Lions and Tigers and Bears. Oh my!
The admin emailed her boss again, just to be absolutely sure he wanted to send this $100,000 wire transfer to a Vietnam supplier. “Yes, make sure it is sent today” was the response. Money transferred.
Unfortunately, this true story happened last week. The owner’s email account had been compromised several days, if not weeks, earlier. His password was “guessed” by the hacker. Using the information found in the owner’s mailbox, the hacker was able to contrive a request for funds and convince the admin to send the money. Whenever she questioned the transfer, he would respond quickly, and delete her emailed questions, along with his replies.
When the owner returned from his trip, the admin asked about the transfer. The owner turned pale and began to shake, as the reality of the stolen $100k took hold.
The money was recovered, fortunately, but not without more drama. Moral of the story: Use two-factor authentication for email! If a hacker guesses your password, they cannot get into your mailbox without you physically opening the door by clicking “Allow” on your mobile device.
I cannot stress enough the need for two-factor authentication with email and remote access!