Compromised email accounts

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Compromised email accounts

Over 1 million email accounts get compromised each month. In the past if your email account was compromised it was probably just used for sending spam, if you were a victim, you would just reset your password and forget about it. Nowadays hackers are more sophisticated and are looking for a bigger payoff. Below are several costly actions a hacker might carry out if they gained access to your or a colleague’s email account.

Change of bank account notification for salary payments

The hacker will email the person in your organization responsible for payroll with a change of bank account notification. Since the email is from your actual email account, not a forgery, they will not be able to tell it was sent by the hacker.

Change of bank account notification your customers

The hacker will email your customers with a change of bank account notification. Since the email is from your actual email account, not a forgery, your customers will not be able to tell it was sent by the hacker.

Intercept supplier invoice

The hacker will intercept a legitimate invoice from one of your suppliers and change the bank details to a bank account they control.

Other social engineering

The hacker will email your colleagues with attempts to get a further foothold within your organisation. Either malicious documents infected with malware or phishing to compromise more email accounts.

How can you protect yourself and your organization?

Multi Factor Authentication (MFA)

The best protection is to enforce MFA on all email accounts in your organization. Both Microsoft 365 and Google Workspace have policies you can enable to force everyone to set it up.

Education

Most successful attacks involve human failure at some level. Make sure your staff are aware of the risks, understand how these attacks work, the warning signs, and who to report them to. The UK’s National Cyber Security Center has some free training that is quite good

Processes

Ensure your organization’s, suppliers’, and customers’ processes all include verifying any bank detail change via two independent methods.

Cyber Insurance

Recovering from a cyber incident could be ruinous to many organizations. Consider taking out cyber insurance to make sure you can get back on your feet.

Engage telanova as your IT team and we will advise you on appropriate security strategies for your organization and implement them.

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand