Law firms often have accounting departments with access to wire transfer capabilities through online banking. There is a risk with these systems of infection with malware (i.e. keyloggers) and then unauthorized wire transfers of hundreds of thousands of dollars. A Toronto firm in 2012 had a "six figure loss" from this type of attack. These attacks are likely just the tip of the iceberg because law firms don't like to admit to having had trust funds stolen.

A good solution to the problem of attacks on accounting computers is to air gap them. The strategy is to provide a dedicated computer with a separate internet connection for wire transfers. Having a separate computer (and internet) means that any infections on the network or in an email attachments can't affect the banking computer. This method would have prevented the two attacks linked to above (and virtually any other kind of attack).

It's important if using this approach to have a policy that anyone using the computer is not allowed to access email or websites other than for banking. The policy can be enforced by technical restrictions put in place by IT.

A laptop can be purchased for under $500 and the cheapest internet plans are about $30/mo. That's a pretty affordable way of preventing the loss of reputation and hundreds of thousands of dollars in trust money.

This approach can also be used for opening suspicious mail attachments. Using a separate isolated system (perhaps a VM) can prevent the risk of infections spreading to other computers.