This could happen to you
You regularly handle proprietary financial information for your organization. Investors, clients, and potential partnerships trust your word and advice which you often communicate via email. You’ve recently started noticing something a bit fishy with your emails but nothing seems too concerning. Then you start to catch a couple more red flags including missing or deleted emails that you did not delete and your mailbox is getting blocked from sending email.
The next day, you receive two emails from external sources questioning why you were asking for obscure amounts of money via wire transfers. You know it wasn’t you that requested this money but you see your email address linked to the question. Have you been hacked? How did they insert themselves into your emails without being noticed? What if my external source did not bother to verify my credentials and just went and did what my hacker requested? Who knows what else has been sent? Now you’ve lost trust from your clients, several nights of sleep, and potentially have an expensive mess to clean up. Could your business survive?
A Common Hack
The hack described above is one we are seeing more recently and more often. A hacker will obtain your email credentials and create a series of rules in your mailbox that will allow them to perform malicious activities behind the scenes without you noticing that they are there. They could do things such as send out mass communications on your behalf, create rules so certain types of replies automatically move to your deleted folder or even a non-existent folder, and even trigger other events that allow the hacker to gain traction throughout your entire organization. To mitigate and limit damage from this type of compromise, we recommend implementing the following strategies:
Mitigation strategies
- Enable two-factor authentication – By creating two-factor authentication, you strengthen your security so only the owner of the authentication token and password can log into your account.
- Disable forwarding rules – This strategy prevents compromised accounts from forwarding outside emails automatically.
- Strengthen your password policy – Static passwords are easier to crack. Threats to email accounts are lessened if passwords go through more frequent rotations and complex passwords are required.
- Educate employees to conduct periodic reviews of mail rules –This empowers employees to be aware of their own settings and improves their ability to recognize if their account has been compromised.
- Regularly train employees on cybersecurity awareness – End users are your biggest vulnerability. Providing regular awareness training will ensure that cybersecurity is always top of mind and will arm them with the knowledge needed to prevent and stop attacks.
- Use Advanced Threat Protection – Protect your organization against sophisticated threats by automatically investigating and remediating detected attacks.
- Upgrade to E5 Licensing – This Office365 feature provides behavior analysis alerting and automatic actions. Those range from automatic account lockouts and forced re-authentication to email and geo-location login alerts. E5 licensing is recommended for high risk employees such as executive team members, those involved in finance, executive assistants, or influencers in financial transactions.
Reduce Your Risk from Cyber Threats
The threat to your business from data breaches is not going away. Whether through your email or a weak point in your network, hackers will find any vulnerability and try to exploit it. While layered tools are a necessity, the best defense is you. You can have three locks on your doors, a security camera, and guard dog but you can still open the door and invite a thief in if they ring your doorbell. If you click on a phishing email, you are allowing malicious activity into your network. There are so many ways that hackers can work behind the scenes without you even knowing they are there. The only way to reduce your cyber threat risk is to utilize a combination of tools and employee awareness training as described above.