and picked up the phone. When I called him, I learned that his email account had been hacked. He had not sent me anything at all. Someone else was using his name and signature block. What made this situation especially troublesome was that the scammer had full control of his Outlook account. Not only could the attacker send convincing emails, but they could also reply to new messages sent directly to his account. That meant the scammer could intercept and respond to legitimate inquiries, making the fraud even harder to detect. That brief pause – just a few seconds – stopped what could have turned into a much bigger problem. It highlights the importance of trusting your instincts and verifying anything that seems even a little bit off, especially when it comes from someone you know. Recognizing those small cues, like a change in writing style or a lack of context, can be the difference between stopping a breach and becoming a victim. This is how breaches usually start at law firms. It is almost never dramatic at the beginning. WHY THESE EMAILS ARE SO EFFECTIVE Phishing emails aren’t the clumsy, typo-filled spam they used to be. Nowadays, they: Come from real email accounts that hackers have already hijacked Use familiar names, signatures and writing styles Contain messages that sound vague but legit (“Please review,” “See attached,” “Did you request this?”) Include attachments or links designed to steal credentials or install malware Once a hacker gains access to one lawyer’s account, they don’t just
RkJQdWJsaXNoZXIy OTk3MQ==