Posted by - December 23, 2020

We’ve written a lot of posts about how hackers are infiltrating corporate data and systems, but we haven’t spent much time discussing how they monetize that access.  A recent article discusses how a group of hackers used their access to their victim’s email services to the tune of $1.7 billion in losses.

Threat actors first gain access to an e-mail network through social engineering, the process of manipulating individuals within an organization to gain access to sensitive information or areas.  Once they have that access, the threat actor observes the organization’s pattern of communication so that they can mimic it.  At that point, the infiltrators will impersonate an employee to redirect payments to fraudulent bank accounts

The FBI sent an alert highlighting the dangers of this e-mail forwarding technique, stating that:

“The web-based client’s forwarding rules often do not sync with the desktop client, limiting the rules’ visibility to cybersecurity administrators. While IT personnel traditionally implement auto-alerts through security monitoring appliances to alert when rule updates appear on their networks, such alerts can miss updates on remote workstations using web-based email.”

We need to internalize how impactful these hacks are.  We also need to contrast those costs with the relative cheapness of how to prevent them. While only 7% of spear-phishing attacks use this technique, it is a remarkably effective one.  The almost 2 billion dollars in losses caused by this type of hack makes it the single costliest kind of attack in the past two years.

If you want to prevent these kinds of attacks at your own business, there are several important steps you can take.

  1.  Ensure that your mobile and desktop version of your email application can synchronize with each other, and have the latest updates.
  2.  Set up your email to flag communications where the sender’s address and addresses from replies do not match.
  3.  Enable multi-factor authentication.

If you need help protecting your company from threat actors, or if you’re just looking for new technology solutions,  consider reaching out to us at

Leave a Reply

Your email address will not be published. Required fields are marked *