Email compromises are becoming more and more dangerous every year, and it’s important to know how they work.
Email Compromises involve the hacking of a company or personal email address with the intent to impersonate an individual or company. A hacker impersonating a trusted source could steal financial information, sensitive customer data, or trade secrets.
The easiest way a hacker will steal an email address to impersonate someone is through a spear phishing attack. It could be a fake web page, a fake email, or even a fake phone call, but somehow the hacker will get a hold of their targets email account username and password.
If a hacker can’t get to you directly, the easiest way to steal from you or your company is by impersonating someone in a high level position at your company or a trusted vendor/supplier.
If it’s an important person at your own company, usually the email will demand you send over wire transfer information right away. The hacker is hoping that you will fall for this scam because it is an urgent request from someone with authority over you.
If it’s a vendor/supplier, a hacker will usually request a copy of an invoice or similar document with financial information on it. They may say they need to send over a payment and ask for the company’s banking information.
They best way to protect your business from these type of attacks is to implement a recurring cyber security training plan. Knowing the signs of a threat and following up with the correct response is critical for the life of your business.