Phishing Awareness & Cyber Compliance for Professional Services Support Staff

Introduction

Phishing attacks are one of the biggest cyber risks facing UK professional services firms today - and support staff are often the primary target.

In this practical and engaging webinar, expert speaker Dr Stephen Hill reveals how cyber criminals use phishing and social engineering to exploit everyday workflows within law firms, accountancy practices and consultancies. Using real-world UK examples, this webinar will demonstrate how seemingly harmless emails, calls or messages can lead to serious data breaches, financial loss and regulatory exposure.

You will gain the confidence to spot warning signs early, understand your role in meeting regulatory and client-driven cyber security expectations and apply simple, high-impact security best practices that protect both your firm and your career.

This webinar is essential viewing for support staff who wish to learn how to respond appropriately when something feels wrong and know exactly when and how to escalate suspicious activity - before it becomes an incident.

What You Will Learn

This webinar will cover the following:

• Setting the scene - why support staff are targeted
• Real-world examples from UK professional services (law, accountancy, consultancy)
• Attackers’ motivations - access to inboxes, client data, payment processes
• The ‘human firewall’ concept
• Phishing & social engineering essentials
• Email phishing, spear phishing and business email compromise
• SMS (‘smishing’), voice (‘vishing’) and MFA fatigue attacks
• Red flags - urgency, payment changes, unexpected attachments, spoofed domains
• Everyday security best practices
• Passwords & access
• Strong passphrases
• Multi-Factor Authentication (software and hardware options)
• Avoiding password reuse across personal and work accounts
• Devices & data handling
• Locking screens, secure printing and safe document sharing
• Recognising data sensitivity (client confidentiality, GDPR considerations)
• Secure use of Teams/SharePoint/OneDrive/Zoom/Office365
• Safe remote & hybrid working
• Wi-Fi risks
• Using VPNs
• Avoiding shoulder-surfing and device theft
• Compliance expectations in UK professional services
• Why regulators and clients expect strong cyber hygiene
• GDPR basics - personal data, lawful handling, breach reporting
• ISO 27001 / cyber essentials
• Firm policies - acceptable use, incident reporting, clean desk, classification
• What to do when something feels wrong
• ‘Stop, Don’t Click, Report’ model
• Why early reporting protects the firm and the individual - reporting is encouraged, not punished

This pre-recorded webinar will be available to view from Wednesday 24th June 2026

Alternatively, you can gain access to this webinar and 2,300+ others via the MBL Webinar Subscription. Please email webinarsubscription@mblseminars.com for more details.