Cyber Tales: The $50,000 Conversation That Never Happened

A gut check too late

Days later, something nagged at Tyler. He still hadn’t received the invoice Julie promised. He followed up by email. No reply. An internet search for Sherwood Solutions revealed nothing.

No website. No business registry. No Julie.

Tyler walked to Harald’s office with a sinking feeling. He laid it out. The reply was fast and sharp:

“I never had that conversation.”

Tyler had never seen Harald so angry. And not at him.

“I was furious that someone would take advantage of my team like this,” Harald later said. “They used our success against us. And they used me to do it.”

The scammers had faked a thread, copied company tone, and made the message land by playing on urgency and trust—to the tune of $50,000.

Calling in the Hackbusters

Harald contacted his broker. BOXX got involved within hours. Jack Brooks, Head of BOXX Hackbusters, led the response.

“This wasn’t a breach of tech. It was a breach of trust,” Jack explained. “They didn’t need to crack a password or hack a firewall. They hacked Tyler’s instincts. That’s social engineering.”

He continued, “Traditionally, a social engineering attack manipulates people into giving up access. Now, with AI, scammers can do it faster and smarter. AI can generate convincing emails, mimic voices, even create deepfake videos that look and sound real. These tools let criminals tailor scams to each person, making them harder to detect.”

There were no viruses. No compromised systems. Just an email that looked close enough to real, seemingly endorsed by the CEO—and a payment that didn’t raise alarms until it was too late.

What changed? A lot.

Jack worked with Benson PR to lock down processes:

• Payment thresholds were lowered. Any new vendor payments or change of vendor details over $10,000 now needed two sets of eyes or internal calls.
• Mandatory monthly awareness training and phishing simulations for all staff, including leadership
• All new vendors go through verified onboarding. No exceptions.
• Quarterly cyber lunch-and-learns are now part of the calendar.

At the first lunch-and-learn, Tyler stood up and shared what happened.

“I’m a numbers guy,” he said. “I respect process and policy. What really messes with me is how out of character it was for me to authorize that. It’s like the scammer—or the chatbot they were using—knew how to push just the right buttons. I know better. But I still got duped.”

Recognizing how stressed and ashamed Tyler felt after the attack, Harald stepped in and offered his support.

“Tyler’s one of our sharpest. If it happened to him, it could happen to anyone. We need to treat this like a company-wide blind spot, not one person’s error. I’m the CEO — it’s my job to make sure we have the right policies in place.”

The bigger picture

Benson PR isn’t alone. Jack has seen this scam before. Sometimes it’s a fake invoice from a “CEO.” Other times, it’s a vendor name that’s one letter off. But the tactic is always the same: build trust, create urgency, get paid.

“These criminals aren’t guessing. They’re watching your posts, tracking your org chart, and crafting a pitch that sounds just like you,” said Jack.

Smarter storytellers

Harald isn’t posting less. But he’s changed essential policies and introduced simple processes that apply to everyone at Benson PR. There are no exceptions to procedure for payment—not even for CEOs.

“We still tell our story. That hasn’t changed. But now, we’ve got rules in place so we don’t pay the price for doing it well.”

Jack’s parting advice to Harald and Tyler was simple: Trust but verify.

“It’s not about being suspicious of everything—it’s about slowing down, asking questions, and verifying before you act. A little polite skepticism goes a long way.”

This was a wake-up call for Benson PR—and fortunately, one they could recover from. The right insurance, the right response team, and the right mindset helped turn a tough lesson into a stronger, smarter organization.

Cyberboxx Business 5.0 is the latest version of BOXX’s flagship ALL IN ONE Cyber Insurance & Protection product, making it easier than ever for brokers to provide complete cyber protection for their business clients.

Interested in more real-life cyber stories?
Sign-up for the BOXX Newsletter today.

Join over 5,000+ others that receive our newsletter updates. Filled with expert advice and product announcements to help prevent a cyber incident. Get insider access to news around BOXX innovations, cyber tips and case studies that allow you to stay up to date on all things cyber.