Impersonation is a commonly-used scamming technique where hackers gain access to a business’s or individual’s email account and use the account, or information found within the account’s emails, to steal money from the owner. Sometimes this takes the form of impersonating the account owner by sending emails to financial institutions and organising money transfers into the hacker’s account. Sometimes the hacker intercepts invoices a business sends to its clients and changes the payment details to their own account. These scenarios may sound unbelievable but they are really happening to businesses in the Shoalhaven.
One technique hackers use once they have gained unauthorised access to an email account is to quietly set up auto-forwarding rules that trigger on specific keywords like ‘payment’ or ‘invoice’ and send any relevant emails on to the hacker. The hacker then sits back and waits for the opportunity to use this information for their own gain.
Microsoft recently rolled out a security patch for MS 365 in an attempt to block this sort of attack. The Microsoft update blocks all forwarding of emails to external email addresses. If you use MS 365 and have been frustrated recently trying to forward a message to an external contact because it just won’t work, the good news is that it’s not actually ‘broken’, but is in fact a ‘fix’!
If the ability to forward emails to external parties is the functionality you need, talk to us about what can be done to allow this without compromising your account security.
In the meantime, there are a number of security actions to take, no matter what email client you use, to check the security of your account and make sure you don’t have any uninvited parties watching your business correspondence:
In your email client, go into the settings and look for the auto-forwarding rules section. Make sure there are no forwarding rules set up that you don’t recognise.
In your Google or Microsoft account go into the security section and check how many devices your user is signed in on. If there are devices you don’t recognise delete/sign out of them:
- Google - https://myaccount.google.com/security-checkup
- Microsoft - https://support.microsoft.com/en-us/account-billing/check-the-recent-sign-in-activity-for-your-microsoft-account
Turn on two-factor authentication. With 2FA turned on it is next to impossible for a stranger to gain access to your account. Rather than just relying on a password, login requires a password plus a code from a device like your phone. Remember though, when turning on two-factor authentication, setting up backup methods is critical. Read why here.
Check out IT Basecamp's subsidiary Cyber Heroes for further support assessing your company's cybercrime vulnerabilities.