Tuesday, January 31, 2017

My Startup Was Hacked: What I Did Right (and Wrong)

From Bplans:

One day in the fall of 2014, when I was still helping run a startup I co-founded (not the one I’m working for now), a client forwarded me an email he thought was suspicious.

The email looked a lot like something my company would send. It linked to a website that looked a lot like ours that offered a great deal on the same service we provided. The site’s URL was almost identical to ours, too.

Right away I had a bad feeling, but my first reaction was to tell myself it was just a competitor that had somehow gotten the email of a single client.

Not a big deal.

Then another client forwarded the same email. And another, and another.

Pretty quickly it became clear that someone had gotten a list of our clients, and was sending them emails to try and trick them into paying the wrong company for our service.

I was angry and worried. Who was doing this? How had they gotten our clients’ information? How much did they have?

Ultimately, I think the way we reacted was mostly good, but we did make a few key mistakes.

No comments: