Security alert: Attacks on business email accounts are surging

Email has become an essential tool for any successful business, but as the saying goes, “with great power comes great responsibility”.

As a business owner, it’s your responsibility to make sure your emails are secure. It’s one of the key ways to stop your business data falling into the wrong hands.

Business Email Compromise (or BEC) is a growing threat. And if you become a target, it could cost you – big time.

So, what exactly is a BEC attack?

In simple terms, it’s where scammers pose as people high up in the business, like CEOs, executives, and IT staff. The goal is to trick your employees into sharing sensitive information or sending money. Research shows that nearly 90% of BEC attacks are set up this way.

It’s easy to see how someone might quickly respond without a second thought, especially when they trust the sender.

BEC attacks have spiked dramatically this year, especially over the third quarter. Researchers have analysed 1.8 billion emails worldwide, discovering a shocking 208 million malicious emails among them. And of these malicious emails, more than half (58%) were BEC attempts.

The figures make it clear: BEC scams are now the biggest email threat to businesses.

Another thing worth noting? Most BEC scams target employees lower in the business, who might be less likely to question authority or be less aware of cyber threats.

Although BEC attacks are common, it’s also important to remember that scammers still use other methods too. This includes commercial spam and phishing attacks, which are designed to trick people into sharing personal information, like login details.

In fact, the combined effect of these types of scams now overshadows traditional ransomware and malware attacks.

Luckily, it isn’t complicated or expensive to protect your business.

Simply make sure that all members of your team are trained to think twice about every email they receive.

If an email asks for sensitive information or a financial transaction – especially if it feels urgent – your employees should know to stop and check with someone before they action anything.

If you need help making sure your business is secure, get in touch.

Recent posts

Don’t trust AI with this security essential

Don’t trust AI with this security essential

Let me start with a question: If you needed a strong password, would you ask AI to generate one for you? It sounds reasonable enough.  Tools like ChatGPT and Copilot can write reports, draft emails and even create bits of code. Asking them for a 16-character...

read more
Relying on Windows 10 extended support? Time to upgrade

Relying on Windows 10 extended support? Time to upgrade

Are you still running Windows 10 because “it’s fine for now”? I hear that a lot.  And to be fair, if you signed up for Extended Security Updates (ESU) programme, Windows 10 probably does still feel fine. It turns on. It works. It gets security updates. No drama....

read more
How to stop AI projects stalling

How to stop AI projects stalling

Have you noticed how many AI projects start with excitement… and then quietly go nowhere? I’m seeing it a lot.  A demo here, a pilot there, plenty of internal chatter, but very little that makes it into day-to-day use.  And it’s not because AI doesn’t work...

read more