Skip to content
LP_Assets_Website_Logo


Under a cyberattack?
Call 833.No.Ransom for immediate help


Under a cyberattack?
Call 833.No.Ransom for immediate help

Business Email Compromise Has Caused Over $43 Billion in Losses

Don’t let it impact your dealership.

Blank_Square_1080x1080

Business Email Compromise is a form of cyber attack that takes advantage of the Adversary in the Middle technique and the new cloud capabilities presented by popular software companies like Microsoft. It’s a common technique where the adversary will gain access to a user’s email and intercept information from it. The adversary will then use that access to exploit the employee, the company, and even the company’s business partners.

Gone Phishing, That’s How it All Starts

The adversary can gather email addresses from prior contact list breaches or purchase them off the dark web.
Then, they use AI to send a mass amount of sophisticated phishing emails to these users.
Once clicked, the adversary gains access to the users email account.
Check out this infographic to see what happens next
Proton_AiTM_Mockup

What’s the impact?

Depending on the employee’s role in the dealership, the adversary could inflict various degrees of damage.

Proton_AiTM_Accounting

Accounting Positions


If someone in an accounting position is compromised, the adversary will use them to commit financial fraud. This means money can be misdirected from the intended recipient (like a customer or vendor) and into the adversary’s hands.

Proton_AiTM_GeneralManager

Trusted Internal User


If someone in a trusted position, like a general manager or dealer principal, is compromised, the adversary can use this trust and authority to give instructions to others they know will be carried out, like sending money to a new account. This can result in more easily spreading malware across the organization, business email compromise, or even ransomware.

Proton_AiTM_Admin

IT or Admin Positions


If someone in an IT or admin position is compromised, the adversary can use this to inflict massive damage. They could begin to change your cloud structure, add or delete users, change access levels. The goal with this is to steal your data and launch a ransomware attack.

How can you prevent it?

Account Shield is a fully managed, online account and email security service for Microsoft 365 designed to safeguard your dealership from malicious actors. With this service, you license Microsoft 365, and we’ll take care of the rest:

  • Evaluate the appropriate Microsoft 365 product and licensing with you to ensure you have the necessary security features to meet your business needs while minimizing expenses.
  • Enable necessary security features for maximum protection such as MFA, conditional access, activity logs, email filtering, and suspicious message banners.
  • Monitor login attempts in Microsoft 365 to swiftly detect and respond to any suspicious events. In the event of a successful malicious login, we take prompt action to remove access, restore your users’ accounts to a secure state, and investigate the event in detail.
Proton_AiTM_graphic

Ensure you’re protected with Account Shield from Proton

Fill out the form to talk with one of our security experts about how Account Shield could improve your dealership’s cloud security.