local reporting<\/a>, the St. Ambrose Catholic Parish recently announced to parishioners that they had been swindled out of a whopping $1.75 million. The attackers\u2019 methods have real implications for churches and businesses alike. We\u2019ll look into their methods, but first a little more detail on this fascinating story.<\/p>\nA Church with Big Plans<\/h2>\n
St. Ambrose is in the middle of a fundraising and building campaign. As with many older church buildings, repair and restoration are needed. The parish\u2019s Vision 20\/20 campaign was supposed to be the answer. This campaign called for raising $4 million needed for repair and restoration, and the fundraising efforts were well underway.<\/p>\n
The church only discovered there was a problem when the construction firm they\u2019d hired, Marous Brothers Construction, started inquiring about unpaid bills totaling $1.75 million. The church leadership had been prompt in paying its bills, so they thought, and even had receipts and confirmations for funds transfers. They didn\u2019t understand how the accusation of nonpayment could be true. The funds had left the account, after all.<\/p>\n
An Old-School Hack, Well Executed<\/h2>\n
After involving the Brunswick police and eventually the FBI, an explanation surfaced. The church had indeed been hacked in a business email compromise attack, or BEC. An unknown attacker gained control over two church staff member email accounts. From there it was mostly social engineering.<\/p>\n
The bad actors in control of these email accounts managed to convince (via email, of course) the rest of the relevant staff members that the construction company had changed its account information. The \u201cnew\u201d account was, of course, controlled by the criminals. The most likely explanation from this point is that an actual, on-site staff member changed over the payment information, having been duped by very real emails that appeared to come from trusted colleagues.<\/p>\n
The criminals kept the ruse going very effectively, apparently sending (bogus) confirmation emails so that the church staff thought they were paying the right people. Only when the construction company came calling was the breach finally discovered.<\/p>\n
An Isolated Hack with Devastating Results<\/h2>\n
The church reported to local media that no other components of their IT infrastructure were compromised, including parishioner databases or stored financial information used for the church\u2019s electronic giving service. The hack was isolated. All the hackers got was access to two email accounts. Yet they leveraged this small hack into a $1.75 million payday.<\/p>\n
Strategies to Combat BEC Attacks<\/h2>\n
Stories like these underscore the importance of strong IT security, even in houses of worship. They also underscore the importance of training staff on recognizing the signs of phishing, social engineering, and other bad behavior.<\/p>\n
Most BEC attacks don\u2019t start as brute-force attacks. Rather, they start as phishing expeditions. Hackers lure credentialed people to give up their login information by presenting a sometimes extremely realistic fraudulent login page. The first step to preventing such attacks, then, is to educate your staff about how to spot phishing and other similar tactics. Teach staff not to assume that email is from who it appears to be from, especially emails that seem out of context or that ask for unexpected actions. At the enterprise level, implementing a better email authentication protocol like DMARC is an effective way to combat this kind of fraud.<\/p>\n
Need Help?<\/h2>\n
Does your business need help preparing for BEC, phishing, or social engineering hacks? Contact us today for more information.<\/p>\n","protected":false},"excerpt":{"rendered":"
There was big business security news out of Brunswick, Ohio (a part of the Cleveland metro area) last month, this time involving a church. According to\u00a0local reporting, the St. Ambrose Catholic Parish recently announced to parishioners that they had been swindled out of a whopping $1.75 million. The attackers\u2019 methods have real implications for churches…<\/p>\n","protected":false},"author":5,"featured_media":159182,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-179561","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"acf":[],"yoast_head":"\n
Church Hit with Business Email Compromise - IT Services in Virginia<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Church Hit with Business Email Compromise - IT Services in Virginia\" \/>\n<meta property=\"og:description\" content=\"There was big business security news out of Brunswick, Ohio (a part of the Cleveland metro area) last month, this time involving a church. According to\u00a0local reporting, the St. Ambrose Catholic Parish recently announced to parishioners that they had been swindled out of a whopping $1.75 million. The attackers\u2019 methods have real implications for churches…\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/\" \/>\n<meta property=\"og:site_name\" content=\"IT Services in Virginia\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-14T16:27:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886.jpg\" \/>\n<meta name=\"author\" content=\"Steve West\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve West\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/\",\"url\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/\",\"name\":\"Church Hit with Business Email Compromise - IT Services in Virginia\",\"isPartOf\":{\"@id\":\"https:\/\/www.ntegrait.