Too many business owners think that cybercrime won’t happen to them. They are too small, they are not a “name brand,” why would anyone bother? Why? Because when a company is small and unknown, they are generally easier to hit.
The following is a true story of a client of Cantrell’s Information Technologies.
A small Bay Area engineering company frequently uses contract engineers on projects. They have a great relationship with the contracting agency – everyone on a friendly first-name basis.
A Reasonable Request
Early in the pandemic shutdown (May 2020), the engineering company’s Office Manager received an email (copied to the company President) from the contracting company. Because everyone was working from home, processing checks was inconvenient and could they please set up electronic payment?
The Office Manager replied saying that they would need to talk to their representative in accounting – including the accounting representative on the reply. Electronic payment was set up.
Two months later the contracting company called asking why the engineering company was two months behind on their payments.
What Really Happened
Luckily a friend of the engineering company knows Cantrell’s IT and brought us in. Here’s what we discovered:
- Someone gained access to the Office Manager’s computer. We did not discover how the bad guys got in, that is frequently something only a forensic specialist can determine. However, based on recent cybercrime trends and techniques, the attack most likely included a malicious email as part of the scam. And the cybercriminals probably had access to this computer for an extended period so as to gain as much information as possible to create a convincing con.
- Once inside, the hacker(s) blocked the domain of the contracting company and spoofed the contracting company by setting up a new domain with a one-letter difference.
We initially scanned the computers for viruses and other malware, installed advanced email security, and established a full monitoring program on a limited number of computers. We also blacklisted numerous email domains designed to mimic trusted domains. We advised the engineering company to inform their bank and the FBI’s Internet Crime Complaint Center (IC3). Luckily, the bank was able to reverse one of the payments made to the hacker. Unfortunately, the hacker successfully stole one of the payments – putting significant financial constraints on the engineering company.
Over a year later (September 2021), one of the engineering company’s clients received an email from an address hijacked from the engineering company. That email asked for payment via electronic banking. Only because the client called the engineering company for confirmation did they know that they were not as free from the problem as they thought.
For another few months, the Office Manager received emails from other “vendors” asking for electronic payment – all of them with the same banking information.
When it seemed clear that more money was not in the offering, the hacker used one of the company’s email address books and sent SPAM to everyone. Additionally, they sent personally threatening emails to the Office Manager demanding a ransom. Luckily, the email security installed by Cantrell’s IT caught those and no one saw them until after the “payment deadline.” Eventually, the hacker’s hijinks petered out.
Moral of the Story
Cybercrime happens to real businesses in our local area. Just because it doesn’t make the news doesn’t mean it’s not true. It can happen to you.
It is much easier to prevent a hack than to fully clean up and recover from one. Complete recovery from cybercrime can take months, if not years. Email security, regularly changing secure passwords, dual authentication, and system monitoring are powerful tools to protect your business. Just as important is heightened awareness and education. Do you and your employees know what to watch out for? Do you have a data security plan in place? Is everyone trained on how to respond in case a breach occurs?
All of us at Cantrell’s IT are here to answer your questions and help you secure your business. Are you, or do you know a small business owner or executive who is, unsure about their cybersecurity posture? We at Cantrell’s IT have powerful tools that help us complete a cybersecurity assessment for small businesses and give peace of mind!