Email accounts are a prime target for cybercriminals. Not only does your email account provide access to all sorts of personal information, but can often hold the key to unlocking access to your entire business.
As part of the ACSC's Cyber Security Awareness months' sub-theme "is your email secure?", we're encouraging our network to proactively review their email account's security settings to help prevent compromise.
Access to your email account provides cybercriminals with the opportunity to steal sensitive personal and business information in order to commit fraud, apply forwarding rules and/or send and reply to emails pretending to be you.
Emails being sent to and from business accounts in order to commit fraudulent activities (such as intercepting financial transactions and invoices to redirect payments) is referred to as business email compromise (BEC).
Whether it's a personal or business email account, the responsibility sits with each one of us to ensure our accounts are safe. Here are 7 steps to ensure your email remains secure and your account recovery process has been established if the worst should happen.
7 steps to ensure your email is secure
A comprehensive step-by-step guide, with detailed screenshots of how to complete each of these 7 steps in your outlook can be found here.
Please note that the below steps relate specifically to Outlook email accounts and steps to review your Gmail email account security differ slightly.
1. Change your Password
While cyber security experts recommend changing your password every 45 to 90 days, the first and one of the most crucial steps if you suspect a cybercriminal has access to your account is to change your password immediately, in order to disrupt their access and regain control over your email account.
2. Update your account recovery details
A recovery email address and/or phone number helps protect your email account by confirming your identity if your account is compromised, and is used as a secondary contact method if unusual activity is detected. Reviewing and updating these details within your account on a regular basis is a critical step to ensure your account is secure and accessible if action is required.
3. Sign out of all other sessions
If your account has been breached, Cybercriminals may be logged in to your email after you have signed in. By signing out of all sessions, you will disrupt a cybercriminal’s access and regain control over your email account.
4. Enable Multi-Factor Authentication
Turning on multi-factor authentication is the most important defence against cybercriminals gaining access to your email account. Multi-factor authentication makes it harder for cybercriminals to gain access to your email account by making them guess multiple pieces of information rather than one (such as a password and a constantly changing PIN).
5. Check account mail settings
Cybercriminals will sometimes set up ‘forwarding rules’ to send themselves a copy of emails coming into or leaving your email account. You should check your email account to see if cybercriminals have set up forwarding rules and delete any you don’t recognise.
6. Check third-party application access
Have you ever linked your account to a third-party service? Many websites and applications can use this method to avoid having to create a new user account. However, the connection this creates between your email account and the website/application is a common way for hackers to gain access to your email account. Check if there are any apps or services that have access to your account and remove any that you don’t recognise or no longer require.
7. Check login activity
Regularly review your login activity to check if your email account has been accessed at unusual times or from unusual locations.
What to do if you think you've been hacked
1. Report the incident - to the Australian Cyber Security Centre (ACSC) through ReportCyber, your internal IT department and, if applicable, your financial institution as soon as possible.
2. Check your account security - using the above 7 steps, reviewing your account security will help disrupt cybercriminals in your account, regain control, and help prevent you from getting hacked in the future.
3. Notify contacts and relevant third parties - such as customers, colleagues, suppliers, family and friends to help them recognise any suspicious or fraudulent emails coming from your address.
4. Send a takedown request - If someone is using a domain name to impersonate you for malicious purposes (known as domain spoofing), you can request that the register of the domain takes the domain down by following these steps.
5. Contact the email provider - If someone is using a common email provider (such as Gmail) to impersonate you, this is known as display name spoofing. You can report fraudulent email usage to the relevant email service provider.
How can Diamond IT help?
If you want to educate your employees on how to create and maintain secure passwords, our staff education programs and policy and procedure reviews can help. Our Business Technology Consultants are specialists in improving your internal cyber security. We offer a range of security solutions to ensure your employees and business remains secure, including:
- Multi-Factor Authentication
- Diamond Management Systems and Patching
- Cyber Security Awareness Training
- Cyber and Data Breach Consulting and Forensic Analysis
- Disaster Recovery (DR) Planning
If you need advice on how you can ensure your cyber security strategy is fit for purpose, our team of cyber security experts are ready to help. Contact our team on 1300 307 907 today.