Ok, so as a Business owner or CEO, you don’t expect to come back off holiday to find you’re £24,000 out of pocket right? What a way to head back down to reality with a crash. Unfortunately, this tale of woe has happened very recently to one of our new clients. Whilst abroad, hackers who have been monitoring his emails for a while, swooped in to change the payment details to one of his main suppliers. His staff didn’t notice the switch, and voila, the hackers were suddenly £12k richer.
Our client on the other hand still had to pay his supplier which meant he finished his holiday £24k down. Not cool. Which is why he got in contact with us to ensure he was protected for the future.
Email hacking can be highly lucrative, and when done right (or wrong, whichever way you look at it), hackers can change your passwords, access your bank accounts and pretty much take control of any apps or sensitive data in your files.
Prevention is better than dealing with the aftermath, so what can you put in place to ensure you never end up in the same shoes?
- Multi-factor authentication
Every time you log in to your email or any other system, you can confirm it’s you via another device. Usually done on a mobile phone by receiving a code, it’s straightforward, quick and increases your security.
- Monitoring for unauthorised email forwarders
Some hackers are in it for the long game. Once receiving access to your email, they sit and wait for days, weeks or even months waiting for the best opportunity. They can set up unauthorised email forwarders to monitor anything going out; it doesn’t even need to be a senior staff members, it’s amazing how much we can give away in our day to day emails.
- Email back-up
Unless specifically bought, your emails are not backed up and therefore not protected. Proper back up ensures your IT company has a number of options in the event of an email hack attack including a complete reboot without losing any crucial emails.
- AI email screening
If you’ve been emailing a guy called Jon, and one day they sign off their email using their full name of Jonathan, this may seem insignificant to you but AI will pick up this sudden small change and investigate further. It’s sometimes the smallest details which can be a giveaway.
- Improved security endpoints
Sounds like IT jargon, and it is (our bad!) but basically this means that every single computer you use to access emails is locked down and protected. From enhanced security to encrypted data and even preventing any usb devices from working when plugged in.
- Office 365 advanced threat protection
You absolutely need this. It’s robust Microsoft protection working for you behind the scenes. Your IT company should know the correct way to implement it for your specific setup
- Awareness training
The last line of defence is you and your staff. By ensuring everyone is trained up to spot the signs, stay protected and to question any thing which may arouse even the slightest of suspicions.
- Business process culture
Follow processes to the letter, particularly when it comes to things like approving payments, cutting a corner (even a very small one) is when a fraudster can jump straight in and do their worst.
If you fancy a chat on how to ensure you’re fully covered against the evils of hackers, then we’re here to answer your questions and put a plan or system in place for you. Give us a bell, drop us an email or send us an instant message (you can find the icon on the bottom corner of the screen). Better safe than sorry right?