According to an FBI public service announcement issued in June, there has been a 1,300% increase in losses tied to “business email compromise” since January 2015. Although any company is at risk, these attacks are most likely to target firms that regularly send money overseas or those that have access to sensitive information, such as medical companies, attorneys, and accountants. To date, instances have been reported in all 50 U.S. states and in 100 countries, amounting to a financial impact of $3 billion. Here’s how it works. Each time a traveling executive opens spymail, they reveal a wealth of private information — their current location, the time of day they read their email, the hotel at which they are staying. Scammers can use this information to craft believable phishing emails or phone calls, targeting the executive or their unsuspecting colleagues back at the home office. Because spymail looks like any other email, the receiver is unable to determine which emails are tracked with the invisible extension, making cybersecurity on the road much more difficult to manage. Get the full story at Harvard Business Review