Email security measures

It happens to the best of us: You click on an email that looks ok but isn’t. Or, you don’t pay attention and your security software lapses. Do you know what email security measures to take if something goes wrong?

Here are four email security measures to take if your email has been compromised, based on what our experts at AccuNet see every day.

Change your passwords and credentials

If you suspect you have been hacked or fell victim to a scam, you have to act quickly. One of the first things you should do is to try to contact your email service provider and notify them – especially if the hacker has locked you out of your account. You might have to provide security information.

If, however, you still have access to your account, change your password – and make it secure with more than 10 characters, including numbers, letters, symbols and upper and lowercase letters.

You can also change your security questions and turn on multi-factor authentication.

Let others know you were potentially hacked

You’ll also need to tell others in your contact lists that you were potentially hacked, so they know not to open suspect emails – likely from a hacker.

You might not want to admit you were hacked, but you could help others not fall prey to the same scam.

Monitor your account

In the days and weeks after the hacking attempt, you’ll want to make sure nothing fishy happens with your email – even if you took control of the account and changed your password.

Make sure you are running anti-malware software to watch for viruses, as well.

Also of note: In addition to compromising the account, at AccuNet, we have been seeing phishers set up a series of mail rules in compromised accounts to hide the fact that the account has been compromised from the account’s owner.

These include:

Mail rules to route incoming messages to odd or unused folders, such as the RSS Feeds folder, so the account owner does not see the responses from recipients of the phishing email, which would tip them off their account is sending off suspicious emails.
Additionally, mail rules will be set up to forward incoming messages to external email addresses so the phishers can receive password reset emails and regain access to the account should the account owner change their password or otherwise temporarily remove the phishers’ access to the account.

Therefore, part of the remediation strategy at AccuNet is to always review the mail rules in the account and check for any forwarding settings. Typically, for a Microsoft 365 tenant, we will disable forwarding to external domains to prevent these malicious forwarding rules to work.

Look to the future

Getting hacked happens and it is definitely unpleasant. But it is also and opportunity to make changes that will prevent it in the future, such as: Setting reminders to update your devices, so they have the latest security measures in place; installing additional security software; and, being more cautious about suspicious or phishing emails.