A Birmingham business has admitted losing a huge six-figure sum in a cyber attack that lasted a matter of minutes.
Edgbaston-based construction and facilities management firm Tetra Group fell victim to the hack attack last January.
They have now stepped forward with the region's Police and Crime Commissioner David Jamieson to warn other firms about the dangers posed by cyber crooks.
The firm was hit by a "Dridex infection" in which a corrupted Microsoft Word document was used to dodge existing anti-hacking software.
The attack, which was sent via an innocent looking email, allowed the criminals to make 21 fraudulent payments to mule accounts in a matter of minutes.
The alleged 'Mule Herder' has since been arrested in London pending investigations by the police.
Mr Jamieson visited Tetra Group to speak to director Paul Myers and company PA Maureen Symes who unwittingly opened the virus.
Mr Myers said: "I always thought 'it will never happen to me' but this has totally changed the way I look at things.
"Basically, they unleashed a virus on us and could track our keystrokes and log on to our system. This allowed the criminals access to our bank account. It was just an everyday Word document.
"We opened it up, thinking it was an invoice or something, and it took over everything. We had the latest anti-virus software but that particular virus had only been released that morning and it beat it.
"We've upped our security measures since then and I would urge all businesses to do the same. It's no different to putting an alarm on your house. Don't wait for it to happen to you first."
Ms Symes, who unwittingly opened the Word document, added: "I have worked here for 16 years and I felt a deep personal guilt.
"I was totally devastated. I was left shaking and I felt so guilty, so worried, so stressed. The whole episode really took its toll on everyone concerned. People think cyber crime is faceless and victimless but real people are affected.
"I just kept thinking 'what's going to happen to everyone and their families if this money cannot be retrieved?'"
David Jamieson thanked the firm for what he described as "the very brave step" of coming forward.
He added: "Hopefully, their story and advice will prevent other businesses from also falling victim.
"Crime is changing not falling and it is vital we get to grips with issues such as cyber crime.
"We also shouldn't think of it as a victimless crime because it is not and I hope Paul and Maureen's experiences go some way to proving that."
Mr Jamieson hosted his Annual Business Summit this week that focussed on online theft and fraud.
Reformed fraudster Tony Sales, who was once dubbed Britain's greatest fraudster after he stole £30 million in six years, was also drafted in to deliver the keynote speech.
Shocking figures from the National Fraud Intelligence Bureau reveal that £757,549 was cleared out of the bank accounts of West Midlands-based hacking victims in just three months last year.
And in just one month there were 5,734 hidden computer infections across the West Midlands.