                                                                                                        
                                                            
@@@@@@@@ @@@@@@@  @@@@@@@@ @@@@@@@   @@@@@@   @@@@@@    
@@!      @@!  @@@ @@!      @@!  @@@ @@!  @@@ !@@        
@!!!:!   @!@!!@!  @!!!:!   @!@!@!@  @!@  !@!  !@@!!     
!!:      !!: :!!  !!:      !!:  !!! !!:  !!!     !:!    
: :: ::   :   : : : :: ::  :: : ::   : :. :  ::.: :

Cybercrime support – Organisations

Fraud attempt or compromised business access?

We support organisations facing fraud, scams, hijacked ad accounts and compromised Microsoft/Google environments. The objective: secure critical access, reconstruct facts and produce reporting usable by third parties.

If the incident is ongoing (transfers in progress, active remote access, pressure from a scammer): use the emergency path first.

Plan an exchange Ongoing emergency

Frequent scenarios

Wire fraud / supplier IBAN change

Urgent transfer requests, fake CEO, vendor bank details changed.

Hijacked ad accounts

Meta Business / Google Ads compromised, budgets consumed, fraudulent ads.

Compromised M365 / Google Workspace

Suspicious forwarding rules, access to mailboxes/drives, data leakage.

DRC@erebos:/cyber-org# scenario — wire, ads, m365

Typical situations in professional environments.

We step in when an incident impacts revenue, reputation, service continuity or compliance.

Wire fraud & fake suppliers

Chronology reconstruction and evidence for bank/insurer procedures.

Fake support on critical workstations

Remote control attempts on finance/executive systems, with access to banking and business tools.

Hijacked advertising accounts

Meta Business Manager or Google Ads takeover, runaway spend, brand impact.

Compromised mail & collaboration

Forwarding rules, unauthorized access to SharePoint/Drive, sensitive document leakage.

E-commerce and customer portals

Account takeover and payment-related attacks impacting trust and turnover.

What we take over for your organisation.

Our role is to regain technical control while supporting financial, regulatory and reputation stakes.

Forensics & timeline reconstruction

Log analysis, attacker actions, exploited weaknesses and usable facts.

Operational securing & recovery steps

Secure critical accounts and guide recovery in acceptable security conditions.

Interface with key stakeholders

Support exchanges with banks, insurers, platforms and (when needed) authorities.

An intervention method adapted to organisations.

We operate as an independent expert firm while keeping business priorities in mind: continuity, executive responsibility, partner relations and compliance.

Step 01

Qualification & impact mapping

Clarify affected scope (systems, accounts, financial flows) and priorities.

Step 02

Containment & operational security

Limit damage, implement immediate controls and preserve evidence.

Step 03

Forensics & executive-ready reporting

Detailed reconstruction with a readable summary and technical annexes.

Step 04

Support procedures & follow-up

Assist requests and prepare post-incident improvements if needed.

Need to speak with an expert (even outside emergencies)?

We operate remotely across France, and on-site mainly in the AURA region and French-speaking Switzerland, for businesses, healthcare organizations, local authorities and regulated professions.

Talk to an expert About the firm →