Recently, one of our clients (let’s call him “Brian”) had his email account hacked. The hacker set up some rules in which “Brian’s” Outlook (Office 365) was to forward any emails with the subject of “Invoice” to him, while deleting the original from his inbox.
If that wasn’t bad enough, the hacker also sent an email on behalf of “Brian” to one of his clients, “Beverly”. The email contained the subject “Invoice” and was asking “Beverly” to send payment to the hackers account. The mistake this hacker made though, was that he was asking for $1100 on this fake invoice; immediately prompting the client to call “Brian”, asking for an explanation.
Shortly after this conversation, Brian contacted us and we began our investigation into the matter. Though we were unsure as to how his password was compromised, we remedied this issue immediately by changing his password to something a bit more complex, as well as setting his account up with two-factor authentication. This process asks for an additional code to be sent to the primary contacts cell phone, confirming that the correct user is accessing this account. Without having this information, the email is not accessible. Additionally, we also enabled an audit trail in Office 365. This allows for any log in attempt to be recorded as well as having the IP source become documented.
We worked with Microsoft support and monitored the email portal, making sure that the account is trouble free.
In the event that a hacker gets hold of your account, there are a few things to know. 1) He has access to all your emails and contacts. This is a huge privacy concern as they can find out who works for/with you. 2) With unbridled access, they can do any number of malicious acts such as sending phony emails to your colleagues, possibly asking for money as was the case with “Beverly”. This act alone can cause cost and embarrassment with your clients once he targets them. The lessons learned are the basics recommendations that we have made in the past:
- Have a complex password
- Change your password regularly (every 90-180 days )
- Do not share your password and use it for other accounts and write on piece of paper
- Use Onepass password management
- Set up two Factors authentications
- Do not open attachments or click on the unknown links
- Make sure to protect your computer with the latest Antivirus, Malware and updates
- Encrypt important emails
- Do not use Public Wi-Fi
- Do not download free software
- Do not surf unknown websites
Protecting your data and eliminating your network security vulnerabilities is our number one goal. For a free network /security analysis, call us at 818-501-2281 or visit our website www.ceocomputers.com.
About Us:
CEO Computers is a Los Angeles IT Support & Cloud Solutions company. Our solutions and services are designed to simplify your IT, protect your data and empower your staff. We are Microsoft silver competency partner. For over 31 years, CEO has assisted many small businesses located in the Los Angeles area in various industries to implement compliance policies, to secure their network and protect their data.