It was a beautiful summer day with a clear blue sky, and I could already feel the sun's warmth on my skin as I walked from my car to the prospect's office. It was the kind of day where it felt great to be alive. But things were about to take a turn for the worse.
I was on-site to carry out a technology assessment for the company, which is a normal part of our sales process. We do a deep dive into a prospect's computer systems before we take on a new client. I had no idea about what I was going to uncover.
After running through various checks on their server, network and computers, noting down information that would help our team look after the client, I looked at their Microsoft 365 system. That's when I discovered the crime in progress.
A Cyber Crime in Progress
The company was a fast-growing firm operating in the financial services sector. They provided outsourced business process services to much bigger companies. As part of this process, they regularly made payments of up to £20,000 to the customers of their large clients. They transferred hundreds of thousands of pounds each week and used email to set up these transactions.
To my horror, I found cyber-criminals had compromised the company's email system. These criminals intercepted email communications and modified some account details to divert tens of thousands of pounds to their own bank accounts.
Breaking the Bad News
Telling the directors of the company about the problem was really difficult. Nobody likes to be the bearer of bad news. And this was terrible news.
The directors couldn't believe this had happened to them. Like most businesses, they thought the stories they saw in the news only happened to others. They were only a 20-person firm, and assumed they'd be too small to be targeted. Sadly, this is all too common.
Fortunately, after further investigation, we found that this compromise had only been going on for a week or so, limiting the damage to less than £100K. This is a huge sum to lose, but it could have been so much worse.
The Threat of Business Email Compromise
With most small and medium businesses using cloud-based email systems like Microsoft 365, business email compromise is a significant threat and is commonplace.
This type of attack can start in many ways, so it needs several security controls to protect against it:
- Multi-factor authentication is a crucial part of the process, but criminals have ways to get around it.
- Microsoft 365 needs to be configured much more securely than the default settings.
- Policies need to be implemented to control the circumstances in which email and other Microsoft 365 applications can be accessed.
- Shared logins need to be eliminated and replaced with more secure shared mailboxes.
- We need to monitor mailboxes for unusual activity, such as logins from different countries, and to respond quickly to suspicious actions.
With so many users and mailboxes, manually doing these things is complicated and time-consuming. Most likely, these activities are not being done, putting your business at risk.
A Simple, Effective Solution
Our Microsoft 365 Security Management and Monitoring service solves these challenges to protect your business from cyber-criminals, save you time and money, and give you the peace of mind that comes from knowing your Microsoft 365 tenant is configured securely and monitored for exceptions.
It's like a guardian angel for your Microsoft 365 tenant, always present, watching over you and keeping you safe.
At Superfast IT, we believe so strongly that this service is essential in protecting companies using Microsoft 365, we've made it part of our core security package for all clients.
