Cybersecurity experts say credential theft and business email compromise remain among the most common forms of cybercrime, with attackers increasingly relying on trusted contacts and convincing fake login pages to gain access to email accounts
MBC Brockville, owner of 104.9 myFM and 103.7 Giant FM, is reminding the public to stay vigilant after two employee email accounts were compromised, resulting in hundreds of fraudulent emails being sent to contacts before the incident was contained.
The company's IT department detected the unusual activity quickly and immediately secured the affected accounts, limiting the impact. However, by the time the accounts were shut down, hundreds of deceptive emails had already been delivered.
Officials say the incident serves as an important reminder that cybercrime doesn't just target large corporations.
"These attacks are becoming more sophisticated every day," said MBC's IT department. "The biggest takeaway is that it can happen to anyone. Criminals are very good at making fake emails and websites look legitimate."
According to the IT team, these types of attacks typically begin when someone unknowingly enters their email username and password into a fraudulent website designed to look like a trusted online service. Once criminals gain access to an account, they often use it to send convincing emails to hundreds or even thousands of contacts, hoping additional people will fall victim.
To avoid being detected, hackers commonly create hidden email rules that automatically move or delete incoming replies, preventing the account owner from seeing warning messages or questions from recipients. In many cases, victims don't realize their account has been compromised until someone contacts them by phone.
MBC Brockville is encouraging anyone who receives an unexpected or suspicious email—even if it appears to come from someone they know—to take a moment before responding.
The company offers the following advice:
- Be suspicious of unexpected emails, even if they appear to come from a trusted sender.
- Never reply to a suspicious email to ask if it's legitimate—you may simply be communicating with the hacker.
- If you need to verify an email, look up the sender's phone number independently and call them directly.
- Be especially cautious of emails asking you to log in, verify your account, or create an account for an online service.
- Before entering your password on any website, make sure you're on the legitimate site and not a convincing imitation.
While the compromised accounts at MBC Brockville were secured quickly, the company hopes sharing its experience will help others recognize the warning signs before becoming victims themselves.
"Cybercriminals count on people trusting what they see in their inbox," the IT department said. "A few extra seconds to verify an email could prevent a great deal of inconvenience. Healthy skepticism is one of the best cybersecurity tools we all have."
Cybersecurity experts say credential theft and business email compromise remain among the most common forms of cybercrime, with attackers increasingly relying on trusted contacts and convincing fake login pages to gain access to email accounts.

The City of Brockville sets a new date for Canada Day fireworks
Merrickville festival is packed with local talent and family fun this weekend
OPP shares what to do if you see a pet in a hot vehicle
Pie in the face? Brockville fundraiser lets the public decide
Local bocce tournament aims to help athletes reach national stage
