Before she was even aware of it, she was receiving angry phone calls from people in her address book. They had clicked on the link in her email, apparently. “What email?” The realisation gradually dawns…
She had been the victim of an email hack. The hackers were using her email address to send dodgy emails with dangerous content to all the people in her email contact list. Luckily, Georgina knew of a local IT support company, so she called Netstar. What could she do? This was affecting her business and her company’s reputation.
It seemed catastrophic at the time for the business involved (let’s call them company X)– with no idea of the scope of the problem or what to do about it. Unfortunately, this type of email hack is all too common an occurrence.
What had actually happened was Georgina had received an email from one of her contacts and, without questioning it, had clicked on the link.
The weakest link
This kind of cyber-attack is the gift that keeps on giving for hackers. It lives on those momentary dips in concentration and those sneaky little moments of temptation. You can’t resist opening the attachment or clicking on the link. Even though, in the back of your mind, you know there is something not quite right about it.
And then it’s off; spreading through a whole new address book of contacts…
The best way to avoid this problem is to learn to listen to the voice in the back of your mind that is telling you not to click. Curiosity might have killed the cat, but don’t let it hack your email account too!
Netstar helps our customers learn to listen to that voice of reason through Security Awareness Training. The programme consists of online learning with a short knowledge test at the end. After a user has completed the training staff members will receive ongoing spoof emails. If they do click on one of the links, they are directed to some additional online learning material about how to avoid an email hack.
Our account managers also provide guidance and help our clients by showing them where risk lies. By knowing who has clicked on spoof emails you can see who is more likely to fall for an attempted hack and therefore needs further assistance learning how to spot them.
When Georgina came to us she had unfortunately already clicked on a real bad link; had she gone through Security Awareness Training, this could have potentially been avoided. At that moment, company X needed more immediate help, luckily Netstar was on hand to help out.
What did Netstar do to help?
When our team stepped in to help, the first thing we were concerned about was determining how much of the company’s email accounts, online accounts, applications, network and hardware were compromised.
We updated the security software, ran security scans and ascertained the scope of the problem. We were able to remove malware from infected computers and set up a regular scanning process with reporting, so checks were in place to alert us about any subsequent threats.
Next, we worked with the affected users to ensure their email accounts were usable and secure again. This included changing all passwords and introducing a more secure access control based on two-factor authentication. We also suggested to users that they change their passwords on any other accounts or websites where they used the same password – and refrained from doubling up on password use in future!
To help with this, we recommended a secure password vault application to help users throughout the business generate and use secure passwords and ensure good password management.
Finally, and most importantly, we began a long-term IT support and advisory relationship with company X to help them educate their staff about the dangers of phishing, spear phishing and other types of hacking.
How can you make sure it doesn’t happen to you?
There is nothing to be ashamed of if you do fall victim to an email hacking or phishing attack.
The important thing to do is to act quickly and reach out for help to secure your accounts and remove any malware or viruses.
Contact your IT Support partner to do this for you if you don’t know how.
Teach staff members to be alert to the signs of a compromised computer, website or email account.
The signs can include:
- sudden drops in computer performance
- disabled security software
- programmes or browser add-ons you didn’t install appearing on your system
- random shutdowns or restarts
- sent messages you didn’t send
- suddenly being locked out of your accounts
If you do notice any of these symptoms, it is important to act quickly to identify the threat. The symptoms can occur as a result of other factors, such as ageing hardware. It is important to investigate quickly so that if your systems have been compromised, you can minimise the damage.
Businesses can trip up when they fail to take the threat seriously; don’t let yours be one of them.
And what about company X?
They ramped up their security and staff training and are now less likely to fall victim to such an attack again. They also took the opportunity to reach out to their customers to explain, raising awareness of the risks of email hacking.
Now a Netstar client, they benefit from our IT Support services. Through our proactive approach we also help prevent and mitigate any future problems, as well as support their business growth.
How can I find out more?
To learn more about email best practice and proactive security measures and training, get in touch with us today to start a conversation.
Your checklist for choosing an IT Support partner
Ensure you’re asking the right questions to find the right IT partner for your business.
Not all IT support companies are the same. If you want to find one that’s proactive and works to improve productivity in your business whilst reducing risk, you need to ask the right questions.
Download this checklist and ensure you partner with a company that will add value.