Business email addresses are far more than just their inboxes. Not only do they provide a vital way of keeping in touch, but they’re also used to verify online identities and store a wealth of data ranging from proprietary company information to confidential letters and attachments. That’s why they’re a favorite target for hackers and social engineering scammers.
Despite all the attention that’s being given to phishing attacks and other threats, email is still the number one attack vector. Cybercriminals routinely use compromised email accounts not just for gaining direct access to sensitive information, but also for conducting targeted phishing scams while masquerading as the legitimate owner of the account.
Here are some of the most common signs your email might have been compromised:
1. You’ve been locked out of the account
Easily the most obvious sign your account has been compromised is when you’re no longer able to log in, because someone has changed the password. The easiest and most common way for attackers to lock you out of your account is via a long-forgotten recovery account that they previously gained access to. In this case, you should try every possible account recovery method provided, immediately change your recovery address, and update all your passwords.
2. There are unrecognized logins in your account history
Attackers often try to cover their tracks by deliberately not changing the password or recovery information so that they can continue viewing your emails without your knowledge. However, if you see any unfamiliar login attempts in your activity history, the account may have been hacked. You can check for unfamiliar logins by date, location, and device. However, keep in mind that if you’re using a virtual private network, the recorded location may differ from the actual one.
3. You’re receiving complaints from contacts
Cybercriminals often use compromised email accounts to conduct targeted phishing attacks. For example, someone might receive an email from someone they know, yet it includes some strange links or attachments that were unexpected.
If one of your contacts reports receiving an unusual email from your address, you should go through your sent folder to find the culprits and take every necessary step to secure your account. This includes resetting the password and all recovery information.
Finally, make sure to alert your contacts, especially those you’re regularly in touch with, to warn them of suspicious emails being sent from your account.
4. There are unfamiliar emails in the sent folder
It’s always good practice to regularly check your sent emails folder to see if there’s anything unusual. Many business email account owners have set up autoresponders, so be sure to look at automated replies and scheduled emails before concluding your account has been hacked.
However, be aware that attackers often hide their activities by deleting sent messages, so check the trash folder as well. If there’s nothing there, yet you don’t remember emptying it recently, your account may have been hacked. Again, whenever you’re in doubt about the security of your email account, reset your login credentials as soon as possible.
5. You keep getting unexpected password reset emails
The typical email address is linked with dozens, if not hundreds, of other online accounts, so you should always check if other accounts have been affected too. If you’ve received account recovery or password reset emails, it may not indicate that the email account itself has been compromised, but it does prove someone’s been trying to get into an account it is linked to.
If this is the case, update your login credentials and enable multifactor authentication. This protects your email account by requiring another set of login credentials, usually in the form of temporary SMS codes or one-time security keys generated by an authenticator app.
Cutting Edge Network Technologies provides comprehensive network protection with robust email encryption, intrusion detection tools, mobile device protection, and more. Call us today to get your complimentary IT consultation.