How to stop phishing becoming business email compromise

Security challenges

Business email compromise (BEC) occurs when a cybercriminal hacks into a corporate email account or impersonates its owner to defraud colleagues, clients or customers into sending across sensitive information or money. 

With the FBI reporting that BEC caused over $1.8 billion in losses last year, phishing emails present a huge financial risk to businesses. To stay protected, all employees within the business must take phishing emails seriously.

But how do you stop a BEC attack if your email account has been hacked by cybercriminals already?

In this article, we'll explain what you should do if you've fallen victim to a phishing email. By halting the scam early on, you may be able to prevent it from morphing into a full-on business email compromise.

I fell for a phishing email. Now what?

If you believe your email account has been hacked by a scammer after clicking on a suspicious link or attachment, you must act quickly to prevent them from doing any real damage. 

Here are some tips on how to stop business email compromise:

1. Change your password

The very first step you should take is to change your password to prevent the hacker from getting back into your email account. You need to choose a strong password that is difficult to guess and bears no similarity to your previous one. 

For example, if your name is John Smith, you shouldn't choose a password such as 'JohnSmith1' because it's easier for the hacker to guess. Don't simply change a small aspect of your password either, especially if it's a number. Changing 'JohnsPassword1' to 'JohnsPassword2' is unlikely to protect your account against the hacker attempting to gain access to your account in the future.

Instead, try abbreviating a sentence. "I like to walk my dog every day" would turn into 'Il2wmDOGed', for instance. The mixture of uppercase and lowercase letters and numbers will give your email account maximum protection against hackers.

As an extra security measure, it's also worth taking the time to change your passwords on any accounts that share the same password as the hacked account. Cybercriminals could attempt to use your credentials elsewhere and gain unlawful access.

2. Contact your IT team or manager

Once you've changed your password, you must immediately alert your manager or IT team that you have been the victim of a phishing email. Reporting the incident enables your IT team or manager to make others aware of the scam and find methods of preventing similar situations in the future.

We've provided an email template you can send to your manager or IT team below.

Email template:

To [name],

I am writing to inform you that I believe my email account was hacked on [date]. 

Here is the email with the [link/attachment] I [clicked on/opened]:

<Screenshot of original phishing email including sender's details>

I have already changed my password and will warn my contacts that someone may be impersonating me via my email account. 

Kind regards,

[Your name]

3. Alert others that your email account has been hacked

If your email account has been hacked, the cybercriminal will be able to send emails out, pretending to be you. Chances are, if someone you know receives one of these emails, they will open it.

Once your colleagues, clients or customers open one of these impostor emails, the risk of a successful BEC attack significantly increases. It can be tempting to avoid the embarrassment of admitting your mistake but a warning may prevent your contacts from falling for the scam.

We've provided a helpful email template below to get you started.

Email template:

Hi [name],

I am writing to inform you that my email account is compromised.

Please ignore and delete any suspicious emails that come from my account; especially if they contain links or attachments, or if they ask you to provide sensitive data.

I have informed our IT team of the situation and taken steps to secure my account.

Thanks for your understanding at this time.

Kind regards,

[Your name]

4. Protect yourself from future attacks

The vast majority of BEC attacks start with phishing. Intelligent anti-phishing solutions such as Egress Defend can prevent BEC from happening within your business again. Defend uses machine learning to analyze both the content and context of emails, meaning it can alert users to sophisticated and context-driven phishing attacks such as CEO fraud in real time. 

Learn more about how to stop business email compromise

Cybercriminals' tactics are becoming increasingly sophisticated so you need to stay one step ahead. 

Visit the Egress phishing hub to learn how to spot phishing attacks and why human layer security is your last line of defense against phishing. Protect yourself and your organization today.