News

Cyber Security Update: Compromised Email & Phishing Attacks

As a part of Rawson Verco Need’s regular cyber security updates, we’ve put together some info on how to identify and respond to some common threats you find online.

Phishing: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

The first in the series is on Phishing Attacks. Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information or to deploy malicious software on the victim’s infrastructure like ransomware.

Cyber Security Update: Compromised Email & Phishing Attacks

First off, it’s important to understand that your online accounts are only as safe as the passwords you use to protect them. This is where a strong password system like the Password Cocktail method we recommend, comes in handy. We also need to be careful about where and when you use your passwords to log into your accounts.

In the event of a compromised password, here’s what to look out for:

  • Email notifications of unusual access to your account
  • Being locked out or asked to provide more ID information when you log in
  • Unusual activity on your account (eg: unusual posts to your Facebook page, messages to people you do not know, strange bank numbers or transfers, etc)
  • Your password no longer works
  • Your email has changed
  • You get notified of email, password, access location, or identity information changing
  • Friends and family asking you about things you’ve supposedly been posting or sharing online.
  • You begin to receive emails from services you don’t use.

Recommended Responses

1. Shut the gate.

Shutting the gate on compromised online accounts gets you back in control of your money, media and identity sooner. It’s the crucial first step in thwarting an active phishing attempt on your accounts.

Step 1:
Change your password. All sites have a reset or forgot password button. You just need your email address. If your email address has been compromised, use the alternate email address you provided when signing up, your phone number, or contact ICT Support.

Step 2:
Enable Multi Factor Authentication or Two Factor Authentication for your account immediately, so that if your new password is compromised by an outside attacker, they’re prevented from easy access.

Step 3:
Use your recovery email address or alternate account to regain access, and report the breach to the site directly.

Step 4:
Ensure all other staff close their email programs including on smart phones, and avoid accessing and using email until authorised to do so by your Security professional.

2. Let others know.

The sooner you can help contain the outbreak, the safer you and your colleagues, friends and family will be. They may also have pertinent information on the unusual activity on your account.

3. Check up.

Your account may be safe in your hands once more, but you need to know how they got access and what of your data is in their hands.

  • Check your sent items and default mail folders in email to see if there’s anything you don’t expect, such as emails that have been forwarded on to unknown recipients
  • Check your bank accounts for transfers between internal or external accounts.
  • Check your social media posts, tweets, messages and content for signs of activity you don’t recognise

 

This article is a simplified extract from our Black Book Cyber Security program. Designed to reduce cyber data risk, The Black Book helps to elevate the security and resilience of your business. Our aim is to help you safely engage with the world of technology and maintain ownership of your evermore valuable information.

If you are interested in hearing more about the Black Book program, please contact our office and one of our cyber security team members will arrange a free consultation.