In today’s digital age, email is a crucial tool for businesses, but its ease of use also makes it a prime target for cybercriminals. When your business email gets compromised, it’s essential to respond swiftly and effectively to minimize potential risks. It’s worth noting that a business email compromise can provide attackers with an opportunity to infiltrate an organization.
A Real-life Example: The Treasure Island BEC Attack
A real-life example of this threat occurred in June 2021 when San Francisco-based homelessness charity Treasure Island fell victim to a severe month-long BEC attack, resulting in a staggering loss of $625,000. The attackers gained access to the organization’s bookkeeper’s email system, where they discovered and manipulated a legitimate invoice from one of Treasure Island’s partner organizations. Consequently, funds intended for the partner organization were transferred directly into the cybercriminals’ bank account. Unfortunately, the nonprofit lacked cybercrime insurance, and even worse, the U.S. Attorney’s Office in San Francisco declined to investigate the incident.
This is not an isolated case. BEC attacks have seen an 81% increase in 2022 and a staggering 175% rise over the past two years. Most concerning is that 98% of employees fail to report these threats, according to Abnormal Security. These attacks prey on human vulnerability, with attackers constantly innovating new social engineering tactics to trick employees into opening malicious emails and divulging sensitive information.
Despite law enforcement efforts to disrupt BEC cybercrime, attackers made a staggering $2.4 billion globally in 2021 from reported attacks, which dwarfs the earnings from ransomware attacks and forms a significant portion of the total gains from cybercrime. This emphasizes the urgency of robust email security measures to protect organizations from such threats.
Avoid being a victim of a BEC attack. Talk to our incident response team to identify and mitigate vulnerabilities in your system.
Immediate Action Steps
1. Change Your Password: The first line of defense is to change your email password immediately. Your new password should be strong and not easily guessable. This single step can prevent unauthorized access.
2. Inspect for Unauthorized Activity: Thoroughly review your email account for any signs of suspicious or unauthorized activity. First, look for sent or received emails that you didn’t authorize. Second, look for any automatic forwarding rules. These steps are essential to assess the extent of the compromise.
3. Implement Multi-Factor Authentication (MFA): Enable MFA for your email account. Multi-Factor Authentication adds an extra layer of protection, making it considerably more difficult for unauthorized individuals to gain access, even if they have your password.
4. Contact a cyber incident response team: Reach out to a qualified cyber incident response team that can investigate the issue and protect your business email from attackers.
If you’ve not been attacked (thankfully!), read on to understand all about how business emails can get hacked and what you can do to prevent it.
Basics of Business Email Hacking
Understanding Business Email Compromise (BEC)
Business Email Compromise (BEC) is a prevalent tactic used by cybercriminals. In a BEC attack, the attacker often impersonates a trusted colleague or client, attempting to trick you into performing actions like wire transfers or sharing sensitive information. Recognizing the signs of a BEC attack is critical in preventing financial and data loss.
Protecting Your Email Address
Your email address is valuable. To prevent it from falling into the wrong hands, be cautious about sharing it online, particularly on public forums or social media platforms. Cybercriminals often scrape the web for email addresses for malicious purposes.
Beware of Phishing Attacks
Phishing attacks are among the most common email-related threats. Cybercriminals send fraudulent emails that appear legitimate, asking you to click on links or provide personal information. Always double-check the sender’s address and the content of the email before taking any action. Suspicion is your ally in identifying phishing attempts.
Educate Your Team
If you are responsible for a business, it’s essential to educate your team about email security. Encourage them to follow best practices such as not clicking on suspicious links, being cautious with email attachments, and reporting any suspicious activity promptly.
Contact a Cyber Incident Response Team
Threat Alliance is a team of experienced cybersecurity experts who can provide immediate help to mitigate the impact of a business email compromise.
What to Do When You Suspect a Compromised Email?
If you suspect that your email account has been compromised, follow these comprehensive steps:
1. Contact your email provider or IT department for immediate assistance and guidance on addressing the compromise.
2. Inform your contacts about the situation. It’s vital to prevent further damage by letting others know about the compromise and advising them to be cautious about any correspondence from your account.
3. Monitor your other online accounts for unusual activity and consider enabling multi-factor authentication wherever possible to enhance security.
Remember that maintaining internet security is an ongoing process. Stay informed about the latest security measures and threats to keep your email accounts and sensitive information safe.
Conclusion: Safeguarding Your Business Email
In conclusion, when faced with a hacked business email, swift action is imperative. Change your password, inspect for unauthorized activity, and enable multi-factor authentication. Protect your email address, remain vigilant against phishing attacks, and educate your team about email security. By following these steps, you can minimize the risks associated with compromised emails and safeguard your business operations.