THE EMAIL THAT ALMOST BANKRUPTED A BAKERY
43% of cyberattacks target small businesses. Learn the STOP Framework to protect your business from email scams and Business Email Compromise attacks.
Last month, a bakery owner in Portland received an email from her "landlord."
The message looked perfect. Same signature. Same tone. Same email thread they'd been using for months.
She wired $12,000 for "early rent payment to lock in the current rate."
The money vanished. The real landlord never sent that email.
Here's what most small business owners don't realize: 43% of cyberattacks target small and medium businesses (Accenture). Not Fortune 500 companies. Not government agencies. Businesses like yours.
Why? Because attackers know you don't have a security team. They know you're busy. They know you trust the people you work with.
That trust is exactly what they exploit.
The STOP framework
Before you act on any email requesting money, information, or urgent action:
S is for Sender. Is this actually from who it claims to be? Check the full email address, not just the display name.
T is for Tone. Does something feel off? Unusual urgency or strange phrasing?
O is for Outside verification. Call or text the person directly using a number you already have. Never use contact info from the suspicious email.
P is for Pause. Scammers create urgency because hesitation kills their scheme. Take 10 minutes.
The bakery owner told me she knew something felt slightly wrong. She ignored the feeling because she was busy.
Your one action today
Send this link to your team. Make it part of how you handle money requests.
Your inbox is a door. Decide who gets through.