Client Email Hacked and the Attacker Attempted to Lure Partners With Fake Invoices and Billings

Key Points From the Article

  • A business in the Metro DC area got their email hacked.
  • The business had no idea the email hacking had happened until their clients started messaging them that they were receiving funny invoices and billings.
  • Security researchers say that email hacking happens a lot more often than people would love to admit and when they realize it’s already too late.
  • There are several approaches to dealing with a hacked business email.

A business in the Metro DC area got their email hacked and didn’t realize it had happened until their clients started messaging them that they were receiving funny invoices and billing.

According to cybersecurity experts, business email hacking is more often than people would love to admit, and when they realize what has happened, it’s already too late.

A business email compromise is a growing cyber threat that faces businesses of all sizes. When a business’ account gets hacked, a company can take several approaches to mitigate the scenario. While there isn’t one right approach to mitigate a hacked business email, a company can take the following path:

YouTube video

1. Talk To Your Company’s IT Manager

Talk to the person or the company that manages your internal and external IT to ensure your email settings are done properly. There are security settings that your team should ensure are in place.

More importantly, your IT team will execute functions that will prevent escalation of the attack. For instance, your IT department will:

Check Your Computer Security

Most hackers collect passwords with malware installed on your computer. Your IT team can run antivirus software to help you establish the vulnerability that the attacker used to get into your system.

If the problem stems from outdated software, your IT team should check for available updates and execute a system update to patch any vulnerability.

Change Your Passwords

After sealing all the vulnerabilities that a hacker might have used to get into your system, you should update your email passwords to deny the attacker access to your email.

Your IT team can recommend stronger passwords — that are easy for you to remember but difficult to guess.

Inform Your Contact that You Were Hacked

Informing your contact that you were hacked clarifies to the clients or staff who the hacker might have emailed and tried to exploit. Hacking your business email may just be one route the hacker had taken to bait your contacts.

2. Create Email Hacking Awareness and Train Your Staff How to Catch Them

For the most part, email hackers target unsuspecting employees with tricks such as:

  • Phishing emails
  • Social engineering
  • Fraudulent activities

For the email hacking of the business in Metro DC, it’s very likely someone from the inside clicked on a phishing link that they should not have. The hacker then tried to impersonate the business and trick the business’ clients into initiating money transfers into unauthorized accounts.

Training your workforce about email hacking is the best defense strategy — especially for less computer-savvy staff. You need to help them identify phishing attempts and prevent an attack from happening.

Since the prime target of business email hacking is always payroll and finance employees, you can ask them to look at red flags such as:

  • Attackers who pretend to be customer service representatives and try to trick them into giving out personal information
  • Emails pretending to be business representatives asking for urgent actions
  • Clone emails — where hackers make a replica of a legitimate email that a trusted organization send
  • Malware phishing where attackers include malicious links or attachments that inject malware into your business system
  • Domain spoofing where an attacker mimic a company’s domain, address, and design to steal important login information
  • Vishing where the attack calls an employee pretending to be technical support, other organization, or a government agency to try and extract sensitive information

Preventing email hacking is better than mitigating an attack. However, the training shouldn’t be one-and-done because phishing attempts evolve. Hackers get smarter over time and, as a result, you need a continuous training program to protect your business from phishing attempts proactively.

3. Have a Response Plan

Often, when a business email gets hacked, many companies are caught unaware and don’t know what they should do next. You can have a plan and think through the scenario — even if it’s just a one-page plan or 15-minute discussion with your IT team.

A response plan greenlights the path your company should follow in case an attacker hacks your business email.

For instance, your immediate response can be as follows:

  1. Contact your financial institutions to check for fraudulent activities and request for their intervention if there are any.
  2. Notify your lawyers of the facts, especially when the hacking resulted in significant loss, when you need to communicate about the incident with shareholders and other stakeholders, and when regulation may require reporting. Your lawyers will give guidance regarding the next step.
  3. Inform law enforcement, and identify your incident as a business email compromise.
  4. File an online complaint at FBI’s IC3 (Internet Crime Complaint Center).
  5. Call an emergency meeting to tell senior management about the incident.
  6. Execute IT forensic for a full investigation of email compromise.
  7. Inform your cybersecurity insurance company about the incident.

A response plan also eases a lot of nerves and makes your team ready to react to the situation.

4. Invest in Cybersecurity Insurance

Cybersecurity insurance is critical in reducing the financial risks that come with your business operating online — including business email compromise. In the event of an email hack, your business may suffer financial losses in the form of:

  • Loss of customer(s)
  • Loss of revenue

Cyber liability coverage will offer timely remediation. If you don’t have cyber insurance, you should start discussing how to get cyber insurance with your insurance agent. Discuss what kind of scenarios that your cyber insurance company will cover.

Orion Networks Helps Businesses in Metro DC Mitigate Hacked Email Incidences

For over a decade, we’ve been helping organizations in Metro DC with their IT and mitigating cybersecurity issues. With the increased attack vector, stringent regulatory requirements, and exponential data growth, we understand that cybersecurity is dynamic.

Our cybersecurity experts will help you mitigate hacked email incidents and optimize your overall IT risk management. Contact us today to help you if your business email is compromised.