Close X
Attorney Spotlight

How did Mike DeAgro's experience co-founding a nonprofit advocacy organization lead to a career in the legal field? Find out more>

Search

Close X

Experience

Search our Experience

Experience Spotlight

Envision to Sell to KKR for $9.9 Billion

We represented Envision Healthcare Corporation (NYSE: EVHC) in its definitive agreement to sell to KKR in an all-cash transaction for $9.9 billion, including debt. KKR will pay $46 per Envision share in cash to buy the company, marking a 32 percent premium to the company's volume-weighted average share price from November 1, when Envision announced it was considering its options. The transaction is expected to close the fourth quarter of 2018. Read more


Envision Healthcare

Close X

Thought Leadership

Enter your search terms in the relevant box(es) below to search for specific Thought Leadership.
To see a recent listing of Thought Leadership, click the blue Search button below.

Thought Leadership Spotlight

Six Things to Know Before Buying a Physician Practice spotlight

Dermatology, ophthalmology, radiology, urology…the list goes on. Yet, in any physician practice management transaction, there are six key considerations that apply and, if not carefully managed, can derail a transaction. Download the 6 Things to Know Before Buying a Physician Practice to keep your physician practice management transactions on track.

Click here to download the guide.

Privacy Perils: Phishing in the Ocean of Apps

Firm Publication

Publications

October 20, 2017

News about phishing attacks implemented through email and websites is very common (see Déjà vu All Over Again; American Express – New Bait for an Old Phishing Lure; Beware of Text Scam, iPhone Users; Beware New Hacker Scheme Requesting Employee W-2 Information; and Dangers of Spear Phishing), but such attacks are not limited to those platforms. Any time you are asked to provide information over the internet, consider whether the request is legitimate. This includes being skeptical of requests for passwords within apps. 

Last week, a developer wrote about a phishing attack that uses a popup within an app that indistinguishably mimics Apple's frequent request for iCloud passwords. There have been no reports of this type of attack in the wild, but the developer notes it is relatively simple to implement.

The developer has provided some tips to protect against this type of attack:

  1. Hit the home button, and see if the app quits; if the app closes, it was a phishing attack. (Note: The tip is actually more complicated than that, discussing the "system dialog." Read the developer's post for the full explanation.)
  2. "Don't enter your credentials into a popup; instead, dismiss it, and open the Settings app manually."
  3. If you are not sure that the popup is valid, enter nothing because even "if you hit the Cancel button on a dialog, the app still gets access to the content of the password field," and "after entering the first characters, the app probably already has your password."

Although this discussion is iOS specific, the takeaway is not limited to Apple devices. Bad guys are creative, so be wary of any request to hand over your personal information. This should also serve as yet another (see Strong Passwords IV: The Phrase Awakens, Protecting Your Credit Card Online 3.0, and Additional Password Tips) reminder that using the same password across multiple accounts increases your vulnerability. A hacker can use the stolen password across multiple accounts to find ways to gain access to the desired information.

Privacy Perils imageCheck out our series, Privacy Perils, to learn what steps you can take to guard your personal and company data. For more information about this topic and other cyber security concerns, please contact Bob Brewer, Tony McFarland, Elizabeth Warren or a member of our Privacy & Data Security team.


Related Services

Notice

Visiting, or interacting with, this website does not constitute an attorney-client relationship. Although we are always interested in hearing from visitors to our website, we cannot accept representation on a new matter from either existing clients or new clients until we know that we do not have a conflict of interest that would prevent us from doing so. Therefore, please do not send us any information about any new matter that may involve a potential legal representation until we have confirmed that a conflict of interest does not exist and we have expressly agreed in writing to the representation. Until there is such an agreement, we will not be deemed to have given you any advice, any information you send may not be deemed privileged and confidential, and we may be able to represent adverse parties.