Industry: Healthcare
Client: Canadian healthcare SMB
A local SMB is targeted by a hacker who seizes control of its email inboxes and perfectly mimicks employee sending habits.
Situation:
- An unsuspecting employee became the victim of a phishing attack by opening a malicious PDF file.
- Unbeknownst to the employee, the hacker, who was based in Europe, took control of the employee’s inbox and sent malicious emails to the company’s contacts, impersonating the employee in question.
- The hacker also deleted sent and received emails, making it difficult to trace malicious mailings.
- The employee became aware of the attack when clients and partners reported receiving strange emails from her address.
- The attack was intended to set up a CEO fraud but thankfully aside from the original phishing attack, no other contacts opened the malicious file. Of course, there was the reputational damage of having to contact all employees, clients and partners to warn them not to open any files from the company. As well as the time and productivity lost.
Solution:
- The Present team installed a multifactor authentication (MFA) solution requiring users to give additional verification factors to gain access to their emails.
- With Present’s help, they also launched a mandatory cybersecurity training program for all employees.
Benefits:
- An MFA solution strengthens the security of employee email accounts, preventing hackers from obtaining access and propagating malicious emails.
- Cybersecurity training provides employees with a better awareness and understanding of corporate IT security risks and best practices, which reduces the risk of phishing attacks and other types of cyberattacks.