Business Email Hacking Is a Problem: Here’s Why
Hackers are targeting CEOs through email, and the CEOs have no idea. Business email hacking is a big concern. Make sure you protect yourself and your business.
With all the information that is sent back and forth daily from one CEOs email, it is no wonder why these are some of the prime targets for hackers. From 2016 to 2018 Business Email Compromise (BEC) managed to steal over $5 billion in corporate funds. A few examples of BEC attacks include:
- The Dublin Zoo lost €130,000 in 2017
- Save the Children USA lost over $1 million in 2017
- Ubiquiti Networks lost more than $46 million in 2015
Protecting business email is obviously far more serious than a lot of CEOs realize because it is an extremely common route of attack. New Jersey IT services company, Two River Technology Group shares insights into the world of business email compromise and what you can do to protect your CEO’s email.
A Look at Business Email Compromise – BEC
Business Email Compromise is a pretty big deal in the world of business in modern times. A hacker that manages to gain control of or access to an email account can really manage to work a lot of things in their favor as part of a bigger plan of attack. Most often, hackers will target people with specific roles in the company, such as a manager, CFO, or CEO, because these are the email accounts that could yield the most power to a hacker.
What Hackers Are Doing with CEO Email Control
Once a hacker has access to a CEO’s email, they can use it for all kinds of reasons. The biggest concern is that private business information could be intercepted and stolen. Jeff Rapp with ARCIS Technology Group in Akron, OH shares “For example, if an HR manager sends a batch of payroll records to the CEO for the week’s pay approval, all of the data contained within those files could be exposed.” Some other things hackers are using email access to do include:
- To pose as the CEO to request funds to certain accounts or to request gift cards to phony organizations
- To gain access to other accounts by requesting password resets and then deleting them
- To lock a CEO out of their email account by changing the security parameters
Since everything is done under the radar, all of this could be taking place with the owner of the account being oblivious for quite some time.
How CEO Email Hacking Goes Unnoticed
It’s easy to speculate that a hacked CEO email would be a noticeable problem, but the criminals behind these attacks are pretty cunning in their endeavors. They take great measures to prevent an email account owner from recognizing their activities. The KnowBe4 Blog recently mentioned that hackers use integrated message rules to filter out incoming messages that may be warning the account owner that their email has been compromised. For example, the hacker can set the email to send any message containing words like “virus” or “attack” directly to the trash.
A business email compromise is a serious concern that should be examined in every organization, but it is one that is often neglected. By working with a managed IT services provider, you can obtain safeguards to protect your business email accounts from hackers poised to do your business harm.