Get in touch

Email Hacking Is Still The Easiest Way In

Email Hacking Is Still The Easiest Way In

Humans thrive on ease. If you want a way in, look for the open door.

And for hackers, that often means email.

So far in 2021, tens of thousands of email servers using Microsoft’s Exchange Server software have been hacked. According to Microsoft, hackers gained access to email accounts, and used malware to create an open pathway for later use.

What does yours look like?

Take two minutes and do this experiment. Open up your email programs and take a look inside. Notice all the emails sitting there waiting for you. Observe who and where they come from. Note where you file them, and how many emails you have stored. What content exists?

Chances are you have emails from banks and financial institutions. Emails with your signature announcing your job title. Emails with invoices sharing what you purchased. Content revealing personal information. Reset password emails giving lots of information. Travel itineraries showing when you’ll be away from home. A contact list acknowledging your connections.

What if someone could read that like a book, pick and choose the data they want to save, and keep it safe in a file forever? Would that make you nervous?

Email scams are getting better

Many people think that scam emails are run by individuals sitting alone at home on the other side of the world. Not true. They are more sophisticated than ever, often run by large operations.

Even so, original email scams are still raking in money. Remember the “Nigerian prince” email scams from long ago? They still bring in hundreds of thousands of dollars a year to hackers.

Why mess with success?

Email is used more than any other form of communication. You can scrape websites and gain access to email addresses far easier than phone numbers. And for pennies on the dollar, bulk email services will deliver thousands of emails at a time.

Have I been hacked?

How do you know if you’ve been hacked? There are a few signs you can watch for.

Your login and your password are denied - if you have an account you use regularly, and it’s suddenly not available to you, it could be someone has taken over your account.

You receive password reset notifications - there’s a reason companies send you out notification of password reset features. Be sure you keep your email addresses up to date on all of your accounts.

You notice outgoing emails in your sent folder - when is the last time you glanced at your sent folder? Do it regularly and make sure they are all coming from you.

You can also check your login history occasionally and see where your email program is being accessed from. If you notice unknown IP addresses, or browser use from cities you’ve never visited, it’s a clear indication of a problem.

What do I do next?

Your first step is to change your passwords the moment you suspect you’ve been hacked. If you can’t do it from a browser window because you’ve lost access, contact customer service as soon as possible.

Add in safety features wherever you can. Two-factor authentication should be activated on all of your accounts. It adds an extra layer of protection, especially on critical accounts such as banks and financial institutions.

Track all of your accounts and update and verify regularly. Do they have your proper recovery information? If something looks off, or you see email addresses or phone numbers you don’t recognize, change the info immediately.

If one account is hacked, assume they all are. Use this time to check in with each account, change passwords and make them more difficult to crack, and consider beefing up security where you can. Clean up your devices and make sure malware isn’t sitting there, waiting.

Whatever method you use to secure and protect email, be sure you’re constantly encouraging those around you to do it too. Education is everything.

For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.