Highlights
Are you protecting your business from Business Email Compromise (BEC) attacks? They have cost businesses billions - and they’re getting harder to detect. Here’s how to stay safe
How many times a day do you respond to an email without really thinking about its contents?
Maybe it's a request for some information. Perhaps it’s asking you to pay an invoice. All mundane stuff. But no sooner than you’ve hit send, you've fallen victim to a Business Email Compromise (BEC) attack.
A BEC attack occurs when a cyber criminal gains access to your business email account and uses it to trick your employees, customers, or partners into sending them money or sensitive information. They do this by impersonating someone senior, and abusing their position of trust.
It might sound like something that only happens to big corporations, but that's not the case.
According to the FBI, small and medium-sized businesses are just as vulnerable to BEC attacks as larger ones. In fact, these attacks have cost businesses more than £20 billion over the past few years.
And Microsoft brings more bad news, with its recent findings showing that they’re getting both more destructive and harder to detect.
So, what can you do to protect your business from BEC attacks? Here’s our advice:
1. Educate your employees: They are the first line of defence against BEC attacks. They need to know how to spot phishing emails, suspicious requests, and fake invoices. Train them regularly on cyber security best practice, like strong passwords, multi-factor authentication, and secure file sharing.
2. Use advanced email security solutions: Basic email protections like antispam and antivirus software are no longer enough to block BEC attacks. You need more advanced solutions that use artificial intelligence and machine learning to detect and prevent these attacks in real-time. Look for email security providers that offer features like domain-based message authentication, reporting, and conformance (DMARC), sender policy framework (SPF), and DomainKeys Identified Mail (DKIM).
3. Set up transaction verification procedures: Before transferring funds or sensitive information, establish a verification process that confirms the authenticity of the request. This could include a phone call, video conference, or face-to-face meeting. Don't rely on email alone to confirm these types of requests.
4. Monitor your email traffic: Regularly monitor your email traffic for anomalies and unusual patterns. Look for signs like unknown senders, unusual login locations, changes to email settings or forwarding rules, and unexpected emails. Make sure you have a clear protocol in place for reporting and responding to any suspicious activity.
5. Keep your software up to date: Ensure that you're always running the latest version of your operating system, email software, and other software applications. These updates often include vital security patches that address known vulnerabilities.
BEC attacks are becoming more common and more sophisticated, but with the right awareness, training, and security solutions, you can protect your business.
Don't wait until it's too late – take action today to keep your business safe.
If you want to know more about how to protect your business from cyber threats, our team is always ready to help you. Give us a call!
Tell us about yourself so we can serve you best.
Got a question?
More articles
For many landlords and building managers, the word “wayleave” feels like the responsible route whenever a fibre circuit is being installed on their property. It sounds formal and safe – a neat legal box to tick.
In many cases, however, a wayleave adds unnecessary complexity and delays, frustrates tenants, and can expose landlords to long-term legal risks.
At Vorboss, we’ve connected thousands of office spaces across London without a wayleave, keeping landlords in full control and getting tenants online faster.
What is a wayleave?
A wayleave is a written agreement between a landowner and a telecoms operator. It gives the operator permission to install and keep equipment on private property.
What many people don’t realise is that signing a wayleave also activates “Code rights” under the Electronic Communications Code. These rights go beyond simple permission, they give the operator legal powers to stay on the property indefinitely, access it when needed, and even refuse removal of their equipment in certain situations.
For a typical connection into a commercial building in London, a wayleave can make the fibre installation process slower, more expensive, and limit the landlord’s flexibility long term.
Why a wayleave isn’t required for standard in-building fibre connections
For a standard in-building fibre connection serving a tenant, a wayleave isn’t a legal requirement. Important protections, like building access, fire safety, repairing any damage, and removing equipment, are already covered by the tenant’s lease and usual building rules.
If no wayleave is signed, no Code rights are triggered, meaning the landlord retains full control and the installation exists under a simple, fully revocable licence.
In practice, this gives landlords far more protection and flexibility:
- No legal lock-in – the telecoms operator has no long-term rights to stay or refuse removal.
- Landlords keep full control – equipment can be moved or removed when the building changes.
- Faster fibre installation – no time lost in drafting contracts or solicitor reviews.
- Happier tenants – connections go live quicker; tenants get to move in faster.
By contrast, signing a wayleave and granting Code rights introduces a complex and expensive legal process for any fibre removal or relocation. This can take at least 18 months, plus potential court or tribunal proceedings, making it slower, and far less flexible for the landlord.
Public services across central London are evolving, and the City of London Corporation is leading the way.
Whether you work, live or study in the Square Mile, you’ll soon feel the difference that faster, more dependable connectivity brings.
What is the Future Network Programme?
The City of London Corporation is rolling out the Future Network Programme, a major project to modernise its entire digital infrastructure and bring everything under one unified network.
From offices and schools to iconic green spaces like Hampstead Heath, cultural destinations like the Barbican, and historic markets such as Leadenhall and Old Spitalfields, this upgrade will mean more reliable connectivity across the City’s buildings and public spaces.
It also extends to essential services, including critical sites run by the City of London Police. This enhanced connectivity will support everything from secure communication systems to faster, more resilient networks for emergency operations.
Leading this transformation is Roc Technologies, supported by Juniper Networks and Palo Alto Networks; all powered by the Vorboss fibre network. Together, we’re bringing the City onto a modern digital foundation that’s ready to support its future.
Who the Future Network Programme benefits and how?
The programme is designed for everyone who depends on public services in the Square Mile:
- Students in City-run schools will have fast, reliable connectivity to fully access digital learning tools.
- Public-sector teams will experience smoother hybrid working, better access to online platforms, and more efficient collaboration across locations.
- Residents and visitors will see improvements in public Wi-Fi, digital services, and online access in libraries, community hubs, and other shared spaces.
- The City of London Police will gain a more secure, faster and resilient network that enhances CCTV reliability and enables more effective frontline operations.
.avif)
.avif)
