The Growing Threat of Business Email Compromise

Now, more than ever, cyberthreats are evolving rapidly, and criminals have become increasingly crafty, thanks to new tools like artificial intelligence. Among the more devious forms of cyberattacks lies Business Email Compromise (BEC), a cyberattack method that’s increased by over 70% between September 2023 and February 2024. It’s also responsible for over $43 billion in losses.

We’ve talked about BEC before but as a refresher, Business Email Compromise is a form of attack that takes advantage of the Adversary in the Middle technique and cloud-based software capabilities to target businesses and their employees. The technique is a common one, where the adversary gains access to a user’s email and intercepts information from it. That access doesn’t hurt just the user, though. For dealerships, this can mean financial fraud, operational disruption, and a damaged reputation.

What’s the catalyst for Business Email Compromise?

The road to a successful BEC attack is often paved through a phishing scam. In fact, phishing scams are often the start of over 90% of all successful cyberattacks.

Adversaries can gather email addresses in all sorts of ways. Sometimes it’s from a list of contacts associated with previous breaches. Other times it’s from a purchase off the dark web. It could even be from an active phishing campaign against an unsuspecting victim you’ve had email interactions with. Once the list of targets has been amassed, the adversary plans out large quantities of phishing emails. They are now using AI to sound even more authentic and sophisticated. Like we said, they’re crafty. Now that they have their target and weapon of choice, the emails are sent out. The goal? Get you to click on one of the links and enter your credentials. Once clicked, there’s a good chance the adversary gains full access to the email account.

The impact of BEC on your dealership

Not all BEC attacks play out the same way. The impact depends on who gets compromised within your dealership:

Accounting and Finance Teams

If someone in an accounting position is compromised, their trusted relationship with access to financial institutions and money will be used by the adversary to commit financial fraud. Money can be redirected from vendor payments, customer refunds, or payroll directly to the adversary’s pockets. These scams often go undetected until thousands – sometimes millions – are gone.

Dealer Principals and General Managers

Employees in trusted roles such as GMs or dealer principals are prime targets because employees trust their authority. Hackers can send urgent wire transfer requests, request sensitive data, or spread malware across the organization. Because these individuals are trusted there is a higher likelihood of their request being handled promptly increasing the potential for a wider-spread attack.

IT or Admin Positions

This is where the biggest damage happens. A compromised IT admin account gives hackers  control over your cloud infrastructure, email configurations, and security settings. They can lock down accounts, delete backups, or install ransomware, crippling your entire operation.

How can you prevent BEC?

BEC attacks thrive on deception, but proactive security measures can significantly reduce the risk. This is where we come in. Account Shield is a fully managed online account and email security service for Microsoft 365. It’s specifically designed to safeguard your dealership from the bad guys. With Account Shield, you license Microsoft 365, and we take care of everything else:

Smart Licensing and Security Optimization

We’ll evaluate the appropriate Microsoft 365 product and licensing with you to ensure you have the necessary security features to minimize expenses and meet your business’ needs. As the threats evolve, so does our service.

Advanced Threat Detection

Account Shield enables necessary security features to provide you the maximum protection, such as multifactor authentication, conditional access, activity logs, email filtering, and suspicious message banners.

Constant Monitoring and Quick Response

Login attempts, multifactor authentication abuse, mailbox, and Microsoft 365 app behaviors will be monitored to swiftly detect and respond to any irregular or suspicious events. If a successful malicious login does take place, prompt action is taken to remove access, restore accounts to a secure state, and investigate the incident in detail.

Business Email Compromise is more than a cybersecurity issue – it’s a business survival issue. With dealerships handling millions in transactions, one compromised email could mean the difference between a minor inconvenience and a financial disaster. However, through proactive measures – like Account Shield – that risk can be dramatically reduced. By securing your Microsoft 365 accounts and continuously monitoring their activity, we’ll protect your sensitive information and financial assets. Don’t wait until it’s too late. Stay one step ahead of the bad guys and the dangers that lurk in the shadows.