When Gene Brown started BCMC Global a few years ago, he had a vision of being able to connect businesses internationally with event sponsors to identify the best opportunities available for their marketing efforts. With decades of worldwide sales and event planning experience, and former leadership roles at Gartner and WTG Events, Brown was able to capitalize on this unique idea of assessing global event opportunities, make the difficult decisions for his clients, and position them best to reach their desired audience.
To be most effective, Brown and his team turned to Microsoft 365 email as the primary means of communicating with clients and conducting business in this worldwide market. Managing millions of pounds worth of B2B media and event buys for his clients throughout Europe, it was also very important to him that his email communications were as secure as possible.
The magnitude of the risk to his clients and his own business became apparent when one of his clients received an email purporting to be from him, just as they were discussing payment for their next media spend. The intruder had compromised his client’s network, and was monitoring their discussions for months. Several key domain security features were not configured properly for BCMC Global that allowed this attack to occur, and the intruder capitalized on that.
“We’ve seen a dramatic increase in impersonation attacks over the last twelve months. They’re more sophisticated now than ever before, and virtually indistinguishable from an email originating from the actual sender,” Brown told us. “Relying on the default security provided by Microsoft 365 for these more sophisticated attacks proved to be inadequate, and was costing us the trust of our clients.”
CEO Fraud is a type of business email compromise (BEC) scam where the attacker positions themselves as a CEO or executive and attempts to trick people into acting on the criminal’s behalf. They’re especially difficult to stop because they don’t rely on an attachment or malicious link, but instead use social engineering, where the attacker attempts to ingratiate themselves with the recipient to do their bidding.
“This stealthy attack threatened our sensitive data and hard-earned reputation, and we determined that we couldn’t afford to wait any longer to secure Microsoft 365 email with reputable supplementary cloud email protection,” writes Brown.
After carefully weighing their options, Brown and his company recently partnered with Guardian Digital in securing their business email against the most advanced cyber threats, including BEC scams, which the FBI has stated is the most significant cyber threat businesses face today.