So, You Think Your Email’s Been Hacked?
Protecting information has become harder than ever. Systematic and sophisticated attempts to gain access to personal and business information has become more prevalent than ever. Network infections can spread through these compromised accounts. Through brute force attacks or phishing, these criminals attack people and businesses worldwide.
Identifying Suspicious Activity
If you fall victim, you may not even realize your account has been compromised. Your co-worker may walk up to you and say you sent out a strange email. A client may respond to an email you do not recall sending. Your mail may stop coming into your inbox, you may be receiving strange emails from people you do not even know. Your sent items might be filled with messages you never typed.
Perhaps you are the co-worker who received a strange email, the email may be misspelled, or out of the context of their normal job duties. Everything may look legitimate, their signature could be perfect, but something is out of place. Why is someone in HR asking for an invoice payment? In the next office over, your co-worker also received the email.
Something fishy is going on.
What do you do now?
Stop. Don’t Panic.
Alert your manager and follow any of your in-house incident response plans. Then, pick up the phone, call your IT department or who ever is responsible for managing your email.
The sooner you act, the better.
If you have identified suspicious activity or confirmed your account has been compromised, then here are steps to secure your account and stop further spread. Here are some steps to take in case your account has been compromised.
- Removal of Mail Rules & Password Reset
- Mail rules are often placed on compromised accounts to forward any mail on to the cybercriminals. Removing the rules helps ensure that confidential information is not being read by unintended recipients. Remove any suspicious or malicious rules that have been applied to your account.
- Reset your password. If cyber criminals have a hold of your credentials, the password must be changed to deny access.
- Notify Contacts
- Cybercriminals will leverage your address book to send out malicious emails. People are more likely to click on attachments or URLs if sent from someone they know. Help stop the spread by notifying anyone in your address book so they delete any malicious messages before causing harm.
- Run Anti-Virus/Malware Scan
- If you do not know how the cybercriminals found your password, run a scan on your computer. Malware can hitchhike in many forms onto your computer. If anything is found, change your passwords again!
Here are a few other steps and areas to review after a security breach.
- Change Other Passwords
- If you used the same or similar password on any other accounts go change them immediately. If your company password is the same you use for your bank, then the cybercriminals can log into your account. Cybercriminals will go to popular websites and enter your email address and password to attempt to login to purchase products or steal additional information.
- Use a Password Manager
- Coming up with and remembering secure and complex passwords can be difficult. Using a password manager can help you stay secure and eliminate the need for you to have to remember your password.
- Learn to Spot Suspicious Emails
- The best time to stop an attack is before it even begins. Learn to spot suspicious emails before they can do damage. We have put together a guide on how to spot phishing attacks. Read our article here: Avoid Getting Hooked! How to Identify Phishing Attacks!
- Enable Multi-Factor Authentication
- Multi-factor authentication (MFA) or 2-factor authentication (2FA) is the best way to secure your account. MFA secured accounts require more than one way to log in. This makes it harder for cybercriminals to get access to your account – even if they have your credentials. The most common form of MFA is with a one-time password. After you set it up, this password is sent via text, email, or by an authenticator app when you log into your account for the first time.
- Mail Filtering
- A mail filter does not just remove annoying emails, mail filtering will also identify and stop malicious emails. Malicious emails are becoming more sophisticated, by spoofing legitimate addresses and appearing extremely professional. Mail filtering double-checks the legitimacy of where the email came from based on IP addresses and mail records. If things do not match up, the mail is quarantined or rejected.
- Advanced Anti-Virus
- Using an advanced anti-virus is one of the most effective ways to stop attacks. Advanced anti-viruses will detect and stop attacks from occurring.
A compromised account is a serious event. Personal, private, and confidential business information can be distributed and held hostage by cybercriminals. Proper security software, responding quickly, and using safe practices will minimize the damage if an event occurs.
If you ever have any doubt about your security, whether (or not) if you’re compromised, or if you are not sure what to do, reach out to us.
If you’d like to set up a discussion around any of these items, talk about other ways to help prevent attacks, or improve your security, please e-mail firstname.lastname@example.org or call us at 1-877-843-9611.