Microsoft 365 update protects against hackers banner

Microsoft 365 update protects against hackers

Mar 30, 2021 Tech blog

Impersonation is a commonly-used scamming technique where hackers gain access to a business’s or individual’s email account and use the account, or information found within the account’s emails, to steal money from the owner. Sometimes this takes the form of impersonating the account owner by sending emails to financial institutions and organising money transfers into the hacker’s account. Sometimes the hacker intercepts invoices a business sends to its clients and changes the payment details to their own account. These scenarios may sound unbelievable but they are really happening to businesses in the Shoalhaven.

One technique hackers use once they have gained unauthorised access to an email account is to quietly set up auto-forwarding rules that trigger on specific keywords like ‘payment’ or ‘invoice’ and send any relevant emails on to the hacker. The hacker then sits back and waits for the opportunity to use this information for their own gain.

Microsoft recently rolled out a security patch for MS 365 in an attempt to block this sort of attack. The Microsoft update blocks all forwarding of emails to external email addresses. If you use MS 365 and have been frustrated recently trying to forward a message to an external contact because it just won’t work, the good news is that it’s not actually ‘broken’, but is in fact a ‘fix’!

If the ability to forward emails to external parties is the functionality you need, talk to us about what can be done to allow this without compromising your account security.

Do this to check if hackers are monitoring your email account ...

In the meantime, there are a number of security actions to take, no matter what email client you use, to check the security of your account and make sure you don’t have any uninvited parties watching your business correspondence:

Help me with my email security