A dealership employee, a password, and a phish all step into an email inbox. Sounds like the start of a bad joke doesn’t it? It’s just the beginning of a story heard all too often.
Countless reports of email compromise are shared with us regularly. Recently, we received a note that a dealership employee (we’ll call him Jim) was using his work email address with his personal bank account, and he was also using it to correspond with a lender for his new home. One ordinary day in the office, Jim sat down to check his email and came across a message that looked friendly enough. It’s not uncommon for one of their vendors to email him with questions. Jim had spoken with this vendor a hundred times. Being a diligent employee, he responded in a timely manner and went about the rest of his day.
Here’s what he didn’t see.
That vendor’s email address had an extra letter in the name. And in over seven years of doing business together, they’ve never needed account credentials to be hastily updated over email. But as soon as that information was sent off, so was the access key needed to compromise everything.
The attacker was able to use Jim’s email address to access his personal bank accounts. Undetected, the attacker began transferring funds from Jim’s money market account to his savings account, and from the savings account straight to the attacker’s pocket. The total loss of this incident was upwards of $500,000.
Breaches like this are becoming more and more common, and can be detrimental. The good news is they can be prevented. Remember to keep improving your dealership’s email security measures and ensure those policies and procedures are clearly communicated to the rest of your organization.