Contact information for Freedom of Information Requests, Post Commanders, and the Webmaster.
Information on Laws & Statutes relating to the Michigan State Police.
AMBER Alert, Michigan Blue Alert, Public Threat Alert, Vulnerable Adult Medical Alert
Information on carrying concealed pistols, permits, renewal, frequently asked questions, pistol free areas, pistol safety training course information, and more.
Freedom of Information Act Requests
Information on Domestic Violence, Fire Safety, Internet Safety, Safety for the Elderly, Safety Tips, Safe Driving, School Safety and Weather Safety.
Vulnerable or Impaired Person Enrollment
Information relating to fire investigations including field office locations, arson tip line ,fire investigation services and fire fighter training information.
Search is currently unavailable. Please try again later.
The web Browser you are currently using is unsupported, and some features of this site may not work as intended. Please update to a modern browser such as Chrome, Firefox or Edge to experience all features Michigan.gov has to offer.
Email communication has become a major part of daily life, especially in professional settings. Being aware of the vulnerabilities that come with using email is essential. Since email has become such a large method of professional communication, cyber threat actors are utilizing email to trick users. A Business Email Compromise (BEC) is a sophisticated cybercrime where bad actors impersonate individuals or intercept communication between parties or entities, to otherwise trick victims into sending money or sensitive data. Often, the bad actor impersonates vendors, clients, or executives to accomplish the compromise. In many cases, the victim doesn’t realize that the bad actor is in place until the money or sensitive data is sent.
BEC has become an increasingly persistent issue. Bad actors have not stopped or slowed down. BEC schemes target individuals or employees within an organization, deceiving them by exploiting a false sense of trust. Once the victim sends or replies to the seemingly trusted email, the real damage starts. FBI IC3.gov statistics show that BEC attacks caused over $2.7 billion in losses in 2024.
Once the bad actors gain access to the network or account, they can move laterally, “live off the land”, wait for a strike, and create chaos. BEC’s can also lead to other cybersecurity attacks, such as ransomware, compromising back up storage solutions, compromising MFA (Multi-factor Authentication), obtaining other credentials, learning trade secrets of the victim, and otherwise preparing for a more damaging attack.
Some of the accessibility and legitimate tools in email can be exploited by bad actors to further their goals. Tools such as email forwarding can be low-hanging fruit usedto keep victims unaware of their actions. Bad actors may create hidden auto forwarding rules and silently monitor email communications. This allows them to learn about their victims and time their fraudulent emails to make them appear more authentic.
There are multiple ways that a subject or entity can better protect themselves. The Michigan Cyber Command Center (MC3) recommends the following:
Performing these recommendations will help fulfill the steps for insurance providers to cover an entity in the event of a cybersecurity incident and loss.
Simply put, BEC’s are not going away. Bad actors will continue to use these types of attacks. BEC’s will become harder to detect and more complex. It’s imperative that we take the necessary steps to protect ourselves. While there are no guarantees you will never fall victim to a BEC attack, taking the necessary steps to better protect yourself and your organization can make such an event less impactful and more recoverable.
August 21, 2025
CS-04-2025
