The #1 target for hackers, all of a sudden, is to login to any employee’s email. There are so many ways for them to steal money doing this, it’s an irresistible target. Moreover, it is soooo easy for them to break in, in this way.
Before I share our hot tip on how to catch them red-handed, let me share just a few of the actual successful, recent ways we have seen the bad guys steal money. This really is happening a lot!
Once they get into anyone’s email account:
- They send an email to accounting or a manager, asking that their direct deposit be changed to “their new bank” and give the ACH account. Keep in mind… the email came from the employee! Therefore, almost no one questions it!
- They find an invoice waiting to be paid and change the address or payment link.
- They get into a boss’ email account and ask someone to go buy something for them quickly, as they are busy.
- Worst! They send an email to all existing clients/customers giving away something or promising something for an insanely low cost if they pay now. Instantly, tons of customers do it and are ripped off… by YOUR employee’s email account. It is horrible!
Again, if they get into your email account, the email really does come from you. Anyone looking at the email will not find anything wrong.
One of the first things they frequently do once they get into your email account, is setup rules to hide the fact they are in there. They setup a rule to forward all your emails to their email address so even if you lock them out, they can still get your email secretly. They also make rules to delete replies questioning the emails they send to scam your friends and customers. It’s kinda genius.
So that is where our trick comes in. We can setup alerts and warnings for these rules. We can then apply these alerts to all of the company’s employees currently and even auto apply them to new hires. So that if a hacker makes such a rule to hide their presence, we get alerted immediately!
Using this simple trick, we can often catch them quickly and red-handed. This lets us lock them out, and look to see if they had time to do anything dangerous before anyone is ripped off.
And it only takes us about 1 hour of labor to do this for the entire organization. It’s a killer trap for the bad guys and protects you against one of the hottest ways firms are getting ripped off.
If you would like to know more about this or have us do it for your firm, let us know.
