On Thursday, March 6, at approximately 12:30 PM EST our office email system was compromised by a phishing email attack. As a result, the mailbox identified as ken@kenhirshlaw.com email sent out messages to contacts that instructed recipients to click on a link to view a secure document. Clicking on the link would download malware to the viewer’s email client and infect that computer. In turn, the victim email client would send the phishing message to that user’s contacts.

Any phishing email may pose a risk to the security of your email security.  Accordingly, if you received the above-referenced phishing email, please DO NOT open the attachment or provide your credentials. Instead, please delete that email and clear it from your deleted items folder. 

If you already clicked on the link and/or provided your credentials and/or MFA code, please advise your IT department. As general best practice, you should discuss the following with your IT department:

1. Changing your email password.
2. Revoking all email sessions if possible.
3. Add Multifactor Authentication (MFA) to your account, or resetting your existing MFA and removing unknown authentication devices from your account.

Please forward this message to anyone else in your organization who may have received the phishing email.  We apologize for any inconvenience this may have caused. Thank you for your patience during this time.