How fast could your company lose $46M? BEC Scams do it in minutes. Find out how criminals hack CEO emails to earn themselves a huge payday at your expense.
Sometimes criminals hide in the shadows and sometimes they hide behind technology, waiting, ready to strike at the most vulnerable. You know this, so you’ve invested in employee education. Employees are aware of common cybersecurity threats and email scams. But the BEC scam turns everything on its head.
It does so by hijacking the CEO’s most important business communication tool, email.
A cybersecurity-aware employee would always check to see where an email is coming from if that email asks them to do something like send millions to a strange account. But what if that email looks like it comes from you?
A Business Email Compromise (BEC) scam is conducted via your CEO’s own business email account. The hackers monitor your email for days or months undetected before sending an email from you to one or more of your employees, asking them to do something like:
If an employee got an email from you, would they question it? In a modern workplace, you’ve built a team around you who would ask “why”. But what if the person receiving the email is not in your trusted circle?
Scammers often target those who report to them, and don’t know you as well, instead.
Hackers take it a step further. They use automation tools found on your email account to instantly identify and delete any emails questioning your instructions or warning you that you’ve been hacked.
This attack isn’t uncommon and the results are costly. Here are just a few medium-sized businesses that paid the price.
First of all, know that the CEO may not be the only target. It could be the CFO, CMO or even middle management.
They often attack companies using Office 365, which is relatively easy to breach if extra precautions aren’t taken. They gain access to your email via simple tricks like getting you to share your password on a spoofed 365 website.
Deploy education and technology to both prevent someone hacking a CEO email and to quickly identify when you or someone in the company has been compromised. This might include:
Above all, stay informed. Follow our blog to learn more about keeping your company safe from very real and sneaky cybersecurity threats like these.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.