06.04.2020 3 cyber threats that can shut down your auto dealership

by Field Effect

Get informed and stay protected

Each day, the odds of a cyber attack on your auto dealership increase. One auto industry survey showed that ​62% ​believe a malicious attack on auto software, technology, or components is likely (35% believe it’s likely, 27% say very likely).

From phishing emails used to launch ransomware and encrypt or lock your critical files to fraudulent emails designed to redirect financial funds, your dealership and customers are at high risk. Even your physical inventory is a target for attack — Frost & Sullivan estimates that there are​ 50 ​vulnerable attack points on a modern vehicle with cyber security accounting for up to 5% of the cost of the vehicle electronics.

63% say​ they test less than 50%​ hardware, software, and other technologies for vulnerabilities. ​71% ​believe that pressure to meet product deadlines is the primary factor leading to security vulnerabilities.

Believing your dealership won’t be targeted is possibly the worst business assumption you can make. Or maybe you’re feeling safe because you retained IT support services? Unless your IT provider has strong cyber security expertise, you are still at risk.

If you suffered a cyber attack and a breach of sensitive data, what would you tell your customers? How would you make your sales quotas? How would you even continue daily operations?

It’s time to understand the cyber threats targeting your dealership.

Top cyber threats targeting your dealership today


Phishing is a cyber attack method that attempts to gather personal information — usernames, passwords, credit card details, even bank account numbers — using deceptive e-mails and links to malicious websites. An estimated 65% of organizations experienced a phishing attack in 2019.

Phishing relies on realistic-looking emails to fool recipients into clicking a link or opening an attachment in the email. Or even convincing a recipient to share confidential information. For example, a phishing email may land in an employee’s inbox that is disguised from someone in the very same dealership or even an important leader in the industry.

Here are just two examples of phishing attacks on auto dealers:

  • An email with a malicious attachment was downloaded on a finance and insurance manager’s computer at a dealership. The malware logged the computer’s internet history and keystrokes. The cyber criminals used the information to obtain hundreds of customer credit reports, costing the dealership more than​ $150,000.​
  • Someone impersonating a dealership employee emailed a controller at the dealership, requesting a​ $30,000​ wire transfer. The controller initiated the transfer, and unfortunately, the dealership was unable to stop or reverse the transfer.

Learning to recognize the signs of phishing is critical. For example, a​ phishing test ​was conducted among 125 employees at an auto dealership with a phishing email directing employees to a website to enter their usernames and passwords. Three employees clicked on the link in the email, and entered their login information at the website. If the phishing attack was real, there would have been damaging consequences for the dealership.


Ransomware is a malicious software designed to encrypt your computer files, emails, and other data, until a ransom is paid.

Last December, the Federal Bureau of Investigation (FBI) issued a warning about increases in the number of cyber attacks on the auto industry, including ​ransomware.​ Two years ago, the auto sector was significantly impacted when the WannaCry ransomware attack hit over​ 300,000 computers​ in 150 countries across a wide range of industries. ​Honda Motor Company,​ Renault, and Nissan were affected. In fact, ​Renault and Nissan​ temporarily shut down their plants in France, Slovenia, and Romania to recover.

In a more recent attack, an employee at The Arrigo Automotive Group in West Palm Beach, Florida, unknowingly opened a malicious email launching ransomware that infected computers across Arrigo’s ​f​ive​ dealerships. Rather than pay the ransom, Arrigo chose to remediate the attack. The dealership purchased 250 new computers and hired external security response experts. The remediation was estimated at close to $500,000.

Strains of ransomware can completely lock your computers and devices, preventing any access to your systems. Cyber criminals are also using two-stage ransomware extortion — attacks known as “doxware” and “extortionware” — that first restrict access to your data, and then threaten to disclose the sensitive data to the public.

Business email compromise (email fraud)

Cyber attacks involving business email compromise (BEC) and phishing are lucrative scams — with BEC representing​​ 50%​ of total cyber crime losses in the United States.

In April 2019, for example, the FBI’s Internet Crime Complaint Center (IC3) reported that BEC victims lost over ​​$1.2 billion​ in 2018. And the U.S. Treasury recently reported that BEC scams carried out on U.S. victims are now responsible for losses in the neighborhood of​ $300 million per month, or nearly $3.6 billion on an annual basis.

Similar to phishing, BEC, also known as email fraud, typically targets a company’s financial and procurement departments or a business owner. This type of email attack attempts to initiate a financial transfer to an attacker-controlled account.

In fact, last August, a European subsidiary of Toyota Boshoku Corporation was targeted by hackers as part of a​​ BEC scam. A third-party hacker posed as a business partner of the Toyota subsidiary, sending emails to members of the finance and accounting department that requested funds be sent for payment into a specific bank account controlled by the hacker. Total financial losses from the BEC scam are reportedly close to $37 million. The company is now trying to recover this money with the help of law enforcement officials.

BEC scams used to obtain account credentials and facilitate this type of transfer can include:

Invoice payment requests
● Attackers may use a legitimate or falsified invoice from one of your vendors or suppliers to request a payment to an account they control.

Owner or president fraud
● Attackers may pose as the dealership owner or president (or another leader or manager) in order to request a payment to an account they control.

Is your dealership safe from cyber attacks?

Don’t let a cyber attack take your dealership down. Your business, staff, customers, and partners are too important to risk it — take control of your cyber security now.

Contact our cyber security experts today for a free consultation to identify the security prevention you need and how to easily put this into place. Contact us today


Request Demo

Fill out the form and we will send you details about our demo.