No matter how successful your business is, surely this scenario would still be a total disaster? Maybe you’re confident this wouldn’t happen to your business.
I truly hope it doesn’t, but it is something I’ve seen happen plenty of times to businesses around here.
This isn’t something done by a rogue employee wanting to steal cash, nor does it require anyone to get hold of your bank logon details.
No, this attack is set up very easily by a hacker. All they need is to gain access to one person’s email account.
In fact, email is still the biggest security threat to your business. It’s where most breaches start and where you need to be the most aware
Your email is still the main form of communication in and out of your business. Far too often, we are contacted by businesses whose staff think they have “clicked on a dodgy link”. Even the best defences are repeatedly tested by a huge number of attacks unleashed on your IT system.
The days of hackers breaking into email just for fun, or to cause havoc, are long gone. These days, they have more specific intentions. They want to learn your habits, who you talk to and how you talk to them.
Typically, they set up a hidden email forwarder. That means they can monitor all emails sent to you.
And from there they can spot patterns. Such as a large invoice sent by a key supplier, on the same date each month.
Then all they need to do is implement some clever social engineering… such as sending a fake follow-up email with “new bank details” immediately after the real invoice has been received…
This exact scheme is commonplace right now, and is the subject of my new book on email security. And I want to give you a free copy.