For small and medium-sized businesses (SMBs) across the UK, the image of a “cyber attack” often involves complex ransomware or a shadowy figure hacking into a server. But as we see daily at Ashdown Solutions, the most devastating threat to your bank account isn’t a virus, it’s a conversation.

It’s called Business Email Compromise (BEC), and according to recent insights from Microsoft’s Digital Crimes Unit, it accounts for nearly half of all cybercrime losses globally. For an SMB in Sussex, Kent, or Surrey, a single successful BEC attack isn’t just an IT headache; it can be a business-ending event.

In this post, we’ll break down how Business Email Compromise works, why SMBs are the primary targets, and the practical steps you can take to build a “human firewall” around your business.

What is Business Email Compromise (BEC)?

Unlike traditional phishing, where a hacker sends out millions of generic emails hoping someone clicks a malicious link, Business Email Compromise is a “long game” strategy. It is highly targeted, researched, and sophisticated.

In a BEC attack, a criminal impersonates someone you trust. This could be your Managing Director, a long-term supplier, or even your company’s solicitor. Their goal isn’t to break your computer; it’s to trick an employee into:

• Wiring money to a fraudulent bank account.
• Changing the payroll details for a senior executive.
• Sending over sensitive VAT or employee data.

Because these emails often contain no malicious links or attachments, traditional antivirus software frequently lets them slide straight into your inbox.

Why UK SMBs are in the Crosshairs

Many small business owners tell us, “Why would a global cybercriminal target a 15-person firm in East Grinstead?”

The answer is simple: Vulnerability and Value.

Large corporations have dedicated security operations centres (SOCs) and massive budgets. SMBs, however, often have leaner IT setups and more informal communication styles. In a small office, if an email arrives from the “Owner” asking for an urgent invoice payment, an employee is more likely to act quickly to be helpful, often bypassing formal verification.

Furthermore, SMBs are part of a larger supply chain. By compromising a small supplier, a hacker can use that legitimate email account to target much larger clients. To a criminal, your business is either the “payday” or the “gateway.”

The Anatomy of an Ashdown-Area Attack

How does this look in practice? Based on the trends we monitor at Ashdown Solutions, a typical attack follows a predictable pattern:

1. The Reconnaissance: The attacker spends time on LinkedIn or your company website. They identify who handles the finances (the “Target”) and who gives the orders (the “Impersonated Executive”).
2. The Intrusion: The attacker may gain access to a staff member’s account via a simple password “spray” or a previous data breach. They don’t send emails immediately; they sit quietly, reading threads to learn the company’s “voice” and identifying which invoices are due.
3. The Deception: A perfectly timed email is sent. “Hi Sarah, we’ve changed our banking partner. Please use these new details for the £12,000 project payment due today. Regards, Mark.”
4. The Disappearance: Once the money is sent, it is moved through a series of “mule” accounts. By the time the real Mark asks why the bill hasn’t been paid, the money is long gone.

Red Flags: How to Spot a Business Email Compromise Attempt

At Ashdown Solutions, we train our clients to look for the “triple threat” of BEC red flags:

• Artificial Urgency: The email will almost always demand immediate action. “I’m in a board meeting and can’t talk, but this must be done in the next hour.” This is designed to stop you from thinking clearly.
• Atypical Requests: Is the MD asking for something they never usually ask for? Is a supplier changing bank details via a casual email rather than a formal letter? If it feels out of character, it’s a red flag.
• Slightly “Off” Email Addresses: Look closely at the sender’s address. Is it name@ashdownsolutions.co.uk or name@ashdown-solutions.co.uk? One extra hyphen is all it takes to fool the naked eye.

How Ashdown Solutions Protects Your Business

Security is about layers. While no single tool is 100% effective, a combination of technology and process can make your business an unattractive target for criminals.

1. Multi-Factor Authentication (MFA)

This is the single most important step. Microsoft reports that MFA blocks 99.9% of account compromise attacks. Even if a hacker has your password, they can’t get in without that second code on your phone. We ensure MFA is rolled out across your entire Microsoft 365 environment.

2. Advanced Email Filtering

Standard filters look for viruses. We implement advanced “Inbound Protection” that looks for intent. Our tools can identify when an external email is trying to look like an internal one and will “banner” the email with a warning: “Caution: This sender is external to your organisation.”

3. Monitoring for “Mailbox Rules”

A classic sign of a hack is the creation of a “Forwarding Rule.” If a hacker gets into your mail, they might set it to automatically forward all your incoming mail to their Gmail account. Our monitoring systems alert us the moment an unusual rule is created, allowing us to lock the account before damage is done.

4. The “Phone-First” Policy

We advise all our SMB clients to implement a non-technical rule: Any change to banking details or any payment over a certain threshold (e.g., £500) must be confirmed via a phone call to a known number. Never use the phone number provided in the suspicious email.

What to Do If You’ve Been Compromised

If you suspect an email account has been accessed or a payment has been misdirected, every second counts.

1. Call Ashdown Solutions Immediately: We can “kill” all active sessions, reset passwords, and audit your mail logs to see what the attacker accessed.
2. Notify Your Bank: If a wire transfer was made recently, there is a very small window where the bank may be able to freeze the funds.
3. Report it to Action Fraud: As the UK’s national reporting centre for fraud and cybercrime, reporting your experience helps the authorities track these criminal networks.

Final Thoughts

Business Email Compromise is a human problem that requires a technical and cultural solution. For SMBs, you don’t need a multi-million-pound budget to stay safe; you need vigilance, the right partner, and robust basics.

At Ashdown Solutions, we specialise in helping businesses across the South East navigate these digital threats. We don’t just fix computers; we protect your livelihood.

Is your team trained to spot a Business Email Compromise attack? Contact us today for a security audit and let’s ensure your business isn’t the next headline.

This post was inspired by a deep-dive report from Microsoft on the Issues, which highlights the global surge in Business Email Compromise and the sophisticated tactics used by modern cybercriminals.

You can read their full analysis and expert interviews on the official Microsoft site here: Business Email Compromise: What it is, and how to stop it.