Logo with a red square containing a white "N" and a dot, above the word "Neoteric" in bold, dark blue letters.
Contact
A laptop displaying a large, glowing email icon on its screen, with several floating email icons around it, symbolising digital communication or email correspondence. The scene has a high-tech, futuristic feel.

The Email That Multiplies — Why Irish Businesses Are in the Crosshairs


One click. One compromised inbox. Hundreds of trusted contacts hit within minutes. We’re seeing this pattern more often among potential new clients — and the numbers behind it are deeply alarming.

It starts innocuously. An email lands in your inbox — from someone you actually know. A client, a supplier, a colleague you’ve traded messages with for years. Your guard is down. Why wouldn’t it be?

The email might carry an attachment. Or it might ask you to log in to a portal to view an “important document.” You do what seems natural. You click. You enter your details.

And then, in the time it takes to pour a cup of tea, your sent folder begins filling up on its own.

Malicious code, now running silently in the background, has harvested your entire contact list and is blasting every single person you’ve ever emailed with the same trap. Friends. Clients. Suppliers. Your accountant. Your bank contact. All of them, now receiving what appears to be an email from you — complete with your name, your signature, your credibility.

This is the pattern we’re hearing about repeatedly on our helpdesk here at Newtec Services — and it’s not coming from our existing customers. These reports are from businesses that come to us after being compromised, before they have the protections in place. And if you think it can’t happen to your business, the data strongly suggests you should think again.

€17.4m
Lost by Irish SMEs to email scams (2023–2024) FraudSMART / BPFI, April 2025		68%
Of Irish SMEs targeted by scams in past 12 months FraudSMART / ISME, 2025		89%
Of those attacks came via email FraudSMART / ISME, 2025		90%
Of Irish organisations exposed to cyber risk PwC Irish CEO Survey, 2024

How the Attack Actually Works — Step by Step

This type of attack is known as account compromise with contact-list propagation, closely related to Business Email Compromise (BEC). Here’s exactly how it unfolds:

  1. A trusted sender gets through — The email comes from a legitimate, compromised account. Not a spoof. That’s why it lands directly in your inbox.
  2. A simple action is requested — You’re asked to open an attachment (ZIP, DOCX, XLSX are common) or log in to view a shared file.
  3. The moment of compromise — Enter credentials and attackers gain account access, or open the file and malware executes in the background.
  4. The silent mass-send — Your account begins emailing every contact using your name, your address, your signature.
  5. The damage spreads — Anyone who trusts you is now a potential next victim. The cycle begins again.
“These scams often start with what appears to be a legitimate email from a supplier known to the business, but which has been hacked or closely copied by fraudsters.” — Niamh Davenport, Head of Financial Crime, Banking & Payments Federation Ireland (BPFI), April 2025

Ireland Is Specifically in the Crosshairs

It would be comforting to think of this as a distant problem — something that happens to big multinationals or overseas governments. But the Irish-specific data tells a different story entirely.

According to figures published in April 2025 by FraudSMART — the fraud awareness initiative led by Banking & Payments Federation Ireland (BPFI) — Irish SMEs lost over €17.4 million to email-related scams between January 2023 and December 2024. The average loss per incident came to approximately €11,500.

And Ireland ranks among the most targeted countries in Europe. The National Cyber Security Centre Ireland (NCSC) has published specific guidance on phishing attacks precisely because the volume of incidents affecting Irish individuals and businesses demands a public response.

⚠  REGULATORY NOTE: NIS2 NIS2 — the EU’s updated network and information security directive — became legally binding in October 2024. Ireland has not transposed it into domestic law and is currently subject to infringement proceedings by the European Commission. Legislation is expected in the first half of 2026. Don’t wait for the law to catch up with the threat.

Why These Attacks Work — And Keep Working

The real vulnerability isn’t software — it’s trust.

When an email comes from someone you recognise, your brain makes a quick decision: this is safe. Attackers exploit this using thread hijacking — inserting malicious messages into real, ongoing conversations.

Microsoft’s research found that AI-assisted phishing emails can achieve click-through rates exceeding 50%, compared to roughly 12% for traditional phishing. The language is cleaner. The timing is more convincing. The context feels real. This isn’t the obvious spam of the past — it’s engineered credibility.

A Scenario We See Too Often

Here’s a real-world pattern we encounter at our helpdesk:

  • A supplier’s email account gets compromised
  • Malicious files are sent to their clients — from the supplier’s real address
  • A client opens the file, trusting the sender
  • Systems are impacted. The client blames the supplier.
  • But the supplier was already a victim.

The result? Not just financial damage — but strained relationships, lost trust, and reputational fallout between two businesses that were both victims of the same attack.

What Irish Businesses Should Do Right Now

There is no perfect defence — but there is a meaningful gap between businesses that take basic steps and those that don’t:

  • Enable Multi-Factor Authentication (MFA) on all email accounts — especially Microsoft 365 and Google Workspace
  • Use advanced email filtering beyond default platform protections
  • Train staff to recognise and report suspicious emails — and make it low-friction to do so
  • Verify unexpected requests by phone, not email
  • Contact senders directly if something feels off — do not reply to the suspicious email itself
  • Establish a clear incident response plan before an incident occurs
  • Monitor outbound email activity, not just inbound

The Role of Your IT Partner

At Newtec Services, our helpdesk team regularly acts as a first line of judgement when businesses are unsure about a suspicious email. But reactive support isn’t enough on its own.

The businesses that weather these attacks best are not necessarily those with the biggest budgets — they’re the ones that had a conversation with their IT partner before an incident, rather than after.

Don’t wait until it’s already sending Talk to our team about email security, incident response, and IT support for Irish businesses. 📞  01 531 3777 🌐  www.newtecservices.ie

Sources & References

  1. FraudSMART / Banking & Payments Federation Ireland — SME scam losses (April 2025)  https://www.fraudsmart.ie/2025/04/10/sme-fraud-campaign/
  2. National Cyber Security Centre Ireland — Phishing Guidance  https://www.ncsc.gov.ie/pdfs/NCSC_Quick_Guide_Phishing.pdf
  3. National Cyber Security Centre Ireland — ECSM Phishing  https://www.ncsc.gov.ie/ecsm20/phishing/
  4. PwC Irish CEO Survey 2024 — via DigitalWell Cybersecurity Landscape  https://digitalwell.com/blogs/cybersecurity-landscape-ireland-and-the-uk/
  5. William Fry — Cyber Threats Facing Ireland’s Critical Services (2026)  https://www.williamfry.com/knowledge/cyber-threats-facing-irelands-critical-services-systems-and-infrastructure/
  6. Loewen IT — Threat Intelligence Ireland & Europe Q1 2026  https://loewenit.ie/blogs/news/threat-intelligence-ireland-europe-q1-2026-briefing
  7. Bright Defense — 200+ Phishing Statistics for 2026  https://www.brightdefense.com/resources/phishing-statistics/
  8. TitanHQ — State of Email Security Report 2025  https://www.titanhq.com/email-security-2025/state-email-security-report-2025/
  9. HLB Ireland — Cyber News Insights July 2024  https://www.hlb.ie/hlb-cyber-news-insights-july-2024/
Related Posts