Testimonials Blog Case Studies About Contact Remote Support Client Resources
Cybersecurity · May 28, 2026

$10,000 Gone: A Real Business Email Compromise

A manufacturer with 12 employees called us in a panic last year. A normal Tuesday. Someone clicked an email. Nobody noticed anything - until a supplier called asking where their payment was.

A normal Tuesday

Twelve employees. Nothing unusual on the calendar. Someone clicked a link in an email that looked like it came from a familiar sender. Nobody noticed anything wrong - no error message, no obvious red flag, no reason to think twice about the rest of the day.

Six weeks of silence

The attacker didn't lock anything or demand a ransom. They watched. Somewhere in that email account, they found an active vendor relationship and quietly inserted themselves into it - intercepting an invoice, changing the payment details, and letting the business's own accounts payable process do the rest. Six weeks later, a supplier called asking where their payment was. By then, $10,000 had been sitting in a fraudster's account the entire time.

"We didn't think we needed IT support. Everything was working fine." - the owner, after the call

"Everything was working fine"

That's the part that sticks. The business owner's exact words afterward were that everything had been working fine right up until it wasn't. That's the nature of business email compromise - it doesn't look like an attack while it's happening. No ransom note, no system outage, no obvious sign that anything's wrong. Just a normal-looking email thread, until someone outside the company notices the money never arrived.

Every business runs on this now

Every business runs on technology now, whether they think about it that way or not - email, payments, files, orders, vendors, payroll. A compromised inbox isn't just a productivity annoyance; it's a direct line to money moving out the door. You pay rent every month to protect the four walls your business operates in. The systems inside those walls - especially email - deserve the same level of attention.

MFA on every account that touches money or vendor communication, a habit of verifying payment detail changes by phone rather than by replying to the same email thread, and someone actually watching for unusual account activity would have caught this in days instead of six weeks.

Would you catch this in six weeks, or six minutes?

Find out where your email security actually stands.

We'll review your current setup and tell you honestly what's protected and what isn't.

More from the blog