There’s been a surge of Business Email Compromise (BEC) and Account Takeover (ATO) incidents of recent and it doesn’t matter the industry or the size of the organization, big or small, you are a target. In fact, if you are a small business, you may be even more at risk and the results may be even more impactful.
BEC is when a legitimate business email account is compromised through social engineering, exposed emails from online service provider, websites and business networking site and sometimes just by looking at email addresses of C-Level employees on corporate websites. Then using techniques to impersonate (spoof) an employee email address and/or display name and conduct the unauthorized transfers of funds internally or from customers and partners, ask for SSN, credit card info, etc…
ATO, though related to and sometimes used in conjunction with BEC, can be even more devastating. Now instead of having just an email address the culprit now has login credentials such as username and password. This compromise happens way too often when employees use the same username and password as credentials to log into non-business resources such as social networks, online magazine subscription services, etc…, but could also happen if credentials were compromised on-prem and the results feed out to a database on the Dark Web. With ATO, the culprit now has full access to the compromised account, whether that’s on: Google G Suite; Microsoft Office 365; DropBox; On-premises through a compromised device or through VPN access, etc…
Once full access is gained, that’s when even more damage can occur. If it’s online service, the culprit could start deleting files from: Google Drive; Microsoft OneDrive; DropBox; etc.., or email, calendars, contact, etc… from Exchange Online; Gmail; or on-prem email services. Depending on the rights and privileges of the individual compromised this could even lead to deleting files off network shares or as we’ve seen increasing over the past few years, using ransomware to encrypt the data and hold it hostage until payment is received. ATO losses for organizations are into the billions.
Everyday you hear of more organizations…private, public, large enterprises to small business to state and local government agencies, getting phished, having sensitive data compromised or being the victims of malware/ransomware attacks.
There are some fairly simple and cost-effective ways to dramatically reduce an organizations exposure to these types of attacks and speed the recovery time and access back to this data/information, in the event of an attack or compromise.
You can refer to these previous blogs to get a good primer and more information:
At the Information Strategists we offer a comprehensive suite of enterprise ready solutions to help organizations protect their information assets at an entry-level cost that even small business can afford. To get more information, just contact us here.
Darren Brinksneader is President and Chief Strategist of The Information Strategists. Darren has been a consultant, trainer and public speaker in the IT industry for nearly 30 years, providing expertise and solutions for both private and public sector organizations.