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg\",\"datePublished\":\"2019-05-14T16:27:00+00:00\",\"dateModified\":\"2019-05-14T16:27:00+00:00\",\"author\":{\"@id\":\"https:\/\/www.ntegrait.com\/#\/schema\/person\/33156c118f002b88019c3fc70441bf79\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage\",\"url\":\"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg\",\"contentUrl\":\"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg\",\"width\":724,\"height\":483},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/ntegrait.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Church Hit with Business Email Compromise\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ntegrait.com\/#website\",\"url\":\"https:\/\/www.ntegrait.com\/\",\"name\":\"IT Services in Virginia\",\"description\":\"Ntegra IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ntegrait.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.ntegrait.com\/#\/schema\/person\/33156c118f002b88019c3fc70441bf79\",\"name\":\"Steve West\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ntegrait.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3cc273f166c78aca895198956663df42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3cc273f166c78aca895198956663df42?s=96&d=mm&r=g\",\"caption\":\"Steve West\"},\"description\":\"Ntegra IT is devoted to providing reliable Computer Support to businesses that want to improve productivity and profitability. We deliver custom designed Network Services that better map to your business, so you can stop worrying about your technology and get back to achieving your business goals.\",\"url\":\"https:\/\/ntegrait.com\/author\/swestntegrait-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Church Hit with Business Email Compromise - IT Services in Virginia","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/","og_locale":"en_US","og_type":"article","og_title":"Church Hit with Business Email Compromise - IT Services in Virginia","og_description":"There was big business security news out of Brunswick, Ohio (a part of the Cleveland metro area) last month, this time involving a church. According to\u00a0local reporting, the St. Ambrose Catholic Parish recently announced to parishioners that they had been swindled out of a whopping $1.75 million. The attackers\u2019 methods have real implications for churches…","og_url":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/","og_site_name":"IT Services in Virginia","article_published_time":"2019-05-14T16:27:00+00:00","og_image":[{"url":"https:\/\/www.ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886.jpg","type":"","width":"","height":""}],"author":"Steve West","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Steve West","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/","url":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/","name":"Church Hit with Business Email Compromise - IT Services in Virginia","isPartOf":{"@id":"https:\/\/www.ntegrait.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage"},"image":{"@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg","datePublished":"2019-05-14T16:27:00+00:00","dateModified":"2019-05-14T16:27:00+00:00","author":{"@id":"https:\/\/www.ntegrait.com\/#\/schema\/person\/33156c118f002b88019c3fc70441bf79"},"breadcrumb":{"@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#primaryimage","url":"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg","contentUrl":"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg","width":724,"height":483},{"@type":"BreadcrumbList","@id":"https:\/\/www.ntegrait.com\/church-hit-with-business-email-compromise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ntegrait.com\/"},{"@type":"ListItem","position":2,"name":"Church Hit with Business Email Compromise"}]},{"@type":"WebSite","@id":"https:\/\/www.ntegrait.com\/#website","url":"https:\/\/www.ntegrait.com\/","name":"IT Services in Virginia","description":"Ntegra IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ntegrait.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.ntegrait.com\/#\/schema\/person\/33156c118f002b88019c3fc70441bf79","name":"Steve West","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ntegrait.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3cc273f166c78aca895198956663df42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3cc273f166c78aca895198956663df42?s=96&d=mm&r=g","caption":"Steve West"},"description":"Ntegra IT is devoted to providing reliable Computer Support to businesses that want to improve productivity and profitability. We deliver custom designed Network Services that better map to your business, so you can stop worrying about your technology and get back to achieving your business goals.","url":"https:\/\/ntegrait.com\/author\/swestntegrait-com\/"}]}},"_links":{"self":[{"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/posts\/179561","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/comments?post=179561"}],"version-history":[{"count":0,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/posts\/179561\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/media\/159182"}],"wp:attachment":[{"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/media?parent=179561"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/categories?post=179561"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ntegrait.com\/wp-json\/wp\/v2\/tags?post=179561"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"Email](\"https:\/\/ntegrait.com\/wp-content\/uploads\/2019\/05\/GettyImages-902080886-1.jpg\")
<\/p>\